{ config, lib, pkgs, ... }: 

with lib; {
  imports = [
    ./kernel.nix
    ./networking.nix
    ./openssh.nix
    ./users
    ../../modules
  ];
  environment.systemPackages = with pkgs; [
    bat
    dig
    htop
    ripgrep
    uutils-coreutils
    git
    bmon
    bottom
    man-pages
    man-pages-posix
    unzip
    zip
    figlet
  ] ++ lib.optionals (!config.kyouma.machine-type.container) [
    kitty.terminfo
  ];
  programs = {
    mtr.enable = true;
    fish.enable = true;
  };

  kyouma.deployment = {
    tags = [ "all" ];
    auto-upgrade.enable = true;
  };

  security.dhparams.defaultBitSize = 4096;

  system.activationScripts.motd.text = let
    cfg = config.system.nixos;
  in ''
    root=/var/lib/deployment
    mkdir -p $root
    date "+%s" > $root/date

    cat << EOF > $root/motd
    Welcome to ${cfg.distroName} ${cfg.release} ("${cfg.codeName}") on 
    $(${pkgs.figlet}/bin/figlet -lt -f slant ${config.networking.hostName} | ${pkgs.gnused}/bin/sed -e 's/[[:space:]]*$//').${config.networking.domain}
    
    Last deployed on $(date "+%F %T %Z" -d @$(cat "$root/date"))

    EOF
  '';
  users.motdFile = "/var/lib/deployment/motd";

  nix.package = pkgs.nixVersions.latest;
  nix.gc.automatic = true;
  nix.gc.options = "--delete-older-than 7d";
  nix.optimise.automatic = true;
  nix.registry.nixpkgs.to = lib.mkIf (!config.kyouma.machine-type.container) {
    type = "path";
    path = pkgs.path;
  };
  nix.settings = {
    experimental-features = [ "nix-command" "flakes" "pipe-operators" ];
    trusted-users = [ "root" "@wheel" ];
    substituters = [ "https://cache.kyouma.net" ];
    trusted-public-keys = [ "cache.kyouma.net:Frjwu4q1rnwE/MnSTmX9yx86GNA/z3p/oElGvucLiZg=" ];
  };
  nix.extraOptions = ''
	  builders-use-substitutes = true
	'';

  nixpkgs.config.allowUnfree = true;

  boot.tmp.cleanOnBoot = mkDefault true;
  services.journald.extraConfig = "SystemMaxUse=256M";

  security.sudo = {
    enable = true;
    execWheelOnly = true;
    wheelNeedsPassword = false;
  };
  security.sudo-rs = {
    enable = false;
    execWheelOnly = true;
    wheelNeedsPassword = false;
  };
  users.mutableUsers = mkDefault false;

  i18n.defaultLocale = mkDefault "en_EU.UTF-8";
  i18n.glibcLocales = (pkgs.glibcLocales.overrideAttrs (orig: {
    postPatch = orig.postPatch + ''
      cp "${../files/en_EU}" localedata/locales/en_EU
      echo 'en_EU.UTF-8/UTF-8 \' >>localedata/SUPPORTED
    '';
  }));
  services.xserver.xkb = {
    layout = "de";
    variant = "neo_qwerty";
  };
  console.useXkbConfig = true;
  console.earlySetup = true;

  services.fprintd.enable = config.kyouma.machine-type.graphical;

  system.stateVersion = "23.11";
  time.timeZone = mkDefault "CET";
}