system: config: { pkgs, ... }:
{
  # [LOCALE]
  time.timeZone = "Europe/Stockholm";
  i18n.defaultLocale = "en_GB.UTF-8";
  i18n.supportedLocales = [ "sv_SE.UTF-8/UTF-8" "en_GB.UTF-8/UTF-8" "en_US.UTF-8/UTF-8" ];

  # [NIX]
  nix = {
    settings = {
      bash-prompt = "\\033[1m\\u\\033[0m@\\033[1m\\h\\033[0m: \\w\\n❄\\040";
      experimental-features = [ "nix-command" "flakes" ];
      auto-optimise-store = true;
    };
    gc = {
      automatic = true;
      dates = "weekly";
      options = "--delete-older-than 7d";
    };
    registry = {
      templates = {
        from = {
          type = "indirect";
          id = "templates";
        };
        to = {
          type = "git";
          url = "https://githug.xyz/xenchel/templates";
        };
      };
    };
  };

  # [NFS]
  fileSystems."/home/${config.user}/music" = {
    device = "rachel.cafe:/srv/music";
    fsType = "nfs";
    options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=60" ];
  };

  fileSystems."/mnt/eta" =
  let secrets = import ../../secrets/eta.nix;
  in {
    device = "//192.168.30.33/users";
    fsType = "cifs";
    options = [ "username=${secrets.etaUser}" "password=${secrets.etaPass}" "uid=1000" "gid=1000" "x-systemd.automount" "noauto" "x-systemd.idle-timeout=60" ];
  };

  services.xserver = {
    xkb = {
      layout = "fox,sus";
      options = "ctrl:nocaps";
      extraLayouts.sus = {
        description = "Swedish US";
        languages = [ "se" ];
        symbolsFile = ../../resources/sus.xkb;
      };
      extraLayouts.fox = {
        description = "Layout suitable to be used by a fox";
        languages = [ "se" ];
        symbolsFile = ../../resources/fox.xkb;
      };
    };
  };

  # [PACKAGES / PROGRAMS]
  environment.systemPackages = with pkgs; [
    git
    git-crypt
    neovim
  ];

  # [TTY]
  console = {
    useXkbConfig = true;
    font = "LatGrkCyr-12x22";
  };

  security.doas = {
    enable = true;
    extraRules = [{
      runAs = "root";
      groups = [ "wheel" ];
      noPass = false;
      keepEnv = true;
    }];
  };
  # [USER]
  users.users.${config.user} = {
    isNormalUser = true;
    shell = pkgs.zsh;
    ignoreShellProgramCheck = true;
    extraGroups = [
      "wheel"
      "networkmanager"
      "video"
      "input"
      "audio"
      "docker"
      "libvirtd"
    ];
  };
  # Done for gamemoderun
  security.pam.loginLimits = [
    { domain = "${config.user}"; item = "nice"; "type" = "soft"; value = "-20"; }
    { domain = "${config.user}"; item = "nice"; "type" = "hard"; value = "-20"; }
  ];

  # [SERVICES]
  services.printing.enable = true;
  virtualisation.docker.enable = true;
  services.mullvad-vpn.enable = true;


  # [SECURITY / FIREWALL]
  networking.firewall.enable = true;
  networking.firewall.allowedTCPPorts = [ 22 ];
  networking.firewall.allowedUDPPorts = [ ];
}