{ pkgs, user, inputs, lib, ... }:
{
  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    loader.systemd-boot.configurationLimit = 5;
  };

  programs.nix-ld.enable = true;
  programs.nix-ld.libraries = with pkgs; [
       libgcc.lib
       glibc_multi.out
  ];

  networking.firewall.enable = true;
  networking.networkmanager.enable = true;

  time.timeZone = "Europe/Berlin";
  i18n.defaultLocale = "en_US.UTF-8";
  i18n.extraLocaleSettings = {
    LC_ADDRESS = "de_DE.UTF-8";
    LC_IDENTIFICATION = "de_DE.UTF-8";
    LC_MEASUREMENT = "de_DE.UTF-8";
    LC_MONETARY = "de_DE.UTF-8";
    LC_NAME = "de_DE.UTF-8";
    LC_NUMERIC = "de_DE.UTF-8";
    LC_PAPER = "de_DE.UTF-8";
    LC_TELEPHONE = "de_DE.UTF-8";
    LC_TIME = "de_DE.UTF-8";
  };

  console.keyMap = "de";

  users.users.${user} = {
    shell = pkgs.zsh;
    isNormalUser = true;
    description = "${user}";
    group = "${user}";
    extraGroups = [
      "networkmanager"
      "wheel"
    ];
    initialPassword = "123";
    openssh.authorizedKeys.keyFiles = [
      ./benjamin.pub
      ./philipp.pub
    ];
  };
  users.groups.admin = {};
  programs.zsh.enable = true;
  programs.zsh.enableCompletion = false;

  environment.systemPackages = with pkgs; [
    neovim
    nettools
    git
    htop
  ];

  nixpkgs.config.allowUnfree = true;

  services.openssh.enable = true;
  services.openssh.settings.PasswordAuthentication = false;

  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.settings.trusted-users = [ "@wheel" ];
  nix.nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];

  system.stateVersion = "25.11";

  documentation.enable = true;
  documentation.man.enable = true;
  documentation.doc.enable = true;

  boot.kernel.sysctl."kernel.sysrq" = 502;

}