{ user, home }:
{
  config,
  inputs,
  pkgs,
  ...
}:
let
  hmConfig = config.home-manager.users.${user};
in
{
  home-manager.users.${user} = {
    sops = {
      secrets = {
        "ssh/key" = {
          sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";
          path = "${home}/.ssh/ssh_personal_ed25519_key";
        };

        "ssh/pass".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/git.karaolidis.com/username".sopsFile =
          "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/git.karaolidis.com/tokens/admin".sopsFile =
          "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/github.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/github.com/tokens/admin".sopsFile =
          "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/gitlab.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/gitlab.com/tokens/admin".sopsFile =
          "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/gitea.com/username".sopsFile = "${inputs.secrets}/domains/personal/secrets.yaml";

        "git/credentials/gitea.com/tokens/admin".sopsFile =
          "${inputs.secrets}/domains/personal/secrets.yaml";
      };

      templates."git/credentials" = {
        content = ''
          https://${hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/username"}:${
            hmConfig.sops.placeholder."git/credentials/git.karaolidis.com/tokens/admin"
          }@git.karaolidis.com
          https://${hmConfig.sops.placeholder."git/credentials/github.com/username"}:${
            hmConfig.sops.placeholder."git/credentials/github.com/tokens/admin"
          }@github.com
          https://${hmConfig.sops.placeholder."git/credentials/gitlab.com/username"}:${
            hmConfig.sops.placeholder."git/credentials/gitlab.com/tokens/admin"
          }@gitlab.com
          https://${hmConfig.sops.placeholder."git/credentials/gitea.com/username"}:${
            hmConfig.sops.placeholder."git/credentials/gitea.com/tokens/admin"
          }@gitea.com
        '';
        path = "${home}/.config/git/credentials";
      };
    };

    programs.ssh.matchBlocks = {
      "karaolidis.com" = {
        hostname = "karaolidis.com";
        user = "nick";
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
      };

      "tunnel.karaolidis.com" = {
        hostname = "tunnel.karaolidis.com";
        user = "nick";
        port = 2222;
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
      };

      "github.com" = {
        hostname = "github.com";
        user = "git";
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
        userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.github;
      };

      "gitlab.com" = {
        hostname = "gitlab.com";
        user = "git";
        identityFile = "${home}/.ssh/ssh_personal_ed25519_key";
        userKnownHostsFile = builtins.toString pkgs.sshKnownHosts.gitlab;
      };
    };
  };
}