{ config, lib, ... }:
{
  imports = [ ./nginx ];

  config = lib.mkIf config.system.server.enable {
    services.forgejo = {
      enable = true;
      settings = {
        server = {
          DOMAIN = "git.${config.domains.p2}";
          ROOT_URL = "https://git.${config.domains.p2}:443";
          HTTP_PORT = 3110;
          SSH_PORT = 2299;
          START_SSH_SERVER = true;
        };
        mailer = {
          ENABLED = true;
          SMTP_ADDR = "mx.${config.domains.p1}";
          FROM = "NixFox Git <noreply@${config.domains.p2}>";
          USER = "noreply@${config.domains.p2}";
          PASSWD = config.secrets.noreplyPassword;
          PROTOCOL = "smtps";
        };
        service = {
          REGISTER_EMAIL_CONFIRM = true;
          DISABLE_REGISTRATION = true;
        };
        ui.DEFAULT_THEME = "forgejo-dark";
      };
    };

    networking.firewall.allowedTCPPorts = [ 2299 ];

    services.ddclient.domains = [ "git.${config.domains.p2}" ];

    environment.persistence."/persist".directories = [
      "/var/lib/forgejo"
    ];
  };
}