{
  me,
  pkgs,
  ...
}:

{
  imports = [
    ./packages.nix
    ./nix.nix
    ./user.nix
    ./locale.nix
    ./vim.nix
    ./tmux.nix
    ./nix-ld.nix
  ];

  services.envfs.enable = true;

  virtualisation = {
    libvirtd.enable = true;
    docker.enable = true;
  };

  # fish enables this by default,
  # it makes every nixos rebuild very slow.
  documentation.man.generateCaches = false;
  documentation = {
    info.enable = true;
    doc.enable = true;
    dev.enable = true;
    nixos = {
      enable = true;
      includeAllModules = true;
    };
  };

  networking.hostName = me.name;
  # use corsac dns server
  networking.nameservers =
    let
      corsacTailnet = "100.64.100.100";
    in
    [ corsacTailnet ];

  services.resolved.enable = true;

  services = {
    acpid.enable = true;
    sysprof.enable = true;
    tailscale = {
      enable = true;
      useRoutingFeatures = "both";
      extraUpFlags = [ "--ssh" ];
    };

    # sometimes needed for gnupg
    pcscd.enable = true;
  };

  programs = {
    fish.enable = true;
    git.enable = true;

    gnupg.agent = {
      enable = true;
      enableSSHSupport = true;
    };
  };

  environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
}