{ inputs, ... }:
{
  flake.modules.nixos.forgejo =
  { lib, config, pkgs, ... }:
  {

    imports = with inputs.self.modules.nixos; [
      podman
    ];

    age.secrets = {
      forgejo.file = ../../../secrets/forgejo.age;
      forgejodb.file = ../../../secrets/forgejodb.age;
    };


    virtualisation.oci-containers.containers = 
    {
      "forgejo" = {
        image = "codeberg.org/forgejo/forgejo:13";
        ports = [
          "2424:22" #SSH
          "4000:3000" #WebUI
        ];
        labels = {
          "io.containers.autoupdate" = "registry";
        };
        volumes = [
          "/DockerData/configs/forgejo/data:/data"
          "/etc/timezone:/etc/timezone:ro"
          "/etc/localtime:/etc/localtime:ro"
        ];
        environmentFiles = [
          "${config.age.secrets.forgejo.path}"
        ];
        dependsOn = [
          "db"
        ];
        log-driver = "journald";
        networks = [
          "forgejo-internal"
        ];
      }; 

      "db" = {
        image = "docker.io/library/postgres:14";
        volumes = [
          "/DockerData/configs/forgejo/db:/var/lib/postgresql/data"
        ];
        labels = {
          "io.containers.autoupdate" = "registry";
        };
        environmentFiles = [
          "${config.age.secrets.forgejodb.path}"
        ];
        log-driver = "journald";
        networks = [
          "forgejo-internal"
        ];
      }; 
    };

  
    systemd = {
      services = {
        "podman-network-forgejo-internal" = {
          path = [ pkgs.podman ];
          serviceConfig = {
            Type = "oneshot";
            RemainAfterExit = true;
            ExecStop = "podman network rm -f forgejo-internal";
          };
          script = ''
            podman network inspect forgejo-internal || podman network create forgejo-internal
          '';
          partOf = [ "podman-compose-forgejo-root.target" ];
          wantedBy = [ "podman-compose-forgejo-root.target" ];
        };

        "podman-db" = {
          serviceConfig = {
            Restart = lib.mkOverride 90 "always";
          };
          partOf = [ "podman-compose-forgejo-root.target" ];
          wantedBy = [ "podman-compose-forgejo-root.target" ];
          after = [ "podman-network-forgejo-internal.service" ];
          wants = [ "podman-network-forgejo-internal.service" ];
        };
        
        "podman-forgejo" = {
          serviceConfig = {
            Restart = lib.mkOverride 90 "always";
          };
          partOf = [ "podman-compose-forgejo-root.target" ];
          wantedBy = [ "podman-compose-forgejo-root.target" ];
          after = [ "podman-network-forgejo-internal.service" ];
          wants = [ "podman-network-forgejo-internal.service" ];
        };
      };

      targets = {
        "podman-compose-forgejo-root" = {
          wantedBy = [ "multi-user.target" ];
        };
      };
    };
      
  };
}