{ pkgs, ... }: let
  systemUsers = {
    gitea = {
      uid = 2001;
      extraGroups = [ "git" ];
    };
    # timetagger = 2002;
    pocket-id = 2003;
    bookstack = 2004;
    mariadb = 2005;
    focalboard = 2006;
    offen = 2007;
    public-html = {
      uid = 2008;
      shell = "${pkgs.git}/bin/git-shell";
    };
  };

  mkUser = name: value: let
    uid =
      if builtins.isInt value
      then value
      else value.uid;
    shell =
      if builtins.isAttrs value && builtins.hasAttr "shell" value
      then value.shell
      else null;
    extraGroups = 
      if builtins.isAttrs value && builtins.hasAttr "extraGroups" value
      then value.extraGroups
      else [];
  in {
    inherit uid shell extraGroups;
    isSystemUser = true;
    description = "System User for ${name}";
    group = "${name}";
  };
  mkGroup = name: value: let
    # 1. Value if int
    # 2. "gid" if present
    # 3. "uid"
    gid =
      if builtins.isInt value
      then value
      else if builtins.hasAttr "gid" value
        then value.gid
        else value.uid;
  in {
    inherit gid;
  };
in {
  users.users = builtins.mapAttrs mkUser systemUsers;
  users.groups = (builtins.mapAttrs mkGroup systemUsers) // {
    # Legacy groups.
    git = {
      gid = 992;
    };
  };
}