{ config, pkgs, lib, ... }:

let
  cfg = config.services.forgejo;
  srv = cfg.settings.server;
in
{
  services.forgejo = {
    enable = true;
    database.type = "sqlite3";
    lfs.enable = true;
    settings = {
      server = {
        DOMAIN = "git.figtree.dev";
        ROOT_URL = "https://git.figtree.dev/";
        HTTP_ADDR = "0.0.0.0";
        HTTP_PORT = 3000;
      };
      service.DISABLE_REGISTRATION = true;
    };
  };

  # Open the firewall for Forgejo's HTTP and SSH ports
  networking.firewall.allowedTCPPorts = [ 3000 22 ];

  # Ensure the user 'alex' is an admin in Forgejo if needed
  # (Note: Forgejo doesn't allow 'admin' as a username)
  systemd.services.forgejo.preStart = ''
    # This will fail if the user already exists, hence || true
    ${lib.getExe cfg.package} admin user create --admin --email "code@figtree.dev" --username alex --password "changeme123" || true
  '';
}