{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.local.sys.baseline;
in {
  options.local.sys.baseline = {
    enable = mkEnableOption "Basic system settings";
  };
  config = mkIf cfg.enable {
    system.stateVersion = "24.05"; # DO NOT CHANGE

    nix = {
      package = pkgs.nixVersions.stable;

      extraOptions = ''
        experimental-features = nix-command flakes
      '';

      # Not interested in the global flake registry
      settings.flake-registry = "";
    };

    console = {
      keyMap = "us";
    };

    programs = {
      zsh.enable = true;
      fuse.userAllowOther = true;
    };

    environment = {
      pathsToLink = [
        "/share/zsh"
      ];

      systemPackages = with pkgs;
        [
          git
          vim
        ]
        ++ optionals (!config.boot.isContainer) [
          lm_sensors
          lshw
          parted
          pciutils
          smartmontools
          usbutils
        ];
    };

    services = {
      openssh.enable = mkDefault true;

      earlyoom = {
        enable = mkDefault true;
        enableNotifications = true;
      };
    };

    # Coredumps are a security risk and may use up a lot of disk space
    systemd.coredump.extraConfig = ''
      Storage=none
      ProcessSizeMax=0
    '';

    security.dhparams = {
      enable = true;
      defaultBitSize = 4096;
    };
  };
}