# Desktop role
{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.roles.desktop;
in {
  options.roles.desktop = {
    enable = mkEnableOption "to enable the desktop role.";
  };
  config = mkIf (cfg.enable) {
    boot.loader.systemd-boot = {
      enable = true;
      configurationLimit = 5;
    };
    environment.systemPackages = with pkgs; [
      brave # Privacy-oriented browser
      chromium
      element-desktop # A feature-rich client for Matrix.org
      evince # document viewer
      firefox # A web browser built from Firefox source tree
      gnome-tweaks # A tool to customize advanced GNOME 3 options
      krita # A free and open source painting application
      libreoffice-fresh # Comprehensive, professional-quality productivity suite
      librewolf # Firefox fork, focused on privacy, security and freedom
      mplayer # A movie player that supports many video formats
      nextcloud-client # Nextcloud desktop client
      pavucontrol # PulseAudio Volume Control
      pwgen # Password generator
      rsync
      shotwell # Photo organizer
      signal-desktop # Private, simple, and secure messenger
      usbutils # Tools for working with USB devices, such as lsusb
      xorg.libxcb # X C binding
    ];
    fonts.packages = with pkgs; [
      nerdfonts # Iconic font aggregator, collection, & patcher
    ];
    networking = {
      networkmanager.enable = true; # Enables network support via NetworkManager.
      firewall.enable = true;
    };
    nix.settings = {
      substituters = ["https://cosmic.cachix.org/"];
      trusted-public-keys = ["cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="];
    };
    services = {
      acpid.enable = true; # A daemon for delivering ACPI events to userspace programs
      blueman.enable = true; # GTK-based Bluetooth Manager
      devmon.enable = true; # Enable external device automounting.`
      displayManager = {
        defaultSession = "cosmic"; # Set GNOME as the default session
      };
      libinput = {
        enable = true; # Enable touchpad support.
        touchpad = {
          tapping = true;
          tappingButtonMap = "lrm"; # Set the touchpad button mappeing
        };
      };
      pipewire = {
        enable = true;
        alsa = {
          enable = true;
          support32Bit = true;
        };
        pulse.enable = true;
      };
      udev.packages = [
        pkgs.android-udev-rules # Android udev rules list
      ];
      udisks2.enable = true; # Enable udisks2
    };
    security.rtkit.enable = true; # realtime scheduling for sound

    # Configure common hardware settings
    hardware = {
      pulseaudio = {
        enable = false;
      };
      bluetooth = {
        enable = true; # Enable bluetooth
        settings = {
          General = {
            Enable = "Source,Sink,Media,Socket";
            NoPlugin = "sap";
          };
          Policy = {AutoEnable = "true";};
        };
      };
      graphics.enable = true;
    };

    # Configure libreWolf and Chromium
    nixpkgs.config = {allowUnfree = true;};

    profiles.cosmicDesktop.enable = true;

    programs = {
      chromium = {
        enable = true;
        homepageLocation = "https://start.duckduckgo.com/";
      };
    };

    # Groups to add
    users.groups = {
      audio.members = ["craige" "fiona" "hamish" "logan" "xander"];
      libvirtd.members = ["craige" "fiona" "hamish" "logan" "xander"];
      networkmanager.members = ["craige" "fiona" "hamish" "logan" "xander"];
    };
  };
}