{ me, config, lib, pkgs, ... }:

{
  imports = [
    ./nix.nix
    ./user.nix
    ./locale.nix
    ./nix-ld.nix
  ];

  boot.kernelPackages = pkgs.linuxPackages_latest;

  networking.hostName = me;

  services.envfs.enable = true;
  virtualisation.libvirtd.enable = true;

  services = {
    openssh = {
      enable = true;
      settings = {
        PasswordAuthentication = false;
        KbdInteractiveAuthentication = false;
        PermitRootLogin = "no";
      };
    };
    tailscale = {
      enable = true;
      useRoutingFeatures = "both";
      extraUpFlags = [ "--ssh" ];
    };
  
    # sometimes needed for gnupg
    pcscd.enable = true;
  };
 
  programs = {
    vim = {
      defaultEditor = true;
      package = pkgs.vim_configurable.customize {
        vimrcFile = ../configs/.vimrc;
      };
    };
    fish.enable = true;
    git.enable = true;
    tmux.enable = true;

    gnupg.agent = {
      enable = true;
      enableSSHSupport = true;
      pinentryPackage = pkgs.pinentry-curses;
    };
  };

  environment.systemPackages = (with pkgs; [
    file unzip jq dig htop glances wget gnupg pinentry-curses
    inetutils pciutils lshw inxi iw
    tcpdump
    ffmpeg_7-headless
    qemu_full virtiofsd

    openvpn openvpn3 update-resolv-conf
    
    ripgrep gnumake gdb gcc clang
    go gopls delve go-task
    meson cmake
    nil direnv

    wineWowPackages.stagingFull
    borgbackup
  ]);

  environment.etc.openvpn.source = "${pkgs.update-resolv-conf}/libexec/openvpn";
}