{ pkgs, lib, userSettings, systemSettings, ... }:
{
  imports = [
    (import ./home-manager {inherit systemSettings userSettings lib pkgs;})
     ./nixos
     ./scripts
  ];
  system.stateVersion = systemSettings.stateVersion;
  time.timeZone = "${systemSettings.timeZone}";

  nix.settings.trusted-users = [ "root" "@wheel" ];
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.settings.download-buffer-size = 524288000; # 500MB
  
  programs.nix-ld.enable = true;

  sops.defaultSopsFile = ./secrets/encrypted_secrets.yaml;
  sops.defaultSopsFormat = "yaml";
  
  # This is needed for nix to access the secrets at build time.
  # It doesn't affect for the `sops ...` command
  # Optional if the system has the key age for /etc/ssh/ssh_host_ed25519_key in .sops.yaml
  # sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";

  environment.systemPackages = with pkgs; [
    bash
    git
    eza
    gh
    sops
    gdbm
  ];

  virtualisation.docker.enable = true;
  virtualisation.oci-containers.backend = "docker";

  services.vscode-server.enable = true;
  services.openssh.enable = true;
  services.tailscale.enable = true;

  services.cron = {
    enable = true;
    systemCronJobs = [
      "30 2 * * * /run/current-system/sw/bin/nfsu > /etc/nixos/auto_update.log 2>&1"
    ];
  };

  # systemd.timers."auto-update" = {
  #   wantedBy = [ "timers.target" ];
  #     timerConfig = {
  #       OnCalendar="*-*-* 4:00:00";
  #       Unit = "auto-update.service";
  #     };
  # };

  # systemd.services."auto-update" = {
  #   script = ''
  #     ${pkgs.coreutils}/bin/echo "Running auto-update"
  #     FLAKE=$(${pkgs.coreutils}/bin/readlink -f /etc/nixos)
  #     ${pkgs.coreutils}/bin/echo "FLAKE: $FLAKE"
  #     ${pkgs.nix}/bin/nix flake update --flake $FLAKE --impure
  #     ${pkgs.git}/bin/git -C $FLAKE add "$FLAKE/flake.lock" > /dev/null 2>&1
  #     ${pkgs.sudo}/bin/sudo ${pkgs.nixos-rebuild}/bin/nixos-rebuild switch --flake $FLAKE#${systemSettings.hostName} --impure
  #   '';
  #   serviceConfig = {
  #     Type = "oneshot";
  #     User = "${userSettings.userName}";
  #   };
  # };

  # https://nixos.wiki/wiki/Storage_optimization
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };
  nix.optimise.automatic = true;
  nix.optimise.dates = [ "Mon *-*-* 05:00:00" ];
}