{ pkgs, lib, userSettings, systemSettings, ... }:
{
  imports = [
    (import ./home-manager/home.nix {inherit systemSettings userSettings lib;})
     ./nixos
     ./scripts
  ];
  system.stateVersion = systemSettings.stateVersion;
  time.timeZone = "${systemSettings.timeZone}";

  nix.settings.trusted-users = [ "root" "@wheel" ];
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  
  programs.nix-ld.enable = true;

  sops.defaultSopsFile = ./secrets/secrets.yaml;
  sops.defaultSopsFormat = "yaml";
  
  # This is needed for nix to access the secrets at build time.
  # It doesn't affect for the `sops ...` command
  # Optional if the system has the key age for /etc/ssh/ssh_host_ed25519_key in .sops.yaml
  # sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";

  environment.systemPackages = with pkgs; [
    bash
    git
    eza
    gh
    sops
  ];

  virtualisation.docker.enable = true;
  virtualisation.oci-containers.backend = "docker";

  services.vscode-server.enable = true;
  services.openssh.enable = true;
  services.tailscale.enable = true;
}