{
  config,
  pkgs,
  lib,
  ...
}:
let
  inherit (lib)
    optional
    ;
  name = "guest";
  hostFile = ./. + "/${config.networking.hostName}.nix";
in
{
  users.users.${name} = {
    description = "Guest";
    extraGroups = [
      "audio"
      "input"
      "render"
      "video"
    ];
    group = "users";
    isNormalUser = true;
    password = "";
    shell = pkgs.zsh;
  };

  home-manager.users.${name} = {
    imports = [
      ./common/optional/graphical/jellyfin.nix
      ./common/optional/graphical/steam.nix
      {
        home.persistence."/state" = {
          directories = [
            ".local/state/wireplumber"
          ];
        };
        home.persistence."/persist" = {
          directories = [
            ".local/share/icons"
          ];
        };
      }
    ]
    ++ optional (builtins.pathExists hostFile) hostFile;

    home = {
      packages = with pkgs; [
        adwaita-fonts
      ];
      username = name;
      sessionVariables = {
        ZDOTDIR = "~/.config/zsh";
      };
    };

    fonts.fontconfig.enable = true;

    programs.zsh = {
      enable = true;
      enableCompletion = true;
    };

    xdg.enable = true;
  };

  services.displayManager = {
    enable = true;
    sessionPackages =
      let
        steamDesktopFile = pkgs.writeTextFile {
          name = "steam-desktop-entry";
          destination = "/share/wayland-sessions/steam.desktop";
          text = ''
            [Desktop Entry]
            Name=steam
            Comment=Desktop session for gaming
            Exec=${pkgs.gamescope}/bin/gamescope --rt --backend drm --steam -- ${pkgs.steam}/bin/steam -pipewire-dmabuf -tenfoot
            Type=Application
          '';
        };

        jellyfinDesktopFile = pkgs.writeTextFile {
          name = "jellyfin-desktop-entry";
          destination = "/share/wayland-sessions/jellyfin.desktop";
          text = ''
            [Desktop Entry]
            Name=jellyfin
            Comment=Desktop session for music, movies, and TV
            Exec=${pkgs.gamescope}/bin/gamescope --rt --backend drm -- ${pkgs.jellyfin-media-player}/bin/jellyfinmediaplayer --scale-factor 2 --tv --fullscreen
            Type=Application
          '';
        };

        steamSession = pkgs.symlinkJoin {
          name = "steam-session";
          paths = [ steamDesktopFile ];
          passthru.providedSessions = [ "steam" ];
        };

        jellyfinSession = pkgs.symlinkJoin {
          name = "jellyfin-session";
          paths = [ jellyfinDesktopFile ];
          passthru.providedSessions = [ "jellyfin " ];
        };
      in
      [
        steamSession
        jellyfinSession
      ];
  };

  services.greetd =
    let
      desktops = config.services.displayManager.sessionData.desktops;
    in
    {
      enable = true;
      settings = {
        default_session = {
          command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --sessions ${desktops}/share/xsessions:${desktops}/share/wayland-sessions";
        };
      };
    };

  # security.pam.services = {
  #   greetd.text = ''
  #     auth      requisite     pam_nologin.so
  #     auth      sufficient    pam_succeed_if.so user = ${name} quiet_success
  #     auth      required      pam_unix.so
  #
  #     account   sufficient    pam_unix.so
  #
  #     password  required      pam_deny.so
  #
  #     session   optional      pam_keyinit.so revoke
  #     session   include       login
  #   '';
  # };

  # Workaround: https://github.com/nix-community/home-manager/issues/7166
  systemd.services."home-manager-${name}".serviceConfig = {
    RemainAfterExit = "yes";
  };
}