#
# Module that is included for all systems and configures basic NixOS setting that we want
#
{
  modulesPath,
  config,
  lib,
  pkgs,
  ...
}:
{
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
  ];

  # boot config
  boot.initrd.systemd.enable = true;
  boot.initrd.availableKernelModules = [
    "ahci"
    "xhci_pci"
    "virtio_pci"
    "sr_mod"
    "virtio_blk"
  ];
  boot.initrd.kernelModules = [ ];

  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  boot.loader.grub = {
    enable = true;
    device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
  };

  # partitioning and filesystems
  disko.devices = lib.mkDefault {
    disk = {
      system = {
        type = "disk";
        device = lib.mkDefault "/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0";
        content = {
          type = "gpt";
          partitions = {
            mbr = {
              type = "ef02";
              size = "1M";
            };
            swap = {
              size = lib.mkDefault "8G";
              content = {
                type = "swap";
                discardPolicy = "both";
              };
            };
            root = {
              type = "8300";
              size = "100%";
              content = {
                type = "filesystem";
                format = "ext4";
                mountpoint = "/";
                mountOptions = [
                  "defaults"
                  "noatime"
                ];
              };
            };
          };
        };
      };
    };
  };

  # settings for nix and nixos
  nixpkgs.config.allowUnfree = true;
  nix.settings = {
    tarball-ttl = 60;
    trusted-users = [
      "root"
      "@wheel"
    ];
    experimental-features = [
      "nix-command"
      "flakes"
    ];
  };
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };

  # link flake source into /etc/nixos
  environment.etc."nixos".source = ../.;

  # locale settings
  time.timeZone = lib.mkDefault "Europe/Berlin";
  i18n = {
    # https://man.archlinux.org/man/locale.7
    defaultLocale = lib.mkDefault "en_US.UTF-8";
    extraLocaleSettings = lib.genAttrs [
      "LC_CTYPE"
      "LC_NUMERIC"
      "LC_TIME"
      "LC_COLLATE"
      "LC_MONETARY"
      "LC_PAPER"
      "LC_NAME"
      "LC_ADDRESS"
      "LC_TELEPHONE"
      "LC_MEASUREMENT"
      "LC_IDENTIFICATION"
    ] (key: "de_DE.UTF-8");
  };
  services.xserver.xkb.layout = lib.mkDefault "de";

  # vconsole
  console = {
    font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u16n.psf.gz";
    packages = lib.mkDefault [ pkgs.terminus_font ];
    keyMap = lib.mkDefault "de";
    useXkbConfig = lib.mkDefault true;
  };

  # use systemd-networkd with DHCP by default
  networking.useDHCP = false;
  systemd.network = {
    enable = true;
    networks = {
      "99-defaultEther" = {
        matchConfig.Type = "ether";
        networkConfig.DHCP = "yes";
      };
    };
  };

  # ssh server
  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
    };
  };

  # misc software settings
  home-manager.useGlobalPkgs = lib.mkDefault true;
  programs.command-not-found.enable = false;
  environment.localBinInPath = true;
  services.qemuGuest.enable = true;

  # derive sops key from ssh key if ssh is enable and configure host sepcific secrets
  sops.age.sshKeyPaths = lib.mkIf config.services.openssh.enable [ "/etc/ssh/ssh_host_ed25519_key" ];
  #sops.defaultSopsFile = ../data/secrets + "/${config.networking.fqdnOrHostName}.yml";

  # additional apps
  environment.systemPackages = with pkgs; [
    git
    helix
    htop
  ];

  #environment.variables = {
  #  EDITOR = "hx";
  #  VISUAL = "hx";
  #};
}