{ pkgs, ... }:

{
  virtualisation.docker.enable = true;

  systemd.services.drone-runner = {
    description = "Drone Server (CI CD Service)";
    after = [ "network.target" ];
    wantedBy = [ "multi-user.target" ];
    path = [ pkgs.docker ];

    serviceConfig = {
      # Type = "simple";
      Name = "drone-runner";
      User = "drone-server";
      Group = "drone-server";
      Restart = "always";
      ExecStartPre= ''
        -${pkgs.docker}/bin/docker stop %n \
        -${pkgs.docker}/bin/docker rm %n \
        ${pkgs.docker}/bin/docker pull drone/drone:1
      '';
      ExecStart= ''
        ${pkgs.docker}/bin/docker run --rm --name %n \
        --volume=/var/run/docker.sock:/var/run/docker.sock \
        --env=DRONE_RPC_PROTO=https \
        --env=DRONE_RPC_HOST=drone.cloonar.com \
        --env=DRONE_RPC_SECRET=super-duper-secret \
        --env=DRONE_RUNNER_CAPACITY=2 \
        drone/drone-runner-docker:1
      '';
    };
  };
}