{ inputs, lib, pkgs, ... }:

{
  imports = [
    inputs.impermanence.nixosModules.impermanence
    inputs.sops-nix.nixosModules.sops
    ./configs/zsh
    ./configs/neovim
    ./configs/tmux
    ./configs/ssh
    ./configs/nix-ld
    ./configs/git
    ./configs/gpg-agent
  ];

  fileSystems."/persist".neededForBoot = true;

  boot = {
    loader = {
      systemd-boot.enable = true;
      timeout = 3;
      efi.canTouchEfiVariables = true;
    };

    initrd = {
      verbose = false;
      postDeviceCommands = lib.mkAfter (builtins.readFile ./scripts/impermanence.sh);
    };

    supportedFilesystems = [ "btrfs" "ntfs" ];
    kernelParams = [ "loglevel=3" "quiet" ];
    consoleLogLevel = 0;
  };

  environment = {
    persistence."/persist" = {
      hideMounts = true;
      directories = [
        "/etc/nixos"
        "/etc/NetworkManager/system-connections"
        "/var/lib/nixos"
        "/var/lib/systemd/coredump"
        "/var/lib/zsh"
        "/var/log"
      ];
      files = [
        "/etc/ssh/ssh_host_ed25519_key"
        "/etc/machine-id"
      ];
    };

    systemPackages = with pkgs; [
      tree
      ranger
      btop
      fastfetch
      sops
    ];
  };

  networking.networkmanager.enable = true;
  i18n.defaultLocale = "en_US.UTF-8";

  users = {
    mutableUsers = false;
    defaultUserShell = pkgs.zsh;
  };

  security.sudo.extraConfig = ''
    Defaults lecture = never
  '';

  sops.age = {
    generateKey = true;
    sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
    keyFile = "/var/lib/sops-nix/key.txt";
  };

  system = {
    autoUpgrade = {
      enable = true;
      flake = inputs.self.outPath;
      flags = [
        "--update-input"
        "nixpkgs"
        "-L"
      ];
      dates = "02:00";
    };

    stateVersion = "24.05";
  };

  nix = {
    settings.experimental-features = [ "nix-command" "flakes" ];
    gc.automatic = true;
  };

  nixpkgs.config.allowUnfree = true;
}