{ config, pkgs, lib, ... }:

with lib;

let

  cfg = config.system.custom.mainUser;

  dockerGroup =
    if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];

  vboxGroup =
    if (config.virtualisation.virtualbox.host.enable) then
      [ "vboxusers" ]
    else
      [ ];

in
{

  options.system.custom.mainUser = {

    enable = mkEnableOption "enable mainUser for a desktop system";

    userName = mkOption {
      type = with types; str;
      description = ''
        name of the main user
      '';
    };

    uid = mkOption {
      type = with types; int;
      default = 1337;
      description = ''
        uid of main user
      '';
    };

    extraGroups = mkOption {
      default = [ ];
      type = with types; listOf str;
      description = ''
        list of groups the main user should also be in
      '';
    };

    authorizedKeyFiles = mkOption {
      default = [ ];
      type = with types; listOf str;
      description = ''
        list of keys allowed to login as this user
      '';
    };

  };

  config = mkIf cfg.enable {

    users = {

      mutableUsers = true;
      defaultUserShell = pkgs.zsh;

      users.mainUser = {
        isNormalUser = true;
        name = cfg.userName;
        uid = cfg.uid;
        home = "/home/${cfg.userName}";
        initialPassword = cfg.userName;
        extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" ]
          ++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
        openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
      };
    };
  };
}