{
  config,
  lib,
  inputs,
  pkgs,
  ...
}:
with lib; let
  cfg = config.nixfiles.modules.podman;
in {
  options.nixfiles.modules.podman.enable = mkEnableOption "Podman";

  config = mkIf cfg.enable {
    assertions = [
      {
        assertion = !config.nixfiles.modules.docker.enable;
        message = "Pick only one!";
      }
    ];

    secrets.containers-auth = {
      file = "${inputs.self}/secrets/containers-auth";
      path = "${config.dirs.config}/containers/auth.json";
      owner = my.username;
      inherit (config.my) group;
    };

    virtualisation.podman.enable = true;

    environment.systemPackages = with pkgs; [podman-compose];

    my.extraGroups = ["podman"];

    hm.programs.bash = {
      shellAliases.p = "${pkgs.podman}/bin/podman";
      initExtra = mkAfter ''
        _complete_alias p __start_podman podman
      '';
    };
  };
}