{
  config,
  lib,
  pkgs,
  ...
}:

let
  # patchScriptBin =
  #   {
  #     filename,
  #     contents,
  #     path ? [ ],
  #   }:
  #   ((pkgs.writeScriptBin filename contents).overrideAttrs (old: {
  #     buildInputs = [ pkgs.makeWrapper ];
  #     buildCommand = "${old.buildCommand}\n patchShebangs $out\nwrapProgram $out/bin/${filename} --prefix PATH : ${lib.makeBinPath path}";
  #   }));
  nix_builder = pkgs.rustPlatform.buildRustPackage rec {
    pname = "nix_builder";
    version = "0.0.0";

    src = pkgs.fetchgit {
      url = "https://code.fizz.buzz/talexander/nix_builder.git";
      # tag = version;
      rev = "d0fc2331e7aadc8bdd98836b466172ac37628e7d";
      hash = "sha256-V1DU9U4+k96KfGV9BTxKYjxLzV6tWvQPM+a+5NU94G8=";
      leaveDotGit = false;
    };

    cargoLock = {
      lockFile = "${src}/Cargo.lock";
    };

    meta = with lib; {
      description = "A builder of nix configs for a build server.";
      homepage = "https://code.fizz.buzz/talexander/nix_builder";
      license = licenses.bsd0;
      maintainers = [ ];
    };

    nativeBuildInputs = [ pkgs.makeWrapper ];

    postInstall = ''
      wrapProgram $out/bin/nix-builder --prefix PATH : ${
        lib.makeBinPath [
          pkgs.git
          pkgs.nix
          pkgs.nixos-rebuild
        ]
      }
    '';
  };
in
{
  imports = [ ];

  options.me = {
    hydra.enable = lib.mkOption {
      type = lib.types.bool;
      default = false;
      example = true;
      description = "Whether we want to install hydra.";
    };
  };

  config = lib.mkIf config.me.hydra.enable {
    environment.systemPackages = with pkgs; [
      nix_builder
      sqlite # For manually inspecting the database.
    ];

    environment.persistence."/persist" = lib.mkIf (config.me.mountPersistence) {
      hideMounts = true;
      users.nixworker = {
        directories = [
          {
            directory = "persist";
            user = "nixworker";
            group = "nixworker";
            mode = "0700";
          }
        ];
      };
    };

    # Nix 2.30.0 (2025-07-07) changed the build directory from /tmp to /nix/var/nix/builds which broke a number of builds because my ZFS datasets were utf8only.
    fileSystems."/home/nixworker/persist/root/nix/var/nix/builds" = {
      device = "tmpfs";
      fsType = "tmpfs";
      options = [
        "size=40G" # adjust for your situation and needs
        "mode=700"
        "uid=11400"
        "gid=11400"
      ];
    };

    systemd.timers."build-cache" = {
      wantedBy = [ "timers.target" ];
      timerConfig = {
        OnCalendar = "*-*-* 03:00:00 America/New_York";
        Unit = "build-cache.service";
      };
    };

    systemd.services."build-cache" = {
      script = ''
        set -euo pipefail
        IFS=$'\n\t'
        DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"

        NIX_REMOTE='local?root=/home/nixworker/persist/root' RUST_BACKTRACE=1 RUST_LOG=nix_builder=DEBUG ${nix_builder}/bin/nix-builder build --config ${./files/nix_builder.toml} --target odo --target odo_update --target odowork --target odowork_update --target quark --target quark_update --target hydra --target hydra_update --target controller0 --target controller0_update --target controller1 --target controller1_update --target controller2 --target controller2_update --target worker0 --target worker0_update --target worker1 --target worker1_update --target worker2 --target worker2_update --target family_disks --target family_disks_update
      '';
      restartIfChanged = false;
      serviceConfig = {
        Type = "simple";
        User = "nixworker";
        # restartIfChanged = false;
        # RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
        LimitNOFILE = 8192;
      };
    };

    # TODO: This should move into nix-builder so we can only run clean when builds are passing. Otherwise partial builds will lose progress.
    # TODO: In nix-builder maybe include setting to auto delete to make room during builds if we run out of space, just in case builds are failing for a long time and prevent cleanup from running.
    systemd.timers."clean-cache" = {
      wantedBy = [ "timers.target" ];
      timerConfig = {
        OnCalendar = "*-*-01 02:00:00 America/New_York";
        Unit = "clean-cache.service";
      };
    };

    systemd.services."clean-cache" = {
      script = ''
        set -euo pipefail
        IFS=$'\n\t'
        DIR="$( cd "$( dirname "''${BASH_SOURCE[0]}" )" && pwd )"

        NIX_REMOTE='local?root=/home/nixworker/persist/root' nix-collect-garbage -d
      '';
      path = with pkgs; [
        pkgs.nix
      ];
      restartIfChanged = false;
      serviceConfig = {
        Type = "simple";
        User = "nixworker";
        # restartIfChanged = false;
        # RemainAfterExit = true; # Prevents the service from automatically starting on rebuild. See https://discourse.nixos.org/t/how-to-prevent-custom-systemd-service-from-restarting-on-nixos-rebuild-switch/43431
        LimitNOFILE = 8192;
      };
    };
  };
}