{outputs, ...}: {
  services = {
    gitea = {
      enable = true;
      settings = {
        server = {
          DOMAIN = "git.${outputs.secrets.jimDomain}";
          ROOT_URL = "https://git.${outputs.secrets.jimDomain}:443";
          HTTP_PORT = 3110;
          SSH_PORT = 2299;
          START_SSH_SERVER = true;
        };
        mailer = {
          ENABLED = true;
          SMTP_ADDR = "mx.${outputs.secrets.jimDomain}";
          FROM = "Jimbo's Git <noreply@${outputs.secrets.jimDomain}>";
          USER = "noreply@${outputs.secrets.jimDomain}";
          PASSWD = outputs.secrets.noreplyPassword;
          PROTOCOL = "smtps";
        };
        service.REGISTER_EMAIL_CONFIRM = true;
      };
    };
    nginx.virtualHosts."git.${outputs.secrets.jimDomain}" =  {
      enableACME = true;
      forceSSL = true;
      locations."/" = {
        proxyPass = "http://127.0.0.1:3110";
        proxyWebsockets = true;
      };
    };
  };

  # Allow Gitea SSH to work
  networking.firewall.allowedTCPPorts = [ 2299 ];
}