{ flake, lib, config, hostName, userName, pkgs, ... }:
let
  haveGKleen = flake.nixosModules.accounts ? "gkleen@${hostName}";
in {
  imports = with flake.nixosModules.userProfiles.${userName}; [
    zsh tmux direnv utils
  ];

  users.users.${userName} = lib.mkIf haveGKleen {
    inherit (config.users.users."gkleen") hashedPassword shell;
    openssh.authorizedKeys.keyFiles = config.users.users."gkleen".openssh.authorizedKeys.keyFiles;
  };

  home-manager.users.${userName} = {
    programs = {
      git = {
        enable = true;
        userEmail = "gkleen@yggdrasil.li";
        userName = "Gregor Kleen";
        delta.enable = true;
        extraConfig = {
          pull.rebase = false;
        };
      };

      ssh = {
        enable = true;
        controlMaster = "auto";
        controlPersist = "30m";
        serverAliveInterval = 6;
        hashKnownHosts = true;
        extraConfig = ''
          IdentitiesOnly true
          ServerAliveCountMax 10
        '';
      };

      gpg.enable = true;
    };

    services = {
      gpg-agent = {
        enable = true;
        enableSshSupport = true;
        extraConfig = ''
          pinentry-program ${pkgs.pinentry-curses}/bin/pinentry
          grab
        '';
      };
    };
  };
}