{config, ...}: let
  rootDomain = config.networking.domain;
in {
  services.monica = {
    enable = true;
    hostname = "monica.${rootDomain}";
    appKeyFile = "/run/keys/monica-appkey";
    database = {
      createLocally = true;
    };
    # Configure nginx properly for Monica
    nginx = {
      enableACME = false; # We'll use the main domain's certificate
      forceSSL = true; # Force SSL
      useACMEHost = rootDomain; # Use the main domain's certificate
    };

    # Configure email settings to use the local mail server
    mail = {
      driver = "smtp";
      host = "localhost";
      port = 25; # Standard SMTP port
      fromName = "Monica CRM";
      from = "monica@simatime.com";
      encryption = null; # No encryption for local mail server
    };
  };

  # The Monica service will create its own nginx virtual host
  # We've added monica.${rootDomain} to the ACME cert list in Web.nix
}