{ pkgs, lib, userSettings, systemSettings, ... }:
{
  imports = [
    (import ./home-manager/home.nix {inherit systemSettings userSettings lib pkgs;})
     ./nixos
     ./scripts
  ];
  system.stateVersion = systemSettings.stateVersion;
  time.timeZone = "${systemSettings.timeZone}";

  nix.settings.trusted-users = [ "root" "@wheel" ];
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  
  programs.nix-ld.enable = true;

  sops.defaultSopsFile = ./secrets/encrypted_secrets.yaml;
  sops.defaultSopsFormat = "yaml";
  
  # This is needed for nix to access the secrets at build time.
  # It doesn't affect for the `sops ...` command
  # Optional if the system has the key age for /etc/ssh/ssh_host_ed25519_key in .sops.yaml
  # sops.age.keyFile = "${userSettings.adHome}/.config/sops/age/keys.txt";

  environment.systemPackages = with pkgs; [
    bash
    git
    eza
    gh
    sops
    gdbm
  ];

  virtualisation.docker.enable = true;
  virtualisation.oci-containers.backend = "docker";

  services.vscode-server.enable = true;
  services.openssh.enable = true;
  services.tailscale.enable = true;

  services.cron = {
    enable = true;
    systemCronJobs = [
      "30 2 * * * /run/current-system/sw/bin/nfs > /etc/nixos/auto_update.log 2>&1"
    ];
  };

  # https://nixos.wiki/wiki/Storage_optimization
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };
  nix.optimise.automatic = true;
  nix.optimise.dates = [ "Mon *-*-* 05:00:00" ];
}