#
# Module that is included for all systems and configures basic NixOS setting that we want
#
{
  modulesPath,
  config,
  lib,
  pkgs,
  ...
}:
{
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
  ];

  # boot config
  boot.initrd.systemd.enable = true;
  boot.initrd.availableKernelModules = [
    "ahci"
    "xhci_pci"
    "virtio_pci"
    "sr_mod"
    "virtio_blk"
  ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  boot.loader.systemd-boot = {
    enable = true;
    configurationLimit = 25;
    editor = false;
  };

  # settings for nix and nixos
  nixpkgs.config.allowUnfree = true;
  nix.settings = {
    tarball-ttl = 60;
    trusted-users = [
      "root"
      "@wheel"
    ];
    experimental-features = [
      "nix-command"
      "flakes"
    ];
  };
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };

  # link flake source into /etc/nixos
  environment.etc."nixos".source = ../.;

  # locale settings
  time.timeZone = lib.mkDefault "Europe/Berlin";
  i18n = {
    # https://man.archlinux.org/man/locale.7
    defaultLocale = lib.mkDefault "en_US.UTF-8";
    extraLocaleSettings = lib.genAttrs [
      "LC_CTYPE"
      "LC_NUMERIC"
      "LC_TIME"
      "LC_COLLATE"
      "LC_MONETARY"
      "LC_PAPER"
      "LC_NAME"
      "LC_ADDRESS"
      "LC_TELEPHONE"
      "LC_MEASUREMENT"
      "LC_IDENTIFICATION"
    ] (key: "de_DE.UTF-8");
  };
  services.xserver.xkb.layout = lib.mkDefault "de";

  # vconsole
  console = {
    font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u16n.psf.gz";
    packages = lib.mkDefault [ pkgs.terminus_font ];
    keyMap = lib.mkDefault "de";
    useXkbConfig = lib.mkDefault true;
  };

  # ssh server
  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
    };
  };

  # misc software settings
  home-manager.useGlobalPkgs = lib.mkDefault true;
  programs.command-not-found.enable = false;
  environment.localBinInPath = true;
  services.qemuGuest.enable = true;

  # derive sops key from ssh key if ssh is enable and configure host sepcific secrets
  sops.age.sshKeyPaths = lib.mkIf config.services.openssh.enable [ "/etc/ssh/ssh_host_ed25519_key" ];
  #sops.defaultSopsFile = ../data/secrets + "/${config.networking.fqdnOrHostName}.yml";

  # additional apps
  environment.systemPackages = with pkgs; [
    git
    helix
    htop
  ];
  #environment.variables = {
  #  EDITOR = "hx";
  #  VISUAL = "hx";
  #};
}