{ pkgs, config, ... }:

{
  programs.password-store = {
    enable = true;
    settings = {
      PASSWORD_STORE_DIR = "${config.xdg.dataHome}/password-store";
      PASSWORD_STORE_GENERATED_LENGTH = "30";
      PASSWORD_STORE_CHARACTER_SET = "a-zA-Z0-9~!@#$%^&*()-_=+[]{};:,.<>?";
      PASSWORD_STORE_KEY = config.programs.gpg.settings.default-key;
    };
  };

  systemd.user.services.git-password-store = {
    Unit = {
      Description = "password-store synchronization to git";
      Documentation = [
        "man:pass(1)"
        "https://git.fcuny.net/fcuny/password-store"
      ];
      ConditionPathIsDirectory = "${config.programs.password-store.settings.PASSWORD_STORE_DIR}/.git";
    };
    Service = {
      Type = "oneshot";
      Environment = "PASSWORD_STORE_DIR=${config.programs.password-store.settings.PASSWORD_STORE_DIR}";
      WorkingDirectory = config.programs.password-store.settings.PASSWORD_STORE_DIR;
      ExecStart = "${pkgs.git}/bin/git push origin %H";
    };
  };

  systemd.user.timers.git-password-store = {
    Unit = {
      Description = "password-store synchronization timer";
      Documentation = "man:pass(1)";
    };
    Timer = {
      OnBootSec = "20m";
      OnUnitActiveSec = "60m";
    };
    Install = { WantedBy = [ "timers.target" ]; };
  };
}