{
  config,
  lib,
  pkgs,
  modulesPath,
  ...
}: let
  cfg = config.sils.basesystem;
in {
  options.sils.basesystem.enable = lib.mkEnableOption "basesystem";

  config = lib.mkIf cfg.enable {
    networking.hostName = config.sils.meta.hostname;

    boot = {
      initrd = {
        systemd.enable = true;
        availableKernelModules = ["xhci_pci" "nvme" "rtsx_pci_sdmmc"];
        kernelModules = [];
        luks.devices."cryptroot" = {
          crypttabExtraOpts = ["fido2-device=auto"];
          device = config.sils.meta.rootPart;
        };
      };
      kernelModules = ["kvm-intel"];
      extraModulePackages = [];
      kernelPackages = pkgs.linuxPackages_latest;
      lanzaboote = {
        enable = false;
        configurationLimit = 10;
        pkiBundle = "/etc/secureboot";
        settings = {
          editor = false;
        };
      };
        loader.grub.enable = true;
	loader.grub.efiSupport = true;
   	loader.grub.efiInstallAsRemovable = true;
      resumeDevice = config.sils.meta.mainDisk;
      #kernelParams = ["resume_offset=369403136"];
    };

    #fileSystems = {
    #  "/" = {
    #    device = "tmpfs";
    #    fsType = "tmpfs";
    #    options = ["defaults" "size=2G" "mode=755"];
    #  };
    #  "/tmp" = {
    #    device = "tmpfs";
    #    fsType = "tmpfs";
    #    options = ["defaults" "size=5G" "mode=755"];
    #  };
    #  "/nix" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=nix" "compress-force=zstd"];
    #  };
    #  "/etc/NetworkManager" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=networkmanagerconfig" "compress-force=zstd"];
    #  };
    #  "/etc/secureboot" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=secureboot" "compress-force=zstd"];
    #  };
    #  "/etc/nixos" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=nixconfig" "compress-force=zstd"];
    #  };
    #  "/srv" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=srv" "compress-force=zstd"];
    #    neededForBoot = true;
    #  };
    #  "/swap" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=swap" "noatime"];
    #  };
    #  "/home" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=home" "compress-force=zstd"];
    #  };
    #  "/srv/snapshots" = {
    #    device = config.sils.meta.mainDisk;
    #    fsType = "btrfs";
    #    options = ["subvol=snapshots" "compress-force=zstd"];
    #  };
    #  "/boot" = {
    #    device = config.sils.meta.bootPart;
    #    fsType = "vfat";
    #  };
    #};

    #swapDevices = [
    #  {
    #    device = "/swap/swapfile";
    #  }
    #];

    system.stateVersion = "23.05";

    i18n.defaultLocale = "en_US.UTF-8";

    time.timeZone = "Europe/Berlin";
    # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
    # (the default) this is the recommended approach. When using systemd-networkd it's
    # still possible to use this option, but it's recommended to use it in conjunction
    # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
    networking.useDHCP = true;
    # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
    # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;

    nixpkgs.hostPlatform = config.sils.meta.system;
    powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
    hardware = {
      cpu.intel.updateMicrocode = true;
      enableRedistributableFirmware = true;
    };
  };
}