#
#  Desktop/laptop configuration. Imports configuration_common.nix for shared settings.
#  Host-specific window manager and hardware configs are imported per-host.
#

{ config, lib, pkgs, inputs, user, location, agenix, ... }:

{
  imports = [
    ./configuration_common.nix
  ];

  users.users.${user} = {
    isNormalUser = true;
    uid = 2000;
    extraGroups = [ "wheel" "video" "audio" "camera" "networkmanager" "lp" "kvm" "libvirtd" "adb" "dialout" "tss" ];
  };

  security.pam.services.login.enableGnomeKeyring = true;

  environment.systemPackages = with pkgs; [
    file
    powertop
    cpufrequtils
    lm_sensors
    libva-utils
    at-spi2-core
    qmk-udev-rules
    gptfdisk
    age-plugin-yubikey
    pwgen
    sbctl
    ausweisapp
    e2fsprogs
    orca-slicer
  ]);

  nixpkgs.config.permittedInsecurePackages = [
    "mbedtls-2.28.10"
  ];

  services = {
    pipewire = {
      enable = true;
      alsa.enable = true;
      pulse.enable = true;
      wireplumber.enable = true;
    };
    pcscd.enable = true;
    yubikey-agent.enable = true;
    udev.packages = [ pkgs.yubikey-personalization pkgs.nitrokey-udev-rules ];
    flatpak.enable = true;
    gvfs.enable = true;
    fwupd.enable = true;
  };

  programs.dconf.enable = true;

  system.autoUpgrade.enable = false;
}