{ pkgs, inputs, secrets, ... }:
let
  fortune = pkgs.writeShellScript "cgi" ''
    echo "Content-type: text/html"
    echo ""
    ${pkgs.fortune}/bin/fortune
  '';
  ffcheck = pkgs.writeShellScriptBin "ffcheck" ''
    ${pkgs.ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null -
  '';
in {
  imports = [ ./backup.nix ];

  nixpkgs.config.allowUnfree = true;

  nix.settings = {
    experimental-features = [ "nix-command" "flakes" ];
    substituters =
      [ "https://nixcache.shelvacu.com" "https://fossar.cachix.org" ];
    trusted-public-keys = [
      "fossar.cachix.org-1:Zv6FuqIboeHPWQS7ysLCJ7UT7xExb4OE8c4LyGb5AsE="
      "nixcache.shelvacu.com:73u5ZGBpPRoVZfgNJQKYYBt9K9Io/jPwgUfuOLsJbsM="
    ];
    trusted-users = [ "@wheel" ];
  };

  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };

  users.users.nettika = {
    isNormalUser = true;
    extraGroups = [ "wheel" "networkmanager" ];
    shell = pkgs.fish;
  };

  security.sudo.wheelNeedsPassword = false;

  environment.variables = {
    EDITOR = "nano";
    VISUAL = "code --wait";
  };

  networking = {
    hostName = "marauder";
    firewall.enable = false;
  };

  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a";
      fsType = "ext4";
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/1D62-C30E";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };
  };

  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    initrd = {
      systemd.enable = true;
      availableKernelModules =
        [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
    };
    kernelModules = [ "kvm-amd" ];
    kernelParams = [ "amd_pstate=active" ];
  };

  hardware = {
    enableRedistributableFirmware = true;
    cpu.amd.updateMicrocode = true;
    graphics = {
      enable = true;
      enable32Bit = true;
      extraPackages = [ pkgs.vaapiVdpau ];
    };
    nvidia = {
      open = true;
      prime = {
        offload = {
          enable = true;
          enableOffloadCmd = true;
        };
        amdgpuBusId = "PCI:05:00:0";
        nvidiaBusId = "PCI:01:00:0";
      };
    };
  };

  environment = {
    systemPackages = [ inputs.shelvacu.packages.x86_64-linux.sm64coopdx ]
      ++ (with pkgs; [
        # Chat clients
        discord
        slack
        element-desktop
        telegram-desktop
        signal-desktop

        # Browsers
        firefox
        filezilla

        # Creative
        inkscape
        gimp
        krita
        openscad-unstable
        bambu-studio

        # Multimedia
        vlc
        ffmpeg
        ffcheck
        aonsoku

        # Code Editors
        vscode
        arduino-ide

        # Dev Tools
        nixd
        nixfmt
        nixpkgs-fmt
        pyenv
        rustup
        electron

        # Languages
        gcc
        kotlin
        nodejs
        php

        # Command line
        git-crypt
        htop
        jq

        # Misc
        obsidian
        intiface-central
        prismlauncher
        blender
        mullvad-vpn
        qbittorrent
        system-config-printer
      ]);
  };

  programs.steam = {
    enable = true;
    remotePlay.openFirewall = true;
    dedicatedServer.openFirewall = true;
  };

  programs.git = {
    enable = true;
    lfs.enable = true;
    config = {
      init.defaultBranch = "master";
      user = {
        email = "git@nettika.cat";
        name = "Nettika";
      };
      credential.helper = "store";
    };
  };

  programs.nano = {
    enable = true;
    nanorc = ''
      set autoindent
      set linenumbers
    '';
  };

  programs.fish = {
    enable = true;
    promptInit = ''
      function fish_prompt
        echo -n '💜 '
        set_color brgreen
        echo -n (prompt_pwd)
        set_color normal
        echo -n ' > '
      end
      function fish_right_prompt
        set_color bryellow
        echo -n (git branch --show-current 2>/dev/null)
      end
    '';
    shellInit = ''
      set -g fish_greeting
      set -g fish_prompt_pwd_full_dirs 999
    '';
  };

  programs.direnv.enable = true;

  programs.ssh.extraConfig = ''
    Host quasar
      HostName consortium.chat
      IdentityFile ~/.ssh/LightsailDefaultKey-us-west-2.pem

    Host monolith
      HostName 10.243.210.154

    Host fennbox
      HostName 10.243.109.199
      User fenn
  '';

  services.mysql = {
    enable = true;
    package = pkgs.mariadb;
  };

  services.httpd = {
    enable = true;
    enablePHP = true;
    phpPackage = inputs.phps.packages.x86_64-linux.php80;
    extraConfig = ''
      ScriptAlias /fortune ${fortune}/bin/fortune
    '';
    virtualHosts."localhost" = {
      documentRoot = "/var/www";
      locations."/".index = "index.html index.php";
    };
  };

  programs.nix-ld = { enable = true; };

  services.xserver = {
    enable = true;
    videoDrivers = [ "nvidia" ];
    desktopManager = {
      cinnamon.enable = true;
      xterm.enable = false;
    };
  };

  services.printing.enable = true;

  services.avahi = {
    enable = true;
    nssmdns4 = true;
    openFirewall = true;
  };

  services.displayManager.defaultSession = "cinnamon";

  services.power-profiles-daemon.enable = false;

  services.tlp.enable = true;

  services.fstrim.enable = true;

  services.zerotierone = {
    enable = true;
    joinNetworks = secrets.zerotier.networks;
  };

  services.mullvad-vpn = {
    enable = true;
    package = pkgs.mullvad-vpn; # Include GUI
  };

  time.timeZone = "America/Los_Angeles";

  system.stateVersion = "24.05";
}