{ pkgs, pkgs-unstable, lib, ... }:
let
  commands = import ../../../lib/commands.nix { inherit pkgs; };
  systemNotify = commands."system-notify";
  notify = urgency: title: body:
    "${systemNotify} ${lib.escapeShellArgs [ urgency title body ]}";
  notifyFailure = title: service:
    "${systemNotify} ${lib.escapeShellArgs [ "critical" title ]} \"${service} ended with: $SERVICE_RESULT\"";
in
{
  boot = {
    plymouth = {
      enable = true;
      theme = "nixos-bgrt";
      themePackages = [ pkgs.nixos-bgrt-plymouth ];
    };
    kernelParams = [
      "quiet"
      "udev.log_level=3"
      "systemd.show_status=auto"
    ];
    binfmt.emulatedSystems = [ "aarch64-linux" ];
  };

  security.sudo.wheelNeedsPassword = false;

  services = {
    printing.enable = true;
    pulseaudio.enable = false;
    pipewire = {
      enable = true;
      alsa.enable = true;
      pulse.enable = true;
      jack.enable = true;
    };
    xserver.xkb.layout = "se";
    gnome = {
      gnome-keyring.enable = true;
      gnome-initial-setup.enable = false;
    };
    udev.packages = [
      pkgs.via
      pkgs.qmk
      pkgs.qmk-udev-rules
      pkgs.qmk_hid
    ];
    fwupd.enable = true;
    openssh.settings.PasswordAuthentication = false;
  };

  programs.dconf.enable = true;

  users = {
    groups.plugdev = {};
    users.alisceon.extraGroups = [ "plugdev" ];
  };

  networking.firewall.allowedTCPPorts = [
    1312
    8000
    8080
    8888
  ];

  systemd.services = {
    nixos-upgrade = {
      preStart = lib.mkBefore ''
        ${notify "normal" "System update started" "Updating flake inputs and preparing the NixOS switch."}
      '';
      postStop = ''
        if [ "$SERVICE_RESULT" = "success" ]; then
          ${notify "normal" "System update finished" "The automated NixOS update completed successfully."}
        else
          ${notifyFailure "System update failed" "nixos-upgrade.service"}
        fi
      '';
    };

    nix-gc = {
      preStart = ''
        ${notify "normal" "Garbage collection started" "Cleaning old Nix generations and unreferenced store paths."}
      '';
      postStop = ''
        if [ "$SERVICE_RESULT" = "success" ]; then
          ${notify "normal" "Garbage collection finished" "Nix store garbage collection completed successfully."}
        else
          ${notifyFailure "Garbage collection failed" "nix-gc.service"}
        fi
      '';
    };
  };

  environment = {
    systemPackages = [
      pkgs-unstable.discord
      pkgs-unstable.signal-desktop
      pkgs.mumble
      (pkgs-unstable.chromium.override { enableWideVine = true; })
      pkgs.google-chrome
      pkgs-unstable.vscode
      pkgs-unstable.codex
      pkgs.devenv
      pkgs.direnv
      pkgs.syncthing
      pkgs.steam
      pkgs.krita
      pkgs.edk2-uefi-shell
      pkgs-unstable.obsidian
      pkgs.gparted
      pkgs.vlc
      pkgs.via
      pkgs.plymouth
      pkgs.xhost
      (pkgs.bottles.override { removeWarningPopup = true; })
    ];
    sessionVariables.NIXOS_OZONE_WL = "1";
  };
}