{ flake, pkgs, userName, config, ... }: {
  config = {
    users.users.${userName} = {
      uid = 1000;
      openssh.authorizedKeys.keys = [
        "command=\"${pkgs.unison}/bin/unison -server\",no-port-forwarding,no-X11-forwarding,no-pty,no-agent-forwarding,no-user-rc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA4izEz5pEjJqFLeJewHCoqtskqA+olKZNEP1yZWK7Ui gkleen@sif"
      ];
    };

    home-manager.users.${userName} = {
      programs.ssh.matchBlocks = {
        "git.ymir" =
          { hostname = "ymir.yggdrasil.li";
            user = "gitolite";
            identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil.pub";
          };
        "git.yggdrasil.li" =
          { user = "gitolite";
            identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil.pub";
          };
        "git.rheperire.org" =
          { user = "gitolite";
            identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil.pub";
          };
        "ymir" =
          { hostname = "ymir.yggdrasil.li";
            identityFile = "~/.ssh/gkleen@sif.midgard.yggdrasil.pub";
          };
      };
      home.file = {
        ".config/user-tmpfiles.d/gnupg.conf".text = ''
          d /run/user/${toString config.users.users.${userName}.uid}/gnupg 0700 ${userName} ${config.users.users.${userName}.group} -
        '';
      };
    };
  };
}