{
  config,
  options,
  lib,
  self,
  ...
}:

with lib;
{
  options = with types; {
    user = mkOption {
      type = attrs;
      default = { };
    };

    home = {
      configFile = mkOption {
        type = attrs;
        default = { };
        description = "Files to place in $XDG_CONFIG_HOME";
      };
      dataFile = mkOption {
        type = attrs;
        default = { };
        description = "Files to place in $XDG_DATA_HOME";
      };
      file = mkOption {
        type = attrs;
        default = { };
        description = "Files to place directly in $HOME";
      };
      packages = mkOption {
        type = attrs;
        default = { };
        description = "User-level installed packages";
      };
      programs = mkOption {
        type = attrs;
        default = { };
        description = "Programs managed directly from home-manager";
      };
      services = mkOption {
        type = attrs;
        default = { };
        description = "Services managed directly from home-manager";
      };
    };

    dconf.settings = mkOption {
      type = attrs;
      default = { };
      description = "dconf settings to enable";
    };

    env = mkOption {
      type = attrsOf (oneOf [
        str
        path
        (listOf (either str path))
      ]);
      apply = mapAttrs (
        n: v: if isList v then concatMapStringsSep ":" (x: toString x) v else (toString v)
      );
      default = { };
      description = "";
    };
  };

  config = {
    age.secrets."passwords/users/jordan".file = "${self.inputs.secrets}/passwords/users/jordan.age";
    user =
      let
        user = builtins.getEnv "USER";
        name =
          if
            elem user [
              ""
              "root"
            ]
          then
            "jordan"
          else
            user;
      in
      {
        inherit name;
        isNormalUser = true;
        extraGroups = [
          "networkmanager"
          "wheel"
          "lxd"
        ];
        description = "Jordan Holt";
        useDefaultShell = true;
        openssh.authorizedKeys.keys = [
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILVHTjsyMIV4THNw6yz0OxAxGnC+41gX72UrPqTzR+OS jordan@vimium.com"
        ];
        hashedPasswordFile = config.age.secrets."passwords/users/jordan".path;
        home = "/home/${name}";
        group = "users";
        uid = 1000;
      };

    home-manager = {
      useGlobalPkgs = true;
      useUserPackages = true;

      users.${config.user.name} = {
        home = {
          file = mkAliasDefinitions options.home.file;
          stateVersion = config.system.stateVersion;
        };
        programs = mkAliasDefinitions options.home.programs;
        services = mkAliasDefinitions options.home.services;
        xdg = {
          enable = true;
          configFile = mkAliasDefinitions options.home.configFile;
          dataFile = mkAliasDefinitions options.home.dataFile;
        };
        dconf.settings = mkAliasDefinitions options.dconf.settings;
      };

      sharedModules = [
        self.inputs.nixvim.homeManagerModules.nixvim
        self.inputs.plasma-manager.homeManagerModules.plasma-manager
      ];
    };

    users.users.${config.user.name} = mkAliasDefinitions options.user;

    environment.extraInit = concatStringsSep "\n" (
      mapAttrsToList (n: v: "export ${n}=\"${v}\"") config.env
    );
  };
}