{ pkgs, lib, config, ... }:
with lib;
with lib.metacfg;
{
  imports = [
    ./hardware-configuration.nix
    ./atticd.nix
  ];

  metacfg = {
    base.enable = true;
    nix.enable = true;
  };

  virtualisation = {
    docker.enable = true;
    podman.dockerCompat = false;
  };

  system.autoUpgrade = {
    enable = true;
    operation = "switch";
    allowReboot = true;
  };

  security.tpm2.enable = false;
  security.tpm2.abrmd.enable = false;

  networking.wireless.enable = false; # Enables wireless support via wpa_supplicant.
  networking.firewall.allowedTCPPorts = [ 8080 ];
  networking.firewall.allowPing = true;

  powerManagement.cpuFreqGovernor = "ondemand";

  system.stateVersion = "24.05";
}