{
  inputs,
  config,
  pkgs,
  ...
}: {
  imports = [
    ./monitors.nix
  ];

  nixpkgs.config.allowUnfree = true;

  boot.initrd.availableKernelModules = ["usb_storage"];
  boot.kernelModules = ["sg"];

  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
  };

  sops.secrets = {
    "vpn-keys/tailscale-authkey/twilight" = {
      sopsFile = "${inputs.secrets}/vpn-keys.yaml";
    };
  };
  host = {
    users = {
      leyla = {
        isDesktopUser = true;
        isTerminalUser = true;
        isPrincipleUser = true;
      };
      eve.isDesktopUser = true;
    };
    hardware = {
      piperMouse.enable = true;
      viaKeyboard.enable = true;
      openRGB.enable = true;
      graphicsAcceleration.enable = true;
      directAccess.enable = true;
    };
    ai = {
      enable = true;
      # TODO: benchmark twilight against defiant and prune this list of models that are faster on defiant
      models = {
        # conversation models
        "Llama 3.1 8B" = {
          model = "lamma3.1:8b";
          roles = ["chat" "edit" "apply"];
        };
        "deepseek-r1:8b" = {
          model = "deepseek-r1:8b";
          roles = ["chat" "edit" "apply"];
        };
        "deepseek-r1:32b" = {
          model = "deepseek-r1:32b";
          roles = ["chat" "edit" "apply"];
        };

        # auto complete models
        "qwen2.5-coder:1.5b-base" = {
          model = "qwen2.5-coder:1.5b-base";
          roles = ["autocomplete"];
        };
        "qwen2.5-coder:7b" = {
          model = "qwen2.5-coder:7b";
          roles = ["autocomplete"];
        };
        "deepseek-coder:6.7b" = {
          model = "deepseek-coder:6.7b";
          roles = ["autocomplete"];
        };
        "deepseek-coder:33b" = {
          model = "deepseek-coder:33b";
          roles = ["autocomplete"];
        };

        # agent models
        "qwen3:32b" = {
          model = "qwen3:32b";
          roles = ["chat" "edit" "apply"];
        };

        # embedding models
        "nomic-embed-text:latest" = {
          model = "nomic-embed-text:latest";
          roles = ["embed"];
        };
      };
    };
  };
  services = {
    ollama = {
      enable = true;
      exposePort = true;

      loadModels = [
        # conversation models
        "llama3.1:8b"
        "deepseek-r1:8b"
        "deepseek-r1:32b"

        # auto complete models
        "qwen2.5-coder:1.5b-base"
        "qwen2.5-coder:7b"
        "deepseek-coder:6.7b"
        "deepseek-coder:33b"

        # agent models
        "qwen3:32b"

        # embedding models
        "nomic-embed-text:latest"
      ];
    };

    tailscale = {
      enable = true;
      authKeyFile = config.sops.secrets."vpn-keys/tailscale-authkey/twilight".path;
      useRoutingFeatures = "both";
      extraUpFlags = [
        "--advertise-exit-node"
        "--advertise-routes=192.168.0.0/24"
      ];
      extraSetFlags = [
        "--advertise-exit-node"
        "--advertise-routes=192.168.0.0/24"
      ];
    };

    syncthing.enable = true;
  };

  boot.supportedFilesystems = ["nfs"];

  fileSystems = {
    "/mnt/leyla_documents" = {
      device = "defiant:/exports/leyla_documents";
      fsType = "nfs";
      options = [
        "x-systemd.automount"
        "noauto"
        "user"
        "noatime"
        "nofail"
        "soft"
        "x-systemd.idle-timeout=600"
        "fsc"
      ];
    };

    "/mnt/users_documents" = {
      device = "defiant:/exports/users_documents";
      fsType = "nfs";
      options = [
        "x-systemd.automount"
        "noauto"
        "user"
        "nofail"
        "soft"
        "x-systemd.idle-timeout=600"
        "fsc"
      ];
    };

    "/mnt/media" = {
      device = "defiant:/exports/media";
      fsType = "nfs";
      options = [
        "x-systemd.automount"
        "noauto"
        "user"
        "noatime"
        "nofail"
        "soft"
        "x-systemd.idle-timeout=600"
        "noatime"
        "nodiratime"
        "relatime"
        "rsize=32768"
        "wsize=32768"
        "fsc"
      ];
    };
  };

  environment.systemPackages = with pkgs; [
    cachefilesd
  ];
  programs.steam = {
    enable = true;
    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
  };
  hardware.steam-hardware.enable = true; # Provides udev rules for controller, HTC vive, and Valve Index

  networking = {
    networkmanager.enable = true;
    hostName = "twilight"; # Define your hostname.
  };

  # enabled virtualisation for docker
  # virtualisation.docker.enable = true;

  # Enable touchpad support (enabled default in most desktopManager).
  # services.xserver.libinput.enable = true;

  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It's perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "23.05"; # Did you read the comment?
}