{ config, pkgs, lib, ... }:
with lib;
with types;
let

  cfg = config.components.mainUser;

  dockerGroup =
    if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];

  vboxGroup =
    if (config.virtualisation.virtualbox.host.enable) then
      [ "vboxusers" ]
    else
      [ ];

in
{

  options.components.mainUser = {

    enable = mkEnableOption "enable mainUser for a system";

    userName = mkOption {
      type = str;
      default = "palo";
      description = ''
        name of the main user
      '';
    };

    uid = mkOption {
      type = int;
      default = 1337;
      description = ''
        uid of main user
      '';
    };

    extraGroups = mkOption {
      default = [ ];
      type = listOf str;
      description = ''
        list of groups the main user should also be in
      '';
    };

    authorizedKeyFiles = mkOption {
      default = [ ];
      type = listOf str;
      description = ''
        list of keys allowed to login as this user
      '';
    };

  };

  config = mkIf cfg.enable {

    users = {

      mutableUsers = lib.mkDefault true;

      defaultUserShell = pkgs.zsh;

      groups.mainUser.name = cfg.userName;

      users.mainUser = {
        isNormalUser = true;
        name = cfg.userName;
        uid = cfg.uid;
        home = "/home/${cfg.userName}";
        initialPassword = cfg.userName;
        extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" ]
          ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
        openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
        group = config.users.groups.mainUser.name;
      };

    };

  };
}