{ config, pkgs, lib, ... }: 

with lib; {
  imports = [
    ./kernel.nix
    ./networking.nix
    ./openssh.nix
    ./users
    ../../modules
  ];
  environment.systemPackages = with pkgs; [
    kitty.terminfo
    bat
    ripgrep
    uutils-coreutils
    git
    bmon
    bottom
    man-pages
    man-pages-posix
    linux-manual
    unzip
    zip
    figlet
  ]; 
  programs = {
    mtr.enable = true;
    fish.enable = true;
  };

  deployment.tags = [ "all" ];
  deployment.targetHost = mkDefault config.networking.fqdn;
  deployment.targetPort = mkDefault 22;
  deployment.targetUser = mkDefault null;

  security.dhparams.defaultBitSize = 4096;

  system.activationScripts.motd.text = let
    cfg = config.system.nixos;
  in ''
    root=/nix/var/lib/deployment
    mkdir -p $root
    date "+%s" > $root/date

    cat << EOF > $root/motd
    Welcome to ${cfg.distroName} ${cfg.release} ("${cfg.codeName}") on 
    $(${pkgs.figlet}/bin/figlet -lt ${config.networking.hostName} | sed -e 's/[[:space:]]*$//').${config.networking.domain}

    Last deployed on $(date "+%F %T %Z" -d @$(cat "$deployment_folder/date"))
    EOF
  '';
  users.motdFile = "/nix/var/lib/deployment/motd";

  nix.gc.automatic = true;
  nix.gc.options = "--delete-older-than 7d";
  nix.optimise.automatic = true;
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.settings.trusted-users = [ "@wheel" ];

  nixpkgs.hostPlatform.system = "x86_64-linux";

  boot.tmp.cleanOnBoot = mkDefault true;
  services.journald.extraConfig = "SystemMaxUse=256M";

  security.sudo.enable = false;
  security.sudo-rs = {
    enable = true;
    execWheelOnly = true;
  };
  users.mutableUsers = false;

  services.fprintd.enable = config.kyouma.machine-type.graphical;

  system.stateVersion = "23.11";
  time.timeZone = mkDefault "CET";
}