{
  pkgs,
  lib,
  ...
}: {
  imports = [
    ./hardware-configuration.nix
    ../../common/default.nix
    ../../common/full-install.nix
    ../../common/allow-unfree.nix

    ../../common/locales/en.nix
    ../../common/locales/fr-keymap.nix
    ../../common/hardware/intelcpu.nix
    ../../common/hardware/nvidiagpu.nix
    ../../common/hardware/ssd.nix

    ../../common/de/plasma6.nix
    # ../../common/de/hyprland.nix

    # ../../common/packages/syncthing.nix
    ../../common/packages/sshd.nix
    ../../common/tasia-packages.nix

    # ../../modules/nixos/vedirect-reader.nix
  ];

  boot = {
    kernelPackages = pkgs.linuxPackages_latest;
    # boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ];
  };

  hardware.nvidia.prime = {
    # Make sure to use the correct Bus ID values for your system!
    intelBusId = "PCI:1:0:0";
    nvidiaBusId = "PCI:0:2:0";

    offload = {
      enable = true;
      enableOffloadCmd = true;
    };
  };

  networking = {
    hostName = "new-new-phoenix";

    firewall = {
      enable = true;
      allowedTCPPorts = [
        8080 # ?
        12345 # tildefriends
        13378 # audiobookshelf
      ];
      allowedUDPPorts = [
        8080 # ?
      ];
    };
  };

  users.users.tasia = {
    isNormalUser = true;
    description = "User";
    extraGroups = ["networkmanager" "wheel" "syncthing"];
    initialPassword = "correcthorsebatterystaple";
    openssh.authorizedKeys.keys = [
      "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" # self
    ];
  };

  services.btrfs.autoScrub = {
    enable = true;
    interval = "weekly";
    fileSystems = ["/"];
  };

  # services.vedirect-reader.enable = true;

  virtualisation.docker.enable = true;
  # services.flatpak.enable = false;

  # Some programs need SUID wrappers, can be configured further or are
  # started in user sessions.
  programs.mtr.enable = true;
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  programs.steam = {
    enable = true;
    remotePlay.openFirewall = false; # Open ports in the firewall for Steam Remote Play
    dedicatedServer.openFirewall = false; # Open ports in the firewall for Source Dedicated Server
  };

  services.syncthing = {
    dataDir = lib.mkForce "/home/user";
    configDir = lib.mkForce "/data/sync/configuration/";
  };

  # Needed to build enry
  boot.binfmt.emulatedSystems = ["aarch64-linux"];

  environment.systemPackages = with pkgs; [
    #
  ];

  # security.auditd.enable = true;
  # security.audit.enable = true;
  # security.audit.rules = [
  #   "-a exit,always -F arch=b64 -S execve"
  # ];
  # You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up.

  # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
  system.stateVersion = "23.11";
}