{ pkgs, ... }:

{
  # Basic services
  services.locate.enable = true;
  services.openssh.enable = true;

  hardware.enableAllFirmware = true;

  services = {
    udisks2.enable = true;
    gvfs.enable = true;
  };

  security.polkit.enable = true;
  security.pam.services.login.enableGnomeKeyring = true;
  services.gnome.gnome-keyring.enable = true;
  security.pam.enableEcryptfs = true;

  security.polkit.extraConfig = ''
    polkit.addRule(function(action, subject) {
        if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" &&
            subject.isInGroup("wheel")) {
            return polkit.Result.YES;
        }
    });
  '';

  # Nix fun
  nixpkgs.config.allowUnfree = true;
  nix.settings.experimental-features = [ "flakes" "nix-command" ];

  programs.gnupg.agent = {
    enable = true;
    pinentryPackage = with pkgs; pinentry-all;
    enableSSHSupport = true;
  };

  time.timeZone = "Europe/Berlin";
  programs.nix-ld.enable = true; # Linking support

  # For local domains in link locals and other goods
  services.avahi.enable = true;
  services.avahi.nssmdns4 = true;

  environment = {
    systemPackages = with pkgs; [ yazi tmux git starship zoxide rsync rclone neovim alacritty gtk4.dev ];
  };

  nix.optimise.automatic = true;

  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 7d"; # Two weeks cache then forget
  };

  networking = { networkmanager = { enable = true; }; };

  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  programs.zsh = {
    enable = true;
    autosuggestions.enable = true;
    ohMyZsh = {
      enable = true;
      plugins =
        [ "history-substring-search" "git" "zoxide" "vi-mode" "systemadmin" ];
    };
  };

  programs.ydotool.enable = true;
}