{ options, config, lib, pkgs, ... }:

with lib;
with lib.metacfg;
let cfg = config.metacfg.gui;
in
{
  options.metacfg.gui = with types; {
    enable = mkBoolOpt false "Whether or not to enable a GUI.";
  };

  config = mkIf cfg.enable {
    services = {
      gnome.tracker-miners.enable = lib.mkForce false;

      flatpak.enable = true;

      pcscd.enable = lib.mkDefault false;

      # Enable CUPS to print documents.
      printing.enable = true;

      pipewire = {
        enable = true;
        alsa.enable = true;
        alsa.support32Bit = true;
        pulse.enable = true;
        # If you want to use JACK applications, uncomment this
        #jack.enable = true;

        # use the example session manager (no others are packaged yet so this is enabled by default,
        # no need to redefine it in your config for now)
        #media-session.enable = true;
      };

      udev.packages = [
        pkgs.libu2f-host
        pkgs.yubikey-personalization
      ];

      xserver = {
        layout = lib.mkDefault "de+us";
        enable = true;
        displayManager.gdm.enable = true;
        desktopManager.gnome.enable = true;
      };
    };
    #security.pam.p11.control = "sufficient";
    #security.pam.p11.control = "required";
    #security.pam.p11.enable = true;
    #  services.fprintd.enable = true;
    #security.pam.yubico.enable = true;
    #security.pam.yubico.control = "sufficient";
    #security.pam.yubico.mode = "challenge-response";

    #security.tpm2.pkcs11.enable = true;

    # Enable sound with pipewire.
    sound.enable = true;
    hardware.pulseaudio.enable = false;

    security.rtkit.enable = true;

    programs.gnupg.agent = {
      enable = true;
      enableSSHSupport = true;
      enableBrowserSocket = true;
    };

    environment.systemPackages = with pkgs; [
      bat
      cardpeek
      ccache
      clang
      dive
      file
      firefox
      gh
      git
      gimp
      gnome.cheese
      gnome.gnome-software
      gnomeExtensions.appindicator
      gnomeExtensions.dash-to-panel
      gnomeExtensions.hibernate-status-button
      gnomeExtensions.vitals
      gnupg
      go
      jetbrains-toolbox
      jq
      kbfs
      libu2f-host
      mosh
      mosh
      nixpkgs-fmt
      opensc
      pasystray
      #pcsctools
      pinentry-gnome3
      pkg-config
      pstree
      ripgrep
      slack
      spotify
      statix
      thunderbird
      tmux
      vim
      wl-clipboard
      yubikey-personalization
      yubikey-manager-qt
      zellij
      rustup
    ];

    #----=[ Fonts ]=----#
    fonts = {
      enableDefaultPackages = false;
      packages = with pkgs; [
        noto-fonts-emoji
        liberation_ttf
        freefont_ttf
        (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" "JetBrainsMono" ]; })
      ];

      fontconfig = {
        enable = true;
        defaultFonts = {
          serif = [ "Liberation" ];
          sansSerif = [ "Liberation" ];
          monospace = [ "JetBrainsMono" ];
          emoji = [ "Noto Color Emoji" ];
        };
      };
    };

    # remote desktop
    networking.firewall.allowedTCPPorts = [ 3389 ];
  };
}