{
  config,
  lib,
  pkgs,
  namespace,
  ...
}:
with lib;
let
  cfg = config.${namespace}.services.attic;
in
{
  imports = [ ./options.nix ];

  config = mkIf cfg.enable {
    services.atticd = {
      enable = true;
      environmentFile = cfg.environmentFile;
      settings = {
        listen = "${cfg.listenAddress}:${toString cfg.port}";
      };
    };

    # Open firewall for attic if enabled
    networking.firewall = mkIf cfg.openFirewall {
      allowedTCPPorts = [ cfg.port ];
      allowedUDPPorts = [ cfg.port ];
    };

    # Include the attic watch-store service and rebuild cache services
    systemd.services = {
      attic-watch-store = {
        enable = true;
        description = "watch store for cache";
        serviceConfig = {
          Type = "simple";
          User = "admin";
          Group = "jallen-nas";
          WorkingDirectory = "/etc/nixos";
          StandardOutput = "journal+console";
          StandardError = "journal+console";
          Restart = "always";
          RestartSec = "5";
        };
        path = with pkgs; [
          bash
          attic-client
        ];
        script = ''
          #!/usr/bin/env bash
          attic watch-store nas-cache
        '';
      };

      nix-rebuild-cache-desktop = {
        enable = true;
        description = "Rebuild desktop NixOS configurations for cache";
        serviceConfig = {
          Type = "oneshot";
          User = "admin";
          Group = "jallen-nas";
          WorkingDirectory = "/etc/nixos";
          StandardOutput = "journal+console";
          StandardError = "journal+console";
          Restart = "no";
          TimeoutStartSec = "2h";
        };
        path = with pkgs; [
          nix
          git
          coreutils
          gnugrep
          gnused
          openssh
        ];
        script = ''
          #!/usr/bin/env bash
          if [ -d .git ]; then
            git pull || echo "Warning: Could not pull latest changes"
          fi
          echo "Starting build of matt-nixos at $(date)"
          if nix flake update desktop-nixpkgs desktop-chaotic desktop-home-manager desktop-impermanence desktop-lanzaboote desktop-nixos-hardware desktop-sops-nix desktop-steam-rom-manager nixpkgs-unstable nixpkgs-stable nix-darwin; then
            echo "matt-nixos flake updated successfully at $(date)"
          else
            echo "matt-nixos failed to build at $(date)"
          fi
          if nix build .\#nixosConfigurations.matt-nixos.config.system.build.toplevel --no-link; then
            echo "matt-nixos built successfully at $(date)"
            git add .
            git commit -m "Desktop Updates $(date)"
          else
            echo "matt-nixos failed to build at $(date)"
            git reset --hard
          fi
        '';
      };
    };

    # Include timers for cache rebuilds
    systemd.timers = {
      nix-rebuild-cache-desktop = {
        description = "Timer for rebuilding desktop NixOS configurations cache";
        wantedBy = [ "timers.target" ];
        timerConfig = {
          OnCalendar = "weekly";
          Persistent = true;
          RandomizedDelaySec = "24h";
        };
      };
    };

    # Configure distributed builds
    nix = {
      settings.builders-use-substitutes = true;
      distributedBuilds = true;
      buildMachines = [
        {
          hostName = "pi5.local";
          system = "aarch64-linux";
          maxJobs = 4;
          sshUser = "matt";
          supportedFeatures = [
            "nixos-test"
            "benchmark"
            "big-parallel"
            "kvm"
          ];
        }
      ];
    };
  };
}