{
  config,
  pkgs,
  lib,
  inputs,
  nixpkgs-nixos-unstable-and-unfree,
  ...
}: let
  stateVersion = "23.11";
  username = "cyryl";
in {
  imports = [
    ./common-hardware.nix
    ./common-services.nix
    ./security.nix
    ./syncthing.nix
  ];

  security.allowUserNamespaces = true;
  boot.supportedFilesystems = ["ntfs"];
  environment.enableDebugInfo = true;

  nixpkgs.config.allowUnfree = true;
  environment.systemPackages = with pkgs; [
    ccache
    curl
    davfs2
    dnsutils
    fd
    git
    gnupg
    home-manager
    htop
    pciutils
    powertop
    sshfs
    tmux
    usbutils
    wget
    veracrypt
  ];

  i18n.defaultLocale = "en_GB.UTF-8";

  users.users."${username}" = {
    isNormalUser = true;
    extraGroups = [
      "adbusers"
      "davfs2"
      "dialout"
      "docker"
      "libvirtd"
      "lp"
      "networkmanager"
      "scanner"
      "vboxusers"
      "video"
      "wheel"
      "wireshark"
    ];
  };

  networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];

  networking.hosts = {"10.11.99.1" = ["remarkable"];};

  programs = {
    light.enable = true;
    adb.enable = true;
    wireshark.enable = true;

    ssh.extraConfig = ''
      Host cupsnet.cyplo.dev
          HostName cupsnet.cyplo.dev
          Port 2222
      Host cupsnet cupsnet.raptor-carp.ts.net
          HostName cupsnet.raptor-carp.ts.net
          Port 2222
      StrictHostKeyChecking=accept-new
    '';
  };
  virtualisation.docker = {
    enable = true;
    autoPrune.enable = true;
    daemon.settings = {
      "insecure-registries" = ["vpsfree1.raptor-carp.ts.net:5000"];
    };
  };

  fonts.fontconfig = {
    enable = true;
    defaultFonts.monospace = [config.local.fontFamily];
  };

  fonts.packages = with pkgs; [
    inconsolata
    (fetchzip {
      url = "file://" + ./fonts/berkeley.tar.xz;
      sha256 = "sha256-j8LL+CuGzZMTdfnaa5SKaAGojT+Te7GRDnkFd3lGDqY=";
    })
    (fetchzip {
      url = "file://" + ./fonts/tragicastle.tar.xz;
      sha256 = "sha256-AjvaPmjlyDjBDxeVp1A1yPin0FrwbBib87ywF4GHqS0=";
    })
  ];

  nix = {
    settings.auto-optimise-store = true;
    gc.automatic = true;
    optimise.automatic = true;
    extraOptions = ''
      experimental-features = nix-command flakes
      stalled-download-timeout = 30
    '';
  };

  system = {inherit stateVersion;};
  system.activationScripts.diff = ''
    ${pkgs.nvd}/bin/nvd --nix-bin-dir=${pkgs.nix}/bin diff /run/current-system "$systemConfig"
  '';
}