{ lib, config, pkgs, ... }:
let
  cfg = config.services.tinc;
in {
  options = {
    services.tinc.networks = lib.mkOption {
      type = lib.types.attrsOf (lib.types.submodule {
        options.nmDispatch = lib.mkOption {
          type = lib.types.bool;
          default = config.networking.networkmanager.enable;
          description = ''
            Install a network-manager dispatcher script to automatically
            connect to all remotes when networking is available
          '';
        };
      });
    };
  };

  config = {
    networking.networkmanager.dispatcherScripts = lib.concatLists (lib.flip lib.mapAttrsToList cfg.networks (network: data: lib.optional data.nmDispatch {
      type = "basic";
      source = pkgs.writeScript "connect-${network}.sh" ''
        #!${pkgs.stdenv.shell}

        shopt -s extglob

        case "''${2}" in
          (?(vpn-)up)
            ${data.package}/bin/tinc -n ${network} --pidfile /run/tinc.${network}.pid --batch retry
            ;;
        esac
      '';
    }));
  };
}