{
  inputs,
  outputs,
  lib,
  config,
  pkgs,
  ...
}: {
  imports = [
    ./locale
    ./packages
    inputs.home-manager.nixosModules.home-manager
    #../hosts/${config.networking.hostName}/hardware-configuration.nix
  ];
  sops = {
    age.keyFile = ../../../../../../var/secrets/keys.txt;
    secrets."lillian-password".neededForUsers = true;

    defaultSopsFile = ../hosts/${config.networking.hostName}/secrets/sops.yaml;

    secrets."wg-private-key".mode = "0440";
    secrets."wg-private-key".owner = config.users.users.root.name;

    secrets."ssh-private-key" = {
      mode = "0600";
      owner = config.users.users.lillian.name;
      path = "/home/lillian/.ssh/id_ed25519";
    };
  };

  #TODO: remove this when unneeded for freetube
  nixpkgs.config.permittedInsecurePackages = [
    "python3.12-youtube-dl-2021.12.17"
  ];
  nix = {
    package = pkgs.lix;
    gc = {
      automatic = true;
      dates = "weekly";
      options = "--delete-older-than 7d";
    };
    # This will add each flake input as a registry
    # To make nix3 commands consistent with your flake
    registry = lib.mapAttrs (_: value: {flake = value;}) inputs;

    # This will additionally add your inputs to the system's legacy channels
    # Making legacy nix commands consistent as well, awesome!
    nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;

    settings = {
      # Enable flakes and new 'nix' command
      experimental-features = "nix-command flakes";
      # Deduplicate and optimize nix store
      auto-optimise-store = true;
      extra-substituters = [
        "https://cache.lix.systems"
        "https://nix-community.cachix.org"
        "https://nixpkgs-unfree.cachix.org"
        "https://0uptime.cachix.org"
      ];
      trusted-public-keys = [
        "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
        "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
        "0uptime.cachix.org-1:ctw8yknBLg9cZBdqss+5krAem0sHYdISkw/IFdRbYdE="
      ];
    };
  };
  catppuccin = {
    flavor = "macchiato";
    enable = true;
    plymouth.enable = false;
    grub.enable = false;
  };

  # console.catppuccin.enable = true;

  programs.zsh = {
    enable = true;
  };

  stylix = {
    enable = true;
    autoEnable = true;
    base16Scheme = {
      scheme = "Catppuccin Macchiato";
      author = "https://github.com/catppuccin/catppuccin";
      base00 = "24273a";
      base01 = "1e2030";
      base02 = "363a4f";
      base03 = "494d64";
      base04 = "5b6078";
      base05 = "cad3f5";
      base06 = "f4dbd6";
      base07 = "b7bdf8";
      base08 = "ed8796";
      base09 = "f5a97f";
      base0A = "eed49f";
      base0B = "a6da95";
      base0C = "8bd5ca";
      base0D = "8aadf4";
      base0E = "c6a0f6";
      base0F = "f0c6c6";
    };
    image = ./background.jpg;
    cursor.package = pkgs.catppuccin-cursors.macchiatoMauve;
    cursor.name = "catppuccin-macchiato-mauve-cursors";
    homeManagerIntegration.followSystem = true;
    fonts = {
      serif = {
        package = pkgs.dejavu_fonts;
        name = "DejaVu Serif";
      };

      monospace = {
        package = pkgs.dejavu_fonts;
        name = "DejaVu Sans Mono";
      };

      sansSerif = {
        package = pkgs.dejavu_fonts;
        name = "DejaVu Sans";
      };

      emoji = {
        package = pkgs.noto-fonts-emoji-blob-bin;
        name = "Blobmoji";
      };
    };
  };

  fonts.packages = [
    pkgs.dejavu_fonts
    pkgs.noto-fonts
    pkgs.nerd-fonts.fira-mono
  ];

  networking = {
    wireguard.enable = true;

    wg-quick.interfaces = {
      wg0 = {
        autostart = true;
        address = ["10.0.0.${config.services.vpn-ip.ip}/24" "fdc9:281f:04d7:9ee9::${config.services.vpn-ip.ip}/64"];
        dns = ["10.0.0.1" "fdc9:281f:04d7:9ee9::1"];
        listenPort = 51821;
        privateKeyFile = config.sops.secrets."wg-private-key".path;
        peers = [
          {
            publicKey = "A02sO7uLdgflhPIRd0cbJONIaPP4z8HTxDkmX4NegFg=";
            endpoint = "84.87.146.85:51821";
            allowedIPs = ["0.0.0.0/0" "::/0"];
            persistentKeepalive = 25;
          }
        ];
      };
    };
  };

  # Enable completion of system packages by zsh
  environment.pathsToLink = ["/share/zsh"];

  home-manager = {
    backupFileExtension = "backup";
    extraSpecialArgs = {
      inputs = inputs;
      outputs = outputs;
    };
    users = {
      # Import your home-manager configuration
      lillian = import ../../home-manager/hosts/${config.networking.hostName};
    };
  };

  users = {
    users.lillian = {
      isNormalUser = true;
      extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"];
      shell = pkgs.zsh;
      hashedPasswordFile = config.sops.secrets."lillian-password".path;
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhwA+ZdP2tEBYQNdzLHZzFHxocyeqzhXI6tFpaZA3PZ lillian@EDI"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH30G2PJOnI6jnAtxOQV0SpLFUva0adarLZLvaoZvjGE lillian@GLaDOS"
      ];
    };
    mutableUsers = false;

    users.root = {
      hashedPassword = "*";
    };
  };
}