{
  config,
  lib,
  pkgs,
  ...
}:
{
  imports = [
    ./hardware-configuration.nix
    ./disk-config.nix
  ];

  environment.shellAliases = {
    rebuild = "sudo nixos-rebuild switch --flake ~/nixos/.#black";
  };

  environment.systemPackages = with pkgs; [
    nil
    nixd
    docker
    lazygit
  ];

  nixpkgs.config.allowUnfree = true;

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  networking.hostName = "black"; # Define your hostname.

  # Configure network connections interactively with nmcli or nmtui.
  networking.networkmanager.enable = true;

  # Set your time zone.
  time.timeZone = "America/New_York";

  nix.settings.experimental-features = [
    "nix-command"
    "flakes"
  ];

  hardware.graphics.enable = true;

  programs.git = {
    enable = true;
    config = {
      user = {
        name = "Ifrahim Ansari";
        email = "iam@ifrahim.dev";
      };
    };
  };

  users.users.black = {
    isNormalUser = true;
    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
    initialPassword = "Smsia2004";
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDDeD8k/xQ1cL6y05CHv3X3xESN58hxq833O05LiZaAY ifrahim@whoami"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB/TG85rh2yB4kErVSnYMOffjBMB28uULlCKj5QI0NfL ifrahim@iamhome"
    ];
  };

  services.nginx = {
    enable = true;
    virtualHosts = {
      "git.ifrahim.dev" = {
        forceSSL = true;
        enableACME = true;
        locations."/" = {
          proxyPass = "http://192.168.1.3:3000";
        };
      };
    };
  };

  security.acme = {
    acceptTerms = true;
    defaults.email = "iam@ifrahim.dev";
  };

  # Forgejo Server
  services.forgejo = {
    enable = true;
    settings = {
      service = {
        DISABLE_REGISTRATION = true;
      };
      server = {
        ROOT_URL = "https://git.ifrahim.dev";
        SSH_PORT = 2222;
      };
    };
  };

  virtualisation.docker.enable = true;

  # OCI Container configuration
  # virtualisation.oci-containers = {
  #   backend = "docker"; # or "podman"
  #   containers = {
  #     nginx = {
  #       image = "nginx:latest";
  #       autoStart = true;
  #       ports = [
  #         "8080:80" # Host:Container port mapping
  #       ];
  #     };
  #   };
  # };

  # Enable the OpenSSH daemon.
  services.openssh.enable = true;
  networking.firewall.enable = true;
  networking.firewall.allowedTCPPorts = [
    22
    80
    443
    2222
  ];

  nix.gc = {
    automatic = true;
    dates = "daily";
  };

  # This option defines the first version of NixOS you have installed on this particular machine,
  # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
  #
  # Most users should NEVER change this value after the initial install, for any reason,
  # even if you've upgraded your system to a new NixOS release.
  #
  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
  # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
  # to actually do that.
  #
  # This value being lower than the current NixOS release does NOT mean your system is
  # out of date, out of support, or vulnerable.
  #
  # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
  # and migrated your data accordingly.
  #
  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
  system.stateVersion = "25.11"; # Did you read the comment?
}