{ config, pkgs, lib, ... }:
let cfg = config.my.services.gitea;
in {
  options.my.services.gitea = with lib; {
    enable = mkEnableOption "gitea git server";
    stateDir = mkOption {
      type = types.str;
      example = "/var/lib/gitea";
      description = "gitea base directory";
    };
  };

  config = lib.mkIf cfg.enable {
    users.users.git = {
      description = "Gitea Service";
      home = cfg.stateDir;
      useDefaultShell = true;
      group = "git";
      isSystemUser = true;
    };
    users.groups.git = { };

    services.gitea = {
      enable = true;
      user = "git";
      domain = "git.fcuny.net";
      appName = "git.fcuny.net";
      rootUrl = "https://git.fcuny.net/";
      httpAddress = "127.0.0.1";
      httpPort = 8002;
      log.level = "Error";
      settings = { other.SHOW_FOOTER_VERSION = false; };
      dump.enable = false;
      database = {
        type = "sqlite3";
        user = "git";
      };
    };

    services.restic.backups = {
      gitea = {
        paths = [ cfg.stateDir ];
        repository = "/data/slow/backups/systems";
        passwordFile = config.age.secrets.restic-repo-systems.path;
        timerConfig = { OnCalendar = "00:15"; };
        initialize = true;
        extraBackupArgs = [ "--tag gitea" ];
        pruneOpts = [ "--keep-daily 7" "--keep-weekly 4 --keep-monthly 6" ];
      };
    };
  };
}