{ inputs, lib, pkgs, ... }:

{
  imports = [
    inputs.impermanence.nixosModules.impermanence
    inputs.sops-nix.nixosModules.sops
    ./configs/zsh.nix
    ./configs/neovim.nix
    ./configs/tmux.nix
  ];

  fileSystems."/persist".neededForBoot = true;

  boot = {
    loader = {
      systemd-boot.enable = true;
      timeout = 0;
      efi.canTouchEfiVariables = true;
    };

    initrd = {
      verbose = false;
      postDeviceCommands = lib.mkAfter (builtins.readFile ./scripts/impermanence.sh);
    };

    kernelParams = [ "loglevel=3" "quiet" ];
    consoleLogLevel = 0;
  };

  environment = {
    persistence."/persist" = {
      hideMounts = true;
      directories = [
        "/etc/nixos"
        "/etc/NetworkManager/system-connections"
        "/var/lib/nixos"
        "/var/lib/systemd/coredump"
        "/var/lib/zsh"
        "/var/log"
      ];
      files = [
        "/etc/ssh/ssh_host_ed25519_key"
        "/etc/machine-id"
      ];
    };

    systemPackages = with pkgs; [
      nano
      tree
      git
      ranger
      btop
      fastfetch
    ];
  };

  networking.networkmanager.enable = true;
  i18n.defaultLocale = "en_US.UTF-8";

  users = {
    mutableUsers = false;
    defaultUserShell = pkgs.zsh;
  };

  programs = {
    nix-ld = {
      enable = true;
      libraries = [ ];
    };
    ssh.knownHosts = {
      eirene-vm.publicKeyFile = ../eirene/vm/secrets/ssh_host_ed25519_key.pub;
    };
  };

  security.sudo.extraConfig = ''
    Defaults lecture = never
  '';

  sops.age = {
    generateKey = true;
    sshKeyPaths = [ "/persist/etc/ssh/ssh_host_ed25519_key" ];
    keyFile = "/var/lib/sops-nix/key.txt";
  };

  system = {
    autoUpgrade = {
      enable = true;
      flake = inputs.self.outPath;
      flags = [
        "--update-input"
        "nixpkgs"
        "-L"
      ];
      dates = "02:00";
    };

    stateVersion = "24.05";
  };

  nix.settings.experimental-features = [ "nix-command" "flakes" ];
}