{ config, lib, pkgs, inputs, ... }:

{
  imports =
    [
      ./hardware-configuration.nix
      inputs.sops-nix.nixosModules.sops
      ../modules/nix-cache.nix
      ../modules/users/origami.nix
    ];

  # BIOS + GRUB, 安装到 MBR
  boot.loader.grub = {
    enable = true;
    device = "/dev/sda";
    configurationLimit = 10;
  };

  networking.hostName = "oparic-local-dev";

  # 静态 IP
  networking.interfaces.ens18.ipv4.addresses = [{
    address = "192.168.2.22";
    prefixLength = 24;
  }];
  networking.defaultGateway = "192.168.2.1";
  networking.nameservers = [ "119.29.29.29" ];

  time.timeZone = "Asia/Shanghai";

  nix.settings = {
    experimental-features = [ "nix-command" "flakes" ];
    trusted-users = [ "origami" ];
    auto-optimise-store = true;
  };

  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 1w";
  };

  environment.systemPackages = with pkgs; [
    git
    vim
    wget
    curl

    zip
    xz
    unzip
    p7zip
    zstd
    gnutar

    file
    which
    tree
    gnused
    gawk
    gnupg
    pciutils
    usbutils

    home-manager
    nix-output-monitor
  ];

  i18n = {
    defaultLocale = "C.UTF-8";
    extraLocaleSettings = {
      LC_MESSAGES = "en_US.UTF-8";
      LC_TIME = "C.UTF-8";
      LC_CTYPE = "zh_CN.UTF-8";
    };
  };

  # PVE guest agent
  services.qemuGuest.enable = true;

  # 用户
  users.groups.origami.gid = 1000;
  users.users.origami.extraGroups = [ "wheel" ];
  security.sudo.wheelNeedsPassword = false;

  sops.defaultSopsFile = ../../secrets/ssh-private.yaml;
  sops.defaultSopsFormat = "yaml";
  sops.age.keyFile = "/home/origami/.config/sops/age/keys.txt";

  services.openssh.enable = true;

  system.stateVersion = "23.11";
}