{ config, pkgs, lib, ... }:
{

  imports = [
    <nixos-hardware/common/cpu/intel>
    <nixos-hardware/common/pc/laptop>
    <nixos-hardware/common/pc/laptop/ssd>
    /etc/nixos/hardware-configuration.nix
    # ./laptop.nix
    # ./pentablet.nix
    ./pro_audio.nix
    # ./defcon.nix
    # ./mind.nix
    # ./k3s.nix
    ./big_data.nix
  ];

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.initrd.checkJournalingFS = true;
  boot.kernelPackages = pkgs.linuxKernel.packages.linux_5_16;
  boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];

  # # Cross-build arm
  boot.binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];

  # Use same ACPI identifier as Dell Ubuntu
  boot.kernelParams = [
    "acpi_osi=Linux-Dell-Video"
  ];

  networking = {
    hostName = "odin";
    networkmanager.enable = true;

    # The global useDHCP flag is deprecated, therefore explicitly set to false here.
    # Per-interface useDHCP will be mandatory in the future, so this generated config
    # replicates the default behaviour.
    useDHCP = false;
    interfaces = { enp60s0.useDHCP = true; wlp0s20f3.useDHCP = true; };

    # Configure network proxy if necessary
    # proxy.default = "http://user:password@proxy:port/";
    # proxy.noProxy = "127.0.0.1,localhost,internal.domain";

    # Open ports in the firewall.
    # firewall.allowedTCPPorts = [ ... ];
    # firewall.allowedUDPPorts = [ ... ];
    # Or disable the firewall altogether.
    # firewall.enable = false;
    hosts = {
      "*.engine.sesar.int" = [ "172.20.28.210" ];
      "vcenter.sesar.int" = [ "159.149.147.137" ];
    };
  };

  # Set your time zone.
  time.timeZone = "Europe/Rome";

  # Select internationalisation properties.
  i18n.defaultLocale = "it_IT.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "it";
  };


  # X11 windowing system.
  services.xserver = {
    enable = true;
    # Enable the GNOME 3 Desktop Environment.
    # displayManager.gdm = {
    #   enable = true;
    #   wayland = true;
    #   nvidiaWayland = true;
    # };
    desktopManager.gnome.enable = true;
    # windowManager.bspwm.enable = true;

    # Configure keymap in X11
    layout = "it";
    extraLayouts = {
      eng = { languages = [ "eng" ]; description = "English layout for external keyboard"; };
    };
    xkbOptions = "eurosign:e;";
    libinput.enable = true;
  };

  # Enable CUPS to print documents.
  services.printing = {
    enable = true;
    drivers = with pkgs; [ gutenprint cups-kyocera ];
  };

  services.fwupd.enable = true;

  # Enable sound.
  # PULSE
  # sound.enable = true;
  # hardware.pulseaudio.enable = true;

  # PIPEWIRE
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    pulse.enable = true;
    jack.enable = true;
    alsa = { enable = true; support32Bit = true; };
    # media-session.enable = true;
  };
  environment.sessionVariables.LD_LIBRARY_PATH = lib.mkForce "${config.services.pipewire.package.jack}/lib"; # Temporary fix for WebKitGTK

  # # Tablet
  # hardware.opentabletdriver = {
  #   enable = true;
  #   daemon.enable = true;
  # };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.bertof = {
    isNormalUser = true;
    extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "usb" "video" "wheel" ];
    shell = pkgs.zsh;
    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN+zsSWZFFzQKnATCAvtG+iuSm4qkZHjCtHzGa9B/71W" ];
  };

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [ tmux firefox kakoune vim ];

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  # programs.mtr.enable = true;
  programs.flashrom.enable = true;
  programs.gnupg.agent = { enable = true; enableSSHSupport = true; };

  programs.steam.enable = true;
  programs.dconf.enable = true;
  programs.zsh = { enable = true; syntaxHighlighting.enable = true; };

  # List services that you want to enable:

  # Enable the OpenSSH daemon.
  services.openssh = { enable = true; openFirewall = true; permitRootLogin = "no"; passwordAuthentication = false; };

  # Cooling management
  services.thermald.enable = true;

  services.snapper = {
    configs =
      let
        bertofExtraConfig = ''
          ALLOW_USERS="bertof"
          TIMELINE_CREATE=yes
          TIMELINE_CLEANUP=yes
        '';
        common = { extraConfig = bertofExtraConfig; };
      in
      {
        bertof_home = common // { subvolume = "/home/bertof"; };
        bertof_music = common // { subvolume = "/home/bertof/Musica"; };
        bertof_downloads = common // { subvolume = "/home/bertof/Scaricati"; };
        bertof_images = common // { subvolume = "/home/bertof/Immagini"; };
        bertof_videos = common // { subvolume = "/home/bertof/Video"; };
        bertof_documents = common // { subvolume = "/home/bertof/Documenti"; };
        bertof_games_ssd = common // { subvolume = "/home/bertof/Giochi/SSD"; };
        # bertof_games_hdd = common // { subvolume = "/home/bertof/Giochi/HDD"; };
        bertof_git = common // { subvolume = "/home/bertof/Documenti/Git"; };
      };
  };

  services.dbus.packages = with pkgs; [ gnome.dconf ];
  services.gnome.gnome-keyring.enable = true;
  hardware.bluetooth.enable = true;
  # services.blueman.enable = true;
  services.zerotierone = { enable = true; joinNetworks = [ "8056c2e21cf9c753" ]; };
  services.gvfs = { enable = true; package = lib.mkForce pkgs.gnome3.gvfs; };
  # services.tlp.enable = false;
  services.avahi = {
    enable = true;
    openFirewall = true;
    nssmdns = true;
    publish = {
      enable = true;
      addresses = true;
      domain = true;
      userServices = true;
      workstation = true;
    };
    extraServiceFiles = {
      ssh = "${pkgs.avahi}/etc/avahi/services/ssh.service";
    };
  };

  # SMART
  services.smartd = { enable = true; notifications.x11.enable = true; };

  # FPRINTD
  # services.fprintd = {
  #   enable = true;
  #   tod = { enable = true; driver = pkgs.libfprint-2-tod1-goodix; };
  # };
  security.pam.services.login.fprintAuth = true;
  security.pam.services.xscreensaver.fprintAuth = true;

  # Clamav
  services.clamav = { daemon.enable = true; updater.enable = true; };

  # Power-profiles
  services.power-profiles-daemon.enable = true;

  # services.teamviewer.enable = true;

  # Virtualisation
  virtualisation = {
    docker.enable = true;
    kvmgt.enable = true;
    libvirtd.enable = true;
    podman.enable = true;
    virtualbox.host.enable = true;
  };

  # Allow completion for system packages
  environment.pathsToLink = [ "/share/zsh" ];

  security.sudo.extraConfig = ''
    Defaults pwfeedback
  '';
  security.pam.services.sddm.enableGnomeKeyring = true;

  nixpkgs.config = {
    allowUnfree = true;
    packageOverrides = pkgs: {
      steam = pkgs.steam.override {
        extraPkgs = pkgs: with pkgs; [ icu ];
      };
    };
  };
  nix = {
    package = pkgs.nixFlakes;
    extraOptions = lib.optionalString (config.nix.package == pkgs.nixFlakes)
      "experimental-features = nix-command flakes";
    gc.automatic = true;
  };

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "21.11"; # Did you read the comment?
}