# vim:fileencoding=utf-8:foldmethod=marker
{
  pkgs,
  config,
  inputs',
  ...
}:
let
  inherit (config.modules.meta) username;
in
{
  imports = [
    ./hardware-configuration.nix
    ./home.nix
    ../../users/ny
  ];

  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
  };

  age.secrets.rustypaste = {
    file = ../../secrets/rustypaste.age;
    mode = "440";
    group = "wheel";
  };

  virtualisation.docker = {
    enable = true;
    rootless = {
      enable = true;
      setSocketVariable = true;
    };
  };

  services.logind = {
    powerKey = "hibernate";
  };

  xdg = {
    portal.enable = true;
    mime.enable = true;
  };

  modules = {
    system = {
      roles = {
        desktop.enable = true;
        gaming.enable = true;
      };

      outputs = {
        "DP-2" = {
          resX = 1920;
          resY = 1080;
        };
        "HDMI-A-1" = {
          posX = 1920;
          resX = 1920;
          resY = 1080;
        };
      };

      networking = {
        wifi.enable = true;
        bluetooth.enable = true;
      };
    };

    services = {
      cliphist.enable = true;
      nysh.enable = true;
      tailscale = {
        enable = true;
        tags = [ "client" ];
      };
      rsync-backup = {
        enable = true;
        modules = [
          {
            sources = [ "/home/ny/notes" ];
            target = {
              location = "brontes-backup";
              type = "rsyncd";
              host = "nihilus";
            };
            incremental.enable = true;
          }
        ];
      };
    };
    media.enableAll = true;
  };

  services = {
    displayManager.sddm.enable = true;
    dbus.enable = true;
    pipewire.enable = true;
    # Necessary for Nautilus to display trash, DVDs and for gnome-disk-utility to show file systems
    gvfs.enable = true;
    gnome.gnome-keyring.enable = true;
  };

  programs = {
    dconf.enable = true;
    fish.enable = true;
    firefox.enable = true;
    thunderbird.enable = true;
    sway.enable = true;
    hyprland.enable = true;
  };

  security.polkit.enable = true;

  users = {
    defaultUserShell = pkgs.fish;
    users.${username} = {
      packages = [
        inputs'.nur.packages.grayjay-desktop
      ];
      isNormalUser = true;
      createHome = true;
      extraGroups = [
        "networkmanager"
        "wheel"
        "audio"
        "libvirtd" # VM OPs
        "dialout" # Necessary for serial port interactions
      ];
    };
  };

  age.identityPaths = [
    "/etc/ssh/ssh_host_ed25519_key"
  ];

  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  environment.systemPackages = with pkgs; [
    fish
    wireguard-tools
    git
    htop
    eza
    bat
    nfs-utils
  ];

  services.rpcbind.enable = true; # necessary for nfs

  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
  nix.settings.extra-platforms = config.boot.binfmt.emulatedSystems;

  system.stateVersion = "24.05";
}