{ config, lib, pkgs, ...}: {

  config.systemd.services.copy-pounce-certs = {
    description = "Create certificate directories for Pounce IRC bouncer";

    wantedBy = [ "pounce-libera.service" "pounce-tilde.service" ];
    after = [ "network.target" ];

    serviceConfig.Type = "oneshot";

    script = ''
      if [ -d "/var/lib/pounce/" ]; then
        rm -r /var/lib/pounce/
      fi

      mkdir -p /var/lib/pounce/certs/
      mkdir -p /var/lib/pounce/certs/libera.irc.tempest.dev
      mkdir -p /var/lib/pounce/certs/tilde.irc.tempest.dev
      chown -R pounce:pounce /var/lib/pounce/
      chmod -R 640 /var/lib/pounce/

      CHAIN=/var/lib/acme/wildcard-irc.tempest.dev/fullchain.pem
      PRIVKEY=/var/lib/acme/wildcard-irc.tempest.dev/key.pem
      CERTS=/var/lib/pounce/certs

      ln -s $CHAIN   $CERTS/libera.irc.tempest.dev/fullchain.pem
      ln -s $PRIVKEY $CERTS/libera.irc.tempest.dev/privkey.pem
      ln -s $CHAIN   $CERTS/tilde.irc.tempest.dev/fullchain.pem
      ln -s $PRIVKEY $CERTS/tilde.irc.tempest.dev/privkey.pem

      exit 0
    '';
  };

  config.services.pounce = {
    enable = true;
    generateCerts = false;
    externalHost = "irc.tempest.dev";
    
    networks = {
      libera.config = {
        host = "irc.libera.chat";
        nick = "tempest";
        user = "ashe";
        real = "Ashelyn [they/them]";
      };
      tilde.config = {
        host = "irc.tilde.chat";
        nick = "ashe";
        user = "ashe";
        real = "Ashelyn [they/them]";
      };
    };
  };
}