{ ayo_public_key, pkgs, config, ... }: let
	group = "git";
	user = "git";
	home = "/srv/${user}";
in {
	users = {
		groups.${group} = {};

		users = {
			"caddy".extraGroups = [ "git" ];

			${user} = {
				isSystemUser = true;
				inherit group home;
				homeMode = "750";
				createHome = true;
				useDefaultShell = true;
				openssh.authorizedKeys.keys = [ ayo_public_key ];
			};
		};
	};

	home-manager = {
		useUserPackages = true;
		useGlobalPkgs = true;

		users.${user} = {
			home.stateVersion = "26.05";

			programs.git = {
				enable = true;
				settings.init.defaultBranch = "main";
			};
		};
	};

	services = {
		caddy.virtualHosts."git.ayoreis.com".extraConfig = let
			gitweb = pkgs.gitweb;
		in ''
			@git header User-Agent git/*
			root ${gitweb}
			file_server /static/*

			cgi @git ${pkgs.git}/bin/git-http-backend {
				env GIT_PROJECT_ROOT=${home}
			}

			cgi ${gitweb}/gitweb.cgi {
				env GITWEB_CONFIG=${config.services.gitweb.gitwebConfigFile}
			}
		'';

		gitweb.extraConfig = ''
			our $export_ok = "git-daemon-export-ok";
			our $site_name = "Repositories";
			$feature{'pathinfo'}{'default'} = [1];
		'';
	};

	programs.git = {
		enable = true;
		config.safe.directory = "*";
	};
}