{ self, config, lib, pkgs, ... }:

{
  environment.systemPackages = [ pkgs.gitea ];

  services.gitea = {
    enable = true;
    stateDir = "/var/lib/gitea";

    appName = "Vapor Git: producing vaporware since 1999";
    database = {
      type = "postgres";
      name = "gitea";
      user = "gitea";
      createDatabase = true;
    };

    settings.server = {
      DOMAIN = "git.vapor.systems";
      ROOT_URL = "https://git.vapor.systems";
      PROTOCOL = "http+unix";
      HTTP_ADDR = "/run/gitea/http.sock";
    };
  };

  security.acme.certs = {
    "vapor.systems" = {
      extraDomainNames = [ "*.vapor.systems" ];
    };
  };

  services.nginx = {
    enable = true;
    virtualHosts."git.vapor.systems" =
      self.lib.nginx.proxyDomain "vapor.systems" "http://unix:/run/gitea/http.sock";
  };
}