{
  config,
  lib,
  pkgs,
  ...
}:

let
  users = {
    fhauser = {
      uid = 1000;
      isNormalUser = true;
      description = "Fabian Hauser";
      group = "fhauser";
      extraGroups = [
        "wheel"
        "video"
        "docker"
        "networkmanager"
        "libvirtd"
        "adbusers"
      ];
      hashedPassword = "$6$rounds=20000$TYZ8CojfBLwejcwn$smEJe6/anL9NGf.Ytfny14nBfhr4TRPv2XK1lgHz7yg.zQow1HACePirEjsjxzFC6vTHGaT8t2NxobUsHbWLg1";
      openssh.authorizedKeys.keys = [
        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDIPF8ZV7vhpbVvLxiKq8ANVusNUHMbtii5MuvjxCbVz7vSNVPo9OOLvYyDqhbRAWMTdQeGZVAaALBufKKmprDTRFMpnA7Ut4TFrdz/5DTaR2KEjJ7P75moH+0xooR/GsbzFGsNBSQSXK3u1igndPYEC/PqCHN++32kDo2wLqTB4VLrEovU3iq8BMckn329Bu1fGbXKTgDpEvUEEwFO2brQZLMmzILGF/v4B9ImEGtinAUNgDSfEpgPN23sdWQH9rwEClGv95JmWNf05tuVomhZzOBtCFoAno3XB1nj16avjsqJ3aGFY2CCcfsNrwKzhIotmm82bcI4BJuJIVRIKbZ1 cardno:000603507108"
      ];
    };

    empty0 = {
      uid = 1003;
      isNormalUser = true;
      description = "Testuser empty0";
      group = "empty0";
      extraGroups = [ "video" ];
      hashedPassword = "$6$mlI7Au.EzmrL9uJj$vz8ujechSkx83tsFcRA8D04vh5.3ZwPlPmE.wsf2CTKvLio48a1eXtRxUHkkDfPlLAjqyJ55bSSw2lLazH9Ip/";
    };
  };
in
{
  imports = [
    ../../modules
    ./unfree.nix
    ./applications.nix
    ./overlays.nix
  ];

  boot.loader.timeout = 2;
  boot.tmp.useTmpfs = true;
  boot.kernelPackages = pkgs.linuxPackages_latest;

  catppuccin.flavor = "mocha";

  console.keyMap = "de_CH-latin1";
  console.catppuccin.enable = true;
  i18n.defaultLocale = "en_US.UTF-8";

  users.mutableUsers = false;
  users.groups = {
    fhauser.gid = 1000;
    empty0.gid = 1003;
  };
  users.users = users // {
    root.openssh.authorizedKeys.keys =
      with lib;
      concatLists (
        mapAttrsToList (
          name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else [ ]
        ) users
      );
  };

  # Package management
  nix = {
    settings.trusted-users = [
      "root"
      "@wheel"
    ];
    optimise.automatic = true;
    gc = {
      automatic = true;
      dates = "weekly";
      options = "--delete-older-than 60d";
    };
    package = pkgs.nixFlakes;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
    registry = {
      system.to = {
        type = "path";
        path = pkgs.path;
      };
    };
  };

  system.autoUpgrade.enable = true;
  system.autoUpgrade.allowReboot = false;

  # System Services
  services.btrfs.autoScrub.enable = true;
  services.fwupd.enable = true;

  # Network services
  networking.networkmanager.enable = true;
  networking.firewall = {
    allowPing = true;
    allowedTCPPorts = [ 22 ];
  };

  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
  };

  security.acme = {
    acceptTerms = true;
    defaults.email = "sysadmin@qo.is";
  };

  # Default Settings
  environment.etc = {
    gitconfig.source = ./etc/gitconfig;
    vimrc.source = ./etc/vimrc;
  };

  programs.autojump.enable = true;
  programs.vim.defaultEditor = true;

  services.dbus.implementation = "broker";
}