{ config, lib, pkgs, ... }:

with lib;

let
  pppInterface = config.networking.pppInterface;
in {
  options = {
    networking.pppInterface = mkOption {
      type = types.str;
      default = "dsl";
    };
  };
  
  config = {
    networking.vlans = {
      telekom = {
        id = 7;
        interface = "eno2";
      };
    };
    
    services.pppd = {
      enable = true;
      peers.telekom.config = ''
        nodefaultroute
        ifname ${pppInterface}
        lcp-echo-failure 1
        lcp-echo-interval 1
        maxfail 0
        mtu 1492
        mru 1492
        plugin rp-pppoe.so
        name telekom
        user 002576900250551137425220#0001@t-online.de
        telekom
        debug
      '';
    };
    systemd.services."pppd-telekom" = {
      stopIfChanged = false;
      
      serviceConfig = lib.mkForce {
        Type = "notify";
        PIDFile = "/run/pppd/${pppInterface}.pid";
        ExecStart = "${lib.getBin pkgs.ppp}/sbin/pppd call telekom up_sdnotify nolog +ipv6";
        Restart = "always";
        RestartSec = 5;

        RuntimeDirectory = "pppd";
        RuntimeDirectoryPreserve = true;
      };
    };
    sops.secrets."pap-secrets" = {
      format = "binary";
      sopsFile = ./pap-secrets;
      path = "/etc/ppp/pap-secrets";
    };

    environment.etc = {
      "ppp/ip-up" = {
        text = ''
          #!${pkgs.runtimeShell}
          ${pkgs.iproute}/bin/ip route add default via "$5" dev "${pppInterface}" metric 512
        '';
        mode = "0555";
      };
    };

    systemd.network.networks."dsl" = {
      matchConfig = {
        Name = "dsl";
      };
      dns = [ "::1" "127.0.0.1" ];
      domains = [ "~." ];
      networkConfig = {
        LinkLocalAddressing = "no";
        DNSSEC = true;
      };
    };
  };
}