{
  config,
  pkgs,
  lib,
  ...
}: let
  home-manager = builtins.fetchTarball "https://github.com/nix-community/home-manager/archive/release-25.11.tar.gz";
  cfg = config.services.forgejo;
  srv = cfg.settings.server;
in {
  options.local = {
    hostname = lib.mkOption {
      type = lib.types.str;
      default = "nixos-default";
      description = "System hostname";
    };
    username = lib.mkOption {
      type = lib.types.str;
      default = "user";
      description = "Primary user username";
    };
    userDescription = lib.mkOption {
      type = lib.types.str;
      default = "NixOS User";
      description = "Primary user description";
    };
    address = lib.mkOption {
      type = lib.types.str;
      default = "10.1.1.100";
      description = "Static IP address";
    };
  };

  imports = [
    ./modules/desktop-manager/sway_greetd_homemanager.nix
    ./modules/local/hostname_username.nix
    ./modules/local/networking_local.nix
    ./modules/toolsets/remote_building.nix
    ./modules/bootloader/seabios-assigned-proxmox-at-birth.nix
    ./modules/lix-default.nix
  ];

  config = {
    local.hostname = "forgejoprg";
    local.username = "forgejoprg";
    local.userDescription = "Forgejo Admin";
    local.address = "10.1.1.4";

    # Enable Fedgejo service
    services.nginx = {
      enable = true;
      virtualHosts."git.prg.local" = {
        # Remove forceSSL and enableACME for local network
        # forceSSL = true;
        # enableACME = true;
        extraConfig = ''
          client_max_body_size 512M;
        '';
        locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
      };
    };

    # Enable PostgreSQL for Forgejo
    services.postgresql.enable = true;

    # Forgejo configuration
    services.forgejo = {
      enable = true;
      database = {
        type = "postgres";
        host = "10.1.1.251"; # IP of your database server
        name = "forgejo";
        user = "forgejo";
        passwordFile = "/home/forgejoprg/password.txt"; # Store password in a separate file for security
      };
      lfs.enable = true;

      settings = {
        server = {
          DOMAIN = "git.prg-radio.org";
          ROOT_URL = "https://git.prg-radio.org/";
          HTTP_PORT = 3000;
          # SSH integration
          SSH_PORT = lib.head config.services.openssh.ports;
        };

        # Temporarily allow registration to create admin user
        service.DISABLE_REGISTRATION = false;

        # Enable Actions support
        actions = {
          ENABLED = true;
          DEFAULT_ACTIONS_URL = "github";
        };

        # Optional: Email configuration
        # mailer = {
        #   ENABLED = false;
        # };
      };
    };

    # Open ports in the firewall.
    networking.firewall.allowedTCPPorts = [3000];

    system.stateVersion = "25.11";
  };
}