nix-config/nixos/framework/configuration.nix

{
  config,
  pkgs,
  lib,
  ...
}: {
  imports = [./hardware-configuration.nix];

  boot.bootspec.enable = true;
  boot.loader.systemd-boot.enable = lib.mkForce false;
  boot.lanzaboote = {
    enable = true;
    pkiBundle = "/etc/secureboot";
  };
  boot.loader.efi.canTouchEfiVariables = true;
  boot.kernelPackages = pkgs.linuxPackages_6_6;

  system.stateVersion = "23.11"; # Did you read the comment?
  networking = {
    hostName = "framework";
    search = ["1.1.1.1" "1.0.0.1" "8.8.8.8"];
    networkmanager.enable = true;
  };

  time.timeZone = "Europe/Berlin";
  i18n.defaultLocale = "en_US.UTF-8";

  hardware.opengl = {
    enable = true;
    driSupport = true;
    driSupport32Bit = true;
  };

  security.pam.services.swaylock = {};

  services = {
    illum.enable = true;
    fwupd.enable = true;
    fprintd.enable = true;
    pcscd.enable = true;
    tlp = {
      enable = true;
      settings = {
        # AC
        CPU_SCALING_GOVERNOR_ON_AC = "performance";
        CPU_ENERGY_PERF_POLICY_ON_AC = "performance";
        CPU_MIN_PERF_ON_AC = 0;
        CPU_MAX_PERF_ON_AC = 100;

        # BAT
        CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
        CPU_ENERGY_PERF_POLICY_ON_BAT = "power";
        CPU_MIN_PERF_ON_BAT = 0;
        CPU_MAX_PERF_ON_BAT = 50;
      };
    };

    openssh = {
      enable = true;
      settings = {
        PermitRootLogin = "yes";
      };
    };

    xserver = {
      enable = true;
      layout = "us";

      libinput.enable = true;

      desktopManager = {
        xterm.enable = false;
        gnome.enable = false;
        plasma5.enable = false;
      };

      displayManager = {
        gdm = {
          enable = true;
          wayland = true;
        };
      };
    };

    logind = {
      lidSwitch = "suspend";
      lidSwitchDocked = "ignore";
      lidSwitchExternalPower = "ignore";
      extraConfig = "HoldoffTimeoutSec=300s";
    };
  };

  sound.enable = true;
  hardware.pulseaudio.enable = true;

  users.users.patrick = {
    isNormalUser = true;
    extraGroups = ["wheel"];
  };
  home-manager.useGlobalPkgs = true;
  home-manager.users.patrick = ./home.nix;

  environment.systemPackages = with pkgs; [
    vim
    wget
    curl
    htop
    podman
    pinentry
    qemu
    OVMF
  ];

  programs = {
    hyprland.enable = true;
    gnupg.agent.enable = true;
  };

  # nix = {
  #   gc = {
  #     automatic = true;
  #     dates = "weekly";
  #     options = "--delete-older-than 7d";
  #   };

  #   package = pkgs.nixVersions.stable;
  #   # registry.nixpkgs.flake = inputs.nixpkgs;

  #   settings = {
  #     auto-optimise-store = true;

  #     experimental-features = ["nix-command" "flakes"];

  #     # Avoid unwanted garbage collection when using nix-direnv
  #     # keep-outputs = true;
  #     # keep-derivations = true;
  #   };
  # };
}