{
  config,
  inputs,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.nixfiles.modules.podman;
in {
  options.nixfiles.modules.podman.enable = mkEnableOption "Podman";

  config = mkIf cfg.enable {
    assertions = [
      {
        assertion = !config.nixfiles.modules.docker.enable;
        message = "Pick only one!";
      }
    ];

    secrets.containers-auth = {
      file = "${inputs.self}/secrets/containers-auth";
      path = "${config.dirs.config}/containers/auth.json";
      owner = my.username;
      inherit (config.my) group;
    };

    virtualisation.podman.enable = true;

    environment.systemPackages = with pkgs; [podman-compose];

    my.extraGroups = ["podman"];

    hm = {
      xdg.configFile = {
        # This removes a really annoying registry search. 100% of the time I
        # would need to look up stuff from the Docker and not Quay!
        "containers/registries.conf".text = ''
          [registries.search]
          registries = ["docker.io"]
        '';

        # As for plain OverlayFS in Podman over ZFS[1]... I guess we are waiting
        # for Podman to catch up now.
        #
        # [1]: https://github.com/openzfs/zfs/pull/14070#issuecomment-1309116666
        "containers/storage.conf".text = optionalString config.boot.zfs.enabled ''
          [storage]
          driver = "overlay"

          [storage.options]
          mount_program = "${pkgs.fuse-overlayfs}/bin/fuse-overlayfs"
          mountopt = "noatime,nodev,nosuid"
        '';
      };

      programs.bash = {
        shellAliases = {
          podman = "grc -es ${pkgs.podman}/bin/podman";
          p = "podman";
        };
        initExtra = mkAfter ''
          _complete_alias p __start_podman podman
        '';
      };
    };
  };
}