{
  config,
  lib,
  pkgs,
  ...
}:
let
  generatedAliases = pkgs.writeText "generated-aliases" (
    lib.concatStringsSep "\n" (
      lib.mapCartesianProduct
        ({ aliases, domain }: "${aliases}@${domain}  root@test.htw.stura-dresden.de")
        {
          aliases = [
            "abuse"
            "hostmaster"
            "noreply"
            "postmaster"
            "webmaster"
          ];
          domain = config.mailserver.domains;
        }
    )
  );

in
{
  imports = [
    ./hardware-configuration.nix
  ];

  networking.hostName = "git";
  networking.interfaces.ens18.ipv4.addresses = [
    {
      address = "141.56.51.97";
      prefixLength = 24;
    }
  ];

  networking.defaultGateway.address = "141.56.51.254";
  networking.nameservers = [
    "9.9.9.9"
    "1.1.1.1"
  ];

  services.openssh.enable = true;
  services.forgejo = {
    enable = true;
    settings = {

      server = {
        PROTOCOL = "http+unix";
        HTTP_ADDR = "/run/forgejo/forgejo.sock";
        ROOT_URL = "https://${config.networking.fqdn}";
      };
      oauth2_client = {
        ENABLE_AUTO_REGISTRATION = "true";
        REGISTER_EMAIL_CONFIRM = "false";
        username = "email";
      };
      service = {
        SHOW_REGISTRATION_BUTTON = "false";
      };
    };
  };

  services.nginx = {
    enable = true;
    virtualHosts."${config.networking.fqdn}" = {
      forceSSL = true;
      enableACME = true;
      locations."/" = {
        recommendedProxySettings = true;
        proxyWebsockets = true;
        proxyPass = "http://unix:/run/forgejo/forgejo.sock";
      };
    };
  };

  networking.firewall.allowedTCPPorts = [
    25
    80
    443
    597
  ];

  system.stateVersion = "24.11";

}