{
  pkgs,
  lib,
  config,
  ...
}:
let
  cfg = config.services.hive-c0re;
in
{
  options.services.hive-c0re = {
    enable = lib.mkEnableOption "hive-c0re — hyperhive coordinator daemon";
    package = lib.mkOption {
      type = lib.types.package;
      default = pkgs.hyperhive;
      defaultText = lib.literalExpression "pkgs.hyperhive";
      description = "Package that provides /bin/hive-c0re.";
    };
    agentFlake = lib.mkOption {
      type = lib.types.str;
      default = "/etc/hyperhive#agent-base";
      description = "Flake reference passed to `nixos-container create --flake` when spawning sub-agents.";
    };
  };

  config = lib.mkIf cfg.enable {
    environment.systemPackages = [ cfg.package ];

    systemd.services.hive-c0re = {
      description = "hyperhive coordinator daemon";
      wantedBy = [ "multi-user.target" ];
      # `nixos-container` lives in the system path; make it reachable from the unit.
      path = [ "/run/current-system/sw" ];
      serviceConfig = {
        ExecStart = "${cfg.package}/bin/hive-c0re --socket /run/hyperhive/host.sock serve --agent-flake ${cfg.agentFlake}";
        Restart = "on-failure";
        RestartSec = 2;
        RuntimeDirectory = "hyperhive";
        RuntimeDirectoryMode = "0750";
        RuntimeDirectoryPreserve = "yes";
        StateDirectory = "hyperhive";
      };
    };
  };
}