{config, ...}: let
  vars = import ../../../../vars.nix;
in {
  virtualisation.arion = {
    projects.git.settings = {
      imports = [./arion-compose.nix];
    };
  };

  sops.secrets."forgejo/db_password" = {
    owner = vars.user;
  };
  sops.secrets."forgejo/db_user" = {
    owner = vars.user;
  };
  sops.secrets."forgejo/db_database" = {
    owner = vars.user;
  };

  sops.templates."forgejo.env" = {
    path = "/home/${vars.user}/.docker/git/forgejo.env";
    owner = vars.user;
    mode = "0775";
    content = ''
      GITEA__database__NAME="${config.sops.placeholder."forgejo/db_database"}"
      GITEA__database__USER="${config.sops.placeholder."forgejo/db_user"}"
      GITEA__database__PASSWD="${config.sops.placeholder."forgejo/db_password"}"
    '';
  };

  sops.templates."forgejo-db.env" = {
    path = "/home/${vars.user}/.docker/git/forgejo-db.env";
    owner = vars.user;
    mode = "0775";
    content = ''
      POSTGRES_DB="${config.sops.placeholder."forgejo/db_database"}"
      POSTGRES_USER="${config.sops.placeholder."forgejo/db_user"}"
      POSTGRES_PASSWORD="${config.sops.placeholder."forgejo/db_password"}"
    '';
  };
}