{
    config,
    ...
}: let
    inherit (config.poz.other.system) username;
in {
    users.users.${username} = {
        extraGroups = [ "docker" ];
    };

    services.caddy = let
        redirToFlake = ''
            redir https://git.jacekpoz.pl/jacekpoz/niksos
        '';

        redirToQmkFork = ''
            redir https://git.jacekpoz.pl/jacekpoz/qmk_firmware/src/branch/master/keyboards/lily58/keymaps/poz
        '';
    in {
        enable = true;
        virtualHosts = {
            "test.jacekpoz.pl".extraConfig = ''
                reverse_proxy * localhost:3001
            '';

            "f.jacekpoz.pl".extraConfig = ''
                root * /srv/files
                file_server
            '';

            "flake.jacekpoz.pl".extraConfig = redirToFlake;
            "flake.jpoz.pl".extraConfig = redirToFlake;

            "qmk.jacekpoz.pl".extraConfig = redirToQmkFork;
            "qmk.jpoz.pl".extraConfig = redirToQmkFork;
        };
    };

    powerManagement.cpuFreqGovernor = "performance";

    virtualisation = {
        podman = {
            enable = true;
            dockerCompat = true;
        };
        oci-containers.backend = "podman";
    };

    networking.firewall.allowedTCPPorts = [ 80 443 ];

    poz = {
        other.home-manager.enable = true;
        programs = {
            agenix.enable = true;
            git = {
                enable = true;
                defaultBranch = "master";
            };
            starship.enable = true;
            zsh.enable = true;
            btop.enable = true;
            neovim = {
                enable = true;
                enableLsp = false;
            };
        };
        services = {
            ssh = {
                agent.enable = false;
                daemon = {
                    enable = true;
                    ports = [ 7312 22 ];
                };
            };
            syncthing.enable = true;
        };
    };

    system.stateVersion = "23.11";
}