{ config, pkgs, ... }:
let
  configLimit = 5;
  # default = "@saved";
  kernel = pkgs.linuxPackages_cachyos;
  pkgsVersion = pkgs; #.unstable;
in
{
  # Configure bootloader with lanzaboot and secureboot
  boot = {
    kernelModules = [
      "nct6775"
      "kvm-amd"
      "i2c-dev"
      "ddcci_backlight"
    ];
    extraModulePackages = [config.boot.kernelPackages.ddcci-driver];
    loader = {
      efi = {
        canTouchEfiVariables = true;
        efiSysMountPoint = "/boot";
      };
    };

    initrd = {
      verbose = false;
      systemd.enable = true;
      availableKernelModules = [
        "xhci_pci"
        "nvme"
        "ahci"
        "usbhid"
        "uas"
        "usb_storage"
        "sd_mod"
      ];
    };

    plymouth = {
      enable = true;
    };

    lanzaboote = {
      enable = true;
      pkiBundle = "/etc/secureboot";
      settings = {
        #        default = default;
        console-mode = "max";
      };
      configurationLimit = configLimit;
    };

    kernelPackages = kernel;

    kernelParams = [
      "quiet"
      # needed cause ssd powersaving is broken af I guess
      "nvme_core.default_ps_max_latency_us=0"
      "pcie_aspm=off"
    ];

    consoleLogLevel = 3;
    bootspec.enable = true;
  };

  zramSwap.enable = true;

  environment.systemPackages = with pkgsVersion; [
    edk2-uefi-shell
  ];
}