{ container, lib, ... } @args: let
	cfg = container.config.postgres;
in {
	systemd.tmpfiles.rules = container.mkContainerDir cfg [
		"data"
	];

	containers.postgres = container.mkContainer cfg {
		bindMounts = {
			"/var/lib/postgresql/data" = {
				hostPath   = "${cfg.storage}/data";
				isReadOnly = false;
			};
		};

		config = { pkgs, ... }: container.mkContainerConfig cfg {
			services.postgresql = let
				# Populate with services here.
				configurations = with container.config; {
					gitea       = git;
					nextcloud   = cloud;
					privatebin  = paste;
					onlyoffice  = office;
					paperless   = paper;
					invidious   = yt;
				};

				access = configurations // {
					all = { address = container.host; };
				};

				authentication = builtins.foldl' (acc: item: acc + "${item}\n") "" (
					lib.mapAttrsToList (db: cfg: "host ${db} ${db} ${cfg.address}/32 trust") access
				);

				ensureDatabases = [ "root" ] ++ lib.mapAttrsToList (name: _: name) configurations;

				ensureUsers = map (name: {
					inherit name;
					ensureClauses = if name == "root" then {
						superuser  = true;
						createrole = true;
						createdb   = true;
					} else {};
					ensureDBOwnership = true;
				}) ensureDatabases;
			in {
				inherit authentication ensureDatabases ensureUsers;

				enable = true;
				package = pkgs.postgresql_14;
				dataDir = "/var/lib/postgresql/data/14";
				enableTCPIP = true;
			};
		};
	};
}