{ config, lib, pkgs, ... }:

with lib.my;
{
  imports = [
    ./hardware-configuration.nix
    ./audio.nix
    ../desktop.nix
  ];

  boot.loader.systemd-boot = {
    enable = true;
    graceful = true;
    netbootxyz.enable = true;
  };
  boot.loader.efi.canTouchEfiVariables = true;

  networking.hostName = "odyssey";
  networking.hostId = "c5e68d78";
  networking.networkmanager.enable = true;

  nix.package = pkgs.nixFlakes;
  nix.extraOptions = ''
    experimental-features = nix-command flakes
  '';

  virtualisation.libvirtd.enable = true;
  virtualisation.lxd.enable = true;

  users.defaultUserShell = pkgs.zsh;

  system.stateVersion = "22.11";

  services.journald.extraConfig = ''
    SystemMaxUse=4G
    MaxRetentionSec=90day
  '';

  services.nix-serve = {
    enable = true;
    secretKeyFile = "/var/cache-priv-key.pem";
  };

  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    virtualHosts = {
      "odyssey.mesh.vimium.net" = {
        locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
      };
    };
  };

  age.secrets."odyssey_borg_passphrase" = {
    file = ../../secrets/odyssey_borg_passphrase.age;
  };

  services.borgmatic = {
    enable = true;
    settings = {
      location = {
        source_directories = [
          "/home/jordan/Documents"
        ];
        repositories = [
          "ssh://iqwu22oq@iqwu22oq.repo.borgbase.com/./repo"
        ];
      };
      storage = {
        encryption_passcommand = "cat ${config.age.secrets.odyssey_borg_passphrase.path}";
        ssh_command = "ssh -i /etc/ssh/ssh_host_ed25519_key";
      };
      retention = {
        keep_daily = 7;
        keep_weekly = 4;
        keep_monthly = 6;
      };
    };
  };

  # Without this override, `cat` is unavailable for `encryption_passcommand`
  systemd.services.borgmatic.confinement.fullUnit = true;

  modules = {
    desktop = {
      apps.qbittorrent.enable = true;
      browsers = {
        firefox.enable = true;
      };
      media.graphics = {
        modeling.enable = true;
        raster.enable = true;
        vector.enable = true;
      };
      media.recording = {
        audio.enable = true;
        video.enable = true;
      };
    };
    dev = {
      node.enable = true;
    };
    editors = {
      neovim.enable = true;
      vscode.enable = true;
    };
    security = {
      gpg.enable = true;
      pass.enable = true;
    };
    shell = {
      git.enable = true;
      zsh.enable = true;
    };
  };
}