{ config, lib, pkgs, ... }:

let
  # Fetch MCP servers library
  mcpServersNix = import (builtins.fetchTarball {
    url = "https://github.com/dpolakovics/mcp-servers-nix/archive/916979f7692e25cb3510d68201886b18c381da06.tar.gz";
    sha256 = "sha256-S/AzJI1OvWCmSOZ02H4aRUCZVAE6dpH99vZcz43W2Nw=";
  }) { inherit pkgs; };

  # Build MCP configuration
  mcpJsonConfig = mcpServersNix.lib.mkConfig pkgs {
    programs = {
      # fetch.enable            = true;
      brave-search = {
        enable  = true;
        envFile = config.sops.secrets.mcp-brave-env.path;
        # envFile = "/run/secrets/mcp-brave-env";
      };
      puppeteer.enable        = true;
      # memory.enable           = true;
      sequential-thinking.enable = true;
      context7.enable = true;
    };
    settings = {
      mcpServers = {
        brave-search = {
          alwaysAllow = [ "brave_web_search" "brave_local_search"];
        };
        context7 = {
          alwaysAllow = [ "resolve-library-id" "get-library-docs" ];
        };
        nixos = {
          command = "nix";
          args    = [ "run" "github:utensils/mcp-nixos" "--" ];
          alwaysAllow = [
            "nixos_search"
            "nixos_info"
            "nixos_channels"
            "home_manager_search"
            "home_manager_info"
            "home_manager_stats"
            "home_manager_list_options"
            "home_manager_options_by_prefix"
            "nixhub_package_versions"
            "nixhub_find_version"
          ];
        };
        puppeteer = {
          alwaysAllow = [
            "puppeteer_navigate"
            "puppeteer_screenshot"
            "puppeteer_click"
            "puppeteer_fill"
            "puppeteer_select"
            "puppeteer_hover"
            "puppeteer_evaluate"
          ];
        };
        sequential-thinking = {
          alwaysAllow = [ "sequentialthinking" ];
        };
      };
    };
  };

  setupMcpConfigDominik = pkgs.writeShellScript "setup" ''
    ${pkgs.coreutils-full}/bin/mkdir -p /home/dominik/.config/Code/User/globalStorage/rooveterinaryinc.roo-cline/settings
    if [ -f /home/dominik/.config/Code/User/globalStorage/rooveterinaryinc.roo-cline/settings/mcp_settings.json ]; then
      echo "Removing old mcp.json…"
      rm /home/dominik/.config/Code/User/globalStorage/rooveterinaryinc.roo-cline/settings/mcp_settings.json
    fi
    ${pkgs.coreutils-full}/bin/ln -s ${builtins.toString mcpJsonConfig} \
       /home/dominik/.config/Code/User/globalStorage/rooveterinaryinc.roo-cline/settings/mcp_settings.json
  '';
in
{
  # Manage Brave Search API key file via sops
  sops.secrets.mcp-brave-env = {
    owner = "dominik";
  };

  # Systemd service to deploy to VSCode globalStorage
  systemd.services."setup-roo-mcp-config-dominik" = {
    description = "Deploy Roo MCP config for dominik";
    wantedBy    = [ "multi-user.target" ];
    after       = [ "nss-user-lookup.target" ];
    serviceConfig = {
      Type            = "oneshot";
      RemainAfterExit = true;
      ExecStart       = setupMcpConfigDominik;
    };
  };
}