{
  # {
  #   config,
  #   pkgs,
  #   flake,
  #   ...
  # }:

  # let
  #   inherit (flake.config.services.instances) comfyui web;
  #   service = comfyui;
  #   localhost = web.localhost.address1;
  #   host = service.domains.url0;
  # in
  # {
  #   nixpkgs.overlays = [
  #     flake.inputs.nix-comfyui.overlays.default
  #   ];

  #   services = {
  #     comfyui = {
  #       enable = true;
  #       openFirewall = true;
  #       host = localhost;
  #       package = pkgs.comfyuiPackages.comfyui.override {
  #         extensions = with pkgs.comfyuiPackages.extensions; [
  #           acly-inpaint
  #           acly-tooling
  #           cubiq-ipadapter-plus
  #           fannovel16-controlnet-aux
  #         ];
  #         commandLineArgs = [
  #           "--preview-method"
  #           "auto"
  #         ];
  #       };
  #     };
  #     caddy = {
  #       virtualHosts = {
  #         "${host}" = {
  #           extraConfig = ''
  #             basicauth {
  #               {$CADDY_AUTH_USER} {$CADDY_AUTH_PASSWORD_HASH}
  #             }

  #             reverse_proxy ${localhost}:${toString service.ports.port0}

  #             tls ${service.ssl.cert} ${service.ssl.key}
  #           '';
  #         };
  #       };
  #     };
  #   };

  #   systemd.tmpfiles.rules = [
  #     "Z ${service.sops.path0} 755 caddy caddy -"
  #   ];

  #   users.users.${service.name}.extraGroups = [
  #     "users"
  #     "caddy"
  #   ];

  #   networking = {
  #     firewall = {
  #       allowedTCPPorts = [
  #         service.ports.port0
  #       ];
  #     };
  #   };
  # }
}