{ lib
, stdenv
, buildGoModule
, fetchurl
, makeWrapper
, git
, bash
, coreutils
, gitea
, gzip
, openssh
, pam
, sqliteSupport ? true
, pamSupport ? true
, runCommand
, brotli
, xorg
, nixosTests
}:

buildGoModule rec {
  pname = "sysbox";
  version = "0.6.2";

  # not fetching directly from the git repo, because that lacks several vendor files for the web UI
  src = fetchurl {
    url = "https://github.com/nestybox/sysbox/archive/refs/tags/v${version}.tar.gz";
    hash = "sha256-v1nfAZbh9vCAvi07c5oAPKcR7J7b1+Tn4odHK68nCyU=";
  };

  vendorHash = null;

  # subPackages = [ "." ];

  nativeBuildInputs = [ makeWrapper ];

  # buildInputs = lib.optional pamSupport pam;

  # tags = lib.optional pamSupport "pam"
  #   ++ lib.optionals sqliteSupport [ "sqlite" "sqlite_unlock_notify" ];

  # ldflags = [
  #   "-s"
  #   "-w"
  #   "-X main.Version=${version}"
  #   "-X 'main.Tags=${lib.concatStringsSep " " tags}'"
  # ];

  outputs = [ "out" ];

  postInstall = ''
    mkdir -p $out
    # cp -R ./options/locale $out/locale

    wrapProgram $out/bin/gitea \
      --prefix PATH : ${lib.makeBinPath [ ]}
  '';

  # passthru = {
  #   data-compressed = runCommand "gitea-data-compressed" {
  #     nativeBuildInputs = [ brotli xorg.lndir ];
  #   } ''
  #     mkdir $out
  #     lndir ${gitea.data}/ $out/
  #
  #     # Create static gzip and brotli files
  #     find -L $out -type f -regextype posix-extended -iregex '.*\.(css|html|js|svg|ttf|txt)' \
  #       -exec gzip --best --keep --force {} ';' \
  #       -exec brotli --best --keep --no-copy-stat {} ';'
  #   '';
  #
  #   tests = nixosTests.gitea;
  # };

  meta = with lib; {
    description = "Improves container isolation";
    homepage = "https://github.com/nestybox/sysbox";
    license = licenses.asl20;
    broken = stdenv.isDarwin;
    mainProgram = "sysbox-runc";
  };
}