{
  pkgs,
  config,
  systemSettings,
  userSettings,
  ...
}: {
  imports =
    [
      ./services/loki.nix
    ];

  config = {
    nix.settings.experimental-features = ["nix-command" "flakes"];
    nixpkgs.config.allowUnfree = true;
    system.stateVersion = "${systemSettings.stateVersion}";
    # programs.nix-ld.enable = true;
    services.openssh.enable = true;
    services.avahi = { enable = true; nssmdns4 = true; };

    time.timeZone = "${systemSettings.timeZone}";
    networking.hostName = systemSettings.hostName;

    environment.systemPackages = with pkgs; [
      home-manager
      bash
      busybox
      git
      eza
    ];

    security.sudo-rs = {
      enable = true;
      execWheelOnly = false;
      wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
    };

    users.users.${userSettings.username} = {
      isNormalUser = true;
      uid = 1000;
      extraGroups = [ "wheel" ];
      openssh.authorizedKeys.keyFiles = [ /root/.ssh/authorized_keys ];
    };
  };
}