{ config, lib, pkgs, ... }:

{
  # Kernel configuration
  boot = {
    kernelPackages = pkgs.linuxPackages;
    kernelModules = [ "kvm-amd" ];
  };

  # Bootloader configuration
  boot.loader = {
    efi.canTouchEfiVariables = true;
    systemd-boot = {
      enable = true;
      configurationLimit = 50;
    };
    timeout = 3;
  };

  # Packages
  environment.systemPackages = with pkgs; [ htop vim ];

  # Run Nix garbage collector, while avoiding compiling
  nix = {
    autoOptimiseStore = true;
    gc = {
      automatic = true;
      options = "--delete-older-than 14d";
    };
    extraOptions = ''
      keep-outputs = true
      keep-derivations = true
      gc-keep-outputs = true
    '';
  };

  # Clean tmp directory on shutdown
  boot.cleanTmpDir = true;

  # Rotate logs after 14 days
  services.journald.extraConfig = "SystemMaxFiles=14";

  # Scrub zpool monthly
  services.zfs.autoScrub = {
    enable = true;
    interval = "monthly";
  };

  # Set timezone and synchronize NTP
  time.timeZone = "Europe/Brussels";
  services.timesyncd.enable = true;

  # NixOS version
  system.stateVersion = "20.09";

  # Configure basic SSH access
  services.openssh = {
    enable = true;
    permitRootLogin = "yes";
  };

  # Create coace user
  users.users.coace = {
    isNormalUser = true;
    home = "/home/coace";
    extraGroups = [ "wheel" "libvirtd" ];
    shell = pkgs.fish;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAbHBpW1JgArO7XFr3mqMD8nCf3RjkHzso+mpNjR8iZi coolneng@panacea"
    ];
  };

  # Set shell and SSH for root user
  users.users.root = {
    shell = pkgs.fish;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAbHBpW1JgArO7XFr3mqMD8nCf3RjkHzso+mpNjR8iZi coolneng@panacea"
    ];
  };

  # Auto-upgrade the system
  system.autoUpgrade = {
    enable = true;
    allowReboot = true;
  };

  # Import other configuration modules
  imports = [
    ./modules/hardware-configuration.nix
    ./modules/networking.nix
    ./modules/datasync.nix
  ];

}