# sudo nix run 'github:nix-community/disko/latest#disko-install' -- --flake .#$TARGET_HOSTNAME --disk nvme0n1 /dev/nvme0n1
# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nixos-rebuild switch --flake mlaga97-nixos?submodules=1#$HOSTNAME
{ config, pkgs, ... }: {
  imports = [
    # Core Features
    ../features/base.nix
    ../features/tui-apps.nix
    ../features/openssh-server.nix

    # Core Tweaks
    ../tweaks/zram.nix
    ../tweaks/enable_flakes.nix
    ../tweaks/disable_nixos_user.nix
    ../tweaks/systemd-resolved_nonsense.nix

    # Lauren Base
    ../users/lauren_lagarde/lauren_lagarde.nix

    # i3wm
    ../features/i3wm.nix
    ../features/hardware/yubikey.nix
    ../tweaks/bluetooth.nix
    ../tweaks/intel_igpu_screen_tearing.nix

    # Dotspace
    ../secrets/dotspace.nix
    ../secrets/dotspace_shares.nix
    ../features/stronghold-binary-cache.nix

    # Additional Software
    ../features/embedded.nix
    ../features/hardware/rtl-sdr.nix
    ../features/hardware/printing.nix
    ../tweaks/aarch64-crosscompile.nix
    ../features/virtualization/docker.nix
    ../features/virtualization/libvirt-host.nix

    # ll-latitude-e5591
    ../features/gpu/intel.nix
    ../features/systemd-boot.nix
    ../features/factorio.nix
  ];

  specialisation = {
    nvidia.configuration = {
      system.nixos.tags = [ "nvidia" ];

      imports = [
        ../features/gpu/nvidia.nix
      ];

      hardware.nvidia.prime = {
        sync.enable = true;
        intelBusId = "PCI:0:2:0";
        nvidiaBusId = "PCI:1:0:0";
      };
    };
  };

  hardware.enableRedistributableFirmware = true;

  boot.initrd.kernelModules = [ "i915" ]; # Makes external monitors boot better
  boot.kernelParams = [
    "i915.enable_guc=2"
  ];

  services.autorandr.enable = true;
  services.udev.packages = with pkgs; [ autorandr ];

  # TODO: Not quite enough for hibernation while zram is still enabled
  #swapDevices = [{
  #  device = "/var/lib/swapfile";
  #  size = 48 * 1024;
  #}];

  ##############################################################################
  ##############################################################################
  ##############################################################################
  # Tinc Stuff
  # TODO: Less hacky

  networking.firewall.allowedTCPPorts = [ 655 ];
  networking.firewall.allowedUDPPorts = [ 655 ];

  networking.interfaces."tinc.dotspace".ipv4 = {
    addresses = [{
      address = "10.86.84.250";
      prefixLength = 32;
    }];
    routes = [{
      address = "10.86.84.0";
      prefixLength = 24;
    }];
  };

  # Start the unit for adding addresses if Tinc is started
  systemd.services."tinc.dotspace".wants = [ "network-addresses-tinc.dotspace.service" ];

  # Stop the unit for adding addresses if Tinc is stopped or restarted
  systemd.services."network-addresses-tinc.dotspace".partOf = [ "tinc.dotspace.service" ];

  # Start the unit for adding addresses after the Tinc device is added
  systemd.services."network-addresses-tinc.dotspace".after = [ "sys-subsystem-net-devices-tinc.dotspace.device" ];

  services.tinc.networks.dotspace = {
    name = "ll_latitude_e5591";
    ed25519PrivateKeyFile = "/root/tinc/mlaga97space_ed25519_key.priv";

    chroot = false;
    settings.ConnectTo = [ "fortress" "citadel" ];
  };
}