{
  config,
  pkgs,
  ...
}: {
  imports = [
    ./hardware.nix
    ./disk-config.nix
    ./mounts.nix
    ./secrets.nix
  ];

  networking.hostName = "eidola"; # Define your hostname.
  time.timeZone = "America/New_York"; # Set your time zone.

  # Allow unfree packages (firmware)
  nixpkgs.config.allowUnfree = true;

  # Basic networking
  networking.networkmanager.enable = true;
  networking.firewall.enable = true;

  # Locales
  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    keyMap = "us";
  };

  # Users - eidola & root
  users.users = {
    root.hashedPasswordFile = config.sops.secrets."root-pw".path;

    eidola = {
      isNormalUser = true;
      extraGroups = ["networkmanager" "wheel"];
      hashedPasswordFile = config.sops.secrets."user-pw".path;
      openssh.authorizedKeys.keys = import ../../keys/ssh.nix;
    };
  };

  # Packages
  environment.systemPackages = with pkgs; [
    rsync
    git
    vim
    fastfetch
    htop
  ];
  environment.variables.EDITOR = "vim";

  # Enable ssh server
  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
    settings.KbdInteractiveAuthentication = false;
  };

  # My modules
  gen.system.hardening.disableSack = true;
  gen.system.bootloader.luksSsh = {
    enable = true;
    port = 48722;
    hostKeys = ["/persist/etc/secrets/initrd/ssh_host_ed25519_key"];
  };

  system.stateVersion = "24.05";
}