{
  pkgs,
  config,
  lib,
  ...
}:
{

  imports = [
    ./hardware.nix
    ./jellyfin.nix
    ./wireguard.nix
    ./nextcloud.nix
    ./gotosocial.nix
    ./matrix.nix
    ./forgejo.nix
  ];

  services.nginx = {
    enable = true;
    clientMaxBodySize = "40m";

    virtualHosts."dalaran.fr" = {
      default = true;
      enableACME = true;
      forceSSL = true;
    };
  };

  environment.systemPackages = with pkgs; [
    neovim
    git
  ];

  # System secrets
  sops = {
    gnupg.sshKeyPaths = [ ];
    age = {
      sshKeyPaths = [ ];
      keyFile = "/var/lib/sops-nix/key.txt";
    };
    defaultSopsFile = ./secrets/secrets.yaml;
    secrets = {
      wg0_private = { };
      wg1_private = { };
      nextcloud_admin_pw = {
        owner = config.users.users.nextcloud.name;
      };
      discord_bridge_token = { };
      gotosocial_env = {
        owner = config.users.users.gotosocial.name;
      };
    };
  };

  machineUsers = {
    dala = {
      description = "Dala";
      groups = [ "wheel" ];
      uid = 1000;
      shell = pkgs.bash;
    };
  };
}