nixos/hosts/hakase/configuration.nix

{
  pkgs,
  myConfig,
  inputs,
  lib,
  specialArgs,
  ...
}: {
  imports = [
    inputs.home-manager.nixosModules.home-manager
    inputs.chaotic.nixosModules.default
    ./hardware-configuration.nix
    ../../modules/default/desktop.nix
    ../../modules/default/dev.nix
    ../../modules/default/remote.nix
  ];

  environment.systemPackages = with pkgs; [
    pavucontrol
    wl-clipboard
    wget
    protontricks
  ];
  environment.sessionVariables = {
    PROTON_USE_NTSYNC = "1";
    ENABLE_HDR_WSI = "1";
    DXVK_HDR = "1";
    PROTON_ENABLE_AMD_AGS = "1";
    PROTON_ENABLE_NVAPI = "1";
    ENABLE_GAMESCOPE_WSI = "1";
    STEAM_MULTIPLE_XWAYLANDS = "1";
  };

  users = {
    defaultUserShell = pkgs.${myConfig.general.Terminal.shell};
    users = {
      ${myConfig.essentials.Username} = {
        isNormalUser = true;
        extraGroups = ["wheel" "networkmanager" "input" "video"];
        initialHashedPassword = "$y$j9T$NHFtSwF4NJtEmgMjy4Xdg.$9WQltjEx3eEfZ7GbpGLW8lBhJtiXPOeIawrxdmx0.vB";
        useDefaultShell = true;
        packages = [];
      };
    };
  };
  home-manager = {
    backupFileExtension = "backup";
    useGlobalPkgs = true;
    useUserPackages = true;
    extraSpecialArgs = specialArgs;
    users.${myConfig.essentials.Username} = import ../../home/hakase.nix;
  };

  nixpkgs.config.allowUnfree = myConfig.general.allowUnfree;

  hardware.logitech.wireless.enable = true;
  hardware.bluetooth.enable = true;
  hardware.bluetooth.settings = {
    General = {
      MultiProfile = "multiple";
      FastConnectable = true;
    };
  };
  hardware.bluetooth.powerOnBoot = true;
  hardware.amdgpu.initrd.enable = true;
  hardware.graphics = {
    enable = true;
    enable32Bit = true;
  };

  i18n.defaultLocale = "en_US.UTF-8";
  # time.timeZone = "${myConfig.nixos.Timezone}";

  boot.kernelParams = ["quiet"];
  boot.kernelPackages = pkgs.linuxPackages_cachyos;
  boot.kernel.sysctl = {
    "kernel.split_lock_mitigate" = 0;
    "kernel.nmi_watchdog" = 0;
    "kernel.sched_bore" = "1";
  };
  boot.initrd = {
    systemd.enable = true;
    kernelModules = [];
    verbose = false;
  };
  boot.plymouth.enable = true;
  systemd.extraConfig = "DefaultTimeoutStopSec=5s";

  boot.loader = {
    timeout = 0;
    limine.maxGenerations = 3;
    systemd-boot = lib.mkIf (myConfig.nixos.Boot.mode == "systemd") {
      enable = true;
    };
    grub = lib.mkIf (myConfig.nixos.Boot.mode == "grub") {
      efiSupport = true;
      enable = true;
      device = "nodev";
      useOSProber = true;
    };
    efi = {
      canTouchEfiVariables = true;
      efiSysMountPoint = "/boot";
    };
  };

  programs.ssh.extraConfig = myConfig.optionals.Ssh.extraConfig;

  programs.bash = {
    interactiveShellInit = ''
      if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
      then
        shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
        exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
      fi
    '';
  };

  programs = {
    zsh.enable = true;
    fish.enable = true;
  };

  services = {
    flatpak.enable = true;
    automatic-timezoned.enable = true;
    displayManager = {
      autoLogin.enable = true;
      autoLogin.user = "kenji";
      gdm.enable = true;
    };
    upower.enable = true;
    seatd.enable = true;
    scx.enable = true; # by default uses scx_rustland scheduler
    libinput.enable = true;
    blueman.enable = true;
    printing.enable = true;
    openssh.enable = true;
  };

  # make pipewire realtime-capable
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };

  nix = {
    distributedBuilds = true;
    settings = {
      builders-use-substitutes = true;
      trusted-users = myConfig.optionals.Builds.trustedUsers;
      experimental-features = ["nix-command" "flakes"];
    };
  };

  console = {
    earlySetup = false;
    font = "${pkgs.terminus_font}/share/consolefonts/ter-132n.psf.gz";
    packages = with pkgs; [terminus_font];
    useXkbConfig = true;
  };

  networking = {
    networkmanager.enable = true;
    firewall = {
      enable = true;
      allowedTCPPorts = [22 80];
      allowedUDPPorts = [53];
    };
    proxy.default = null;
    proxy.noProxy = null;
  };

  xdg.portal.enable = true;
  xdg.portal.config.common.default = "*";
  xdg.portal.extraPortals = [pkgs.xdg-desktop-portal-gtk];
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  # Or disable the firewall altogether.
  # networking.firewall.enable = false;

  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
  system.stateVersion = "25.05";
}