{
  config,
  pkgs,
  ...
}:
{
  home.username = "kjtsanaktsidis";
  home.homeDirectory = "/home/kjtsanaktsidis";
  home.stateVersion = "25.05";

  programs.home-manager.enable = true;

  # Install packages
  home.packages = with pkgs; [
    htop
    zellij
    tmux
    neovim
    git-absorb
    # LazyVim dependencies
    lazygit
    ripgrep
    fd
    nodejs
    python3
  ];

  # Configure sops for home-manager
  sops = {
    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
    defaultSopsFile = ./secrets.yaml;
    secrets = {
      kj_id_ed25519 = {
        path = "${config.home.homeDirectory}/.ssh/id_ed25519";
      };
      kj_gpg_private_key = {
        path = "${config.home.homeDirectory}/.gnupg/private-key.asc";
      };
    };
  };

  # LazyVim configuration for Neovim
  programs.neovim = {
    enable = true;
    defaultEditor = true;
    viAlias = true;
    vimAlias = true;
    plugins = with pkgs.vimPlugins; [
      LazyVim
    ];
    extraLuaConfig = ''
      require("lazyvim").setup()
      ${builtins.readFile ./lazyvim-config.lua}
    '';
  };

  # Git configuration
  programs.git = {
    enable = true;
    userName = "KJ Tsanaktsidis";
    userEmail = "kj@kjtsanaktsidis.id.au";
    signing = {
      key = "7F21FB211E24B02A5DEF86E227CD40EB9B81C726";
      signByDefault = true;
    };
    extraConfig = {
      pull.rebase = true;
    };
  };

  # SSH public key (private key is managed by sops)
  home.file.".ssh/id_ed25519.pub" = {
    text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtGcEXu5S/0zsF6Suxc65DmGFGt1JWRnqadoVhErOed kjtsanaktsidis@KJMacbookGroq.local";
  };

  # Zsh configuration
  programs.zsh = {
    enable = true;
    history = {
      size = 1000000;
      save = 1000000;
      append = true;
      extended = true;
      ignoreSpace = false;
      ignoreDups = false;
    };

    initContent = builtins.readFile ./zsh-config.zsh;
  };

  # FZF with standard keybindings
  programs.fzf = {
    enable = true;
    enableZshIntegration = true;
  };

  programs.gpg = {
    enable = true;
    homedir = "${config.home.homeDirectory}/.gnupg";
  };
  services.gpg-agent = {
    enable = true;
  };
  home.activation.importGpgPrivateKey = config.lib.dag.entryAfter ["sops-nix" "onFilesChange"] ''
    export GNUPGHOME="${config.programs.gpg.homedir}"
    $DRY_RUN_CMD ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}"
    echo "GPG private key imported from sops secret"
  '';
}