{ pkgs, config, lib, ... }:

with lib;
let
  cfg = config.modules.hardware.networking;
in {
  options.modules.hardware.networking = {
    enable = mkEnableOption "Enable NetworkManager, a daemon for configuring network interfaces";
    powersave = mkEnableOption {
      default = config.modules.core.laptop;
      description = "Enable power saving options over Wi-Fi";
    };
  };

  config = mkIf cfg.enable {
    networking.networkmanager = {
      enable = true;
      dns = "systemd-resolved";
      wifi.backend = "iwd";
      wifi.powersave = cfg.powersave;
    };


    services.resolved.enable = true;
    services.resolved.settings.Resolve.DNSSEC = "allow-downgrade";
    services.resolved.settings.Resolve.DNSOverTLS = "opportunistic";

    networking.wireless.iwd.enable = true;
    networking.wireless.iwd.settings.Settings.AutoConnect = true;

    # guest wifis are extremely invasive with dns takeover
    # lets just bypass that !
    networking.nameservers = [
      "1.1.1.1#cloudflare-dns.com"
      "8.8.8.8#dns.google"
      "1.0.0.1#cloudflare-dns.com"
      "8.8.4.4#dns.google"
      "2606:4700:4700::1111#cloudflare-dns.com"
      "2001:4860:4860::8888#dns.google"
      "2606:4700:4700::1001#cloudflare-dns.com"
      "2001:4860:4860::8844#dns.google"
    ];

    # default startup time is Slowww
    systemd.services.NetworkManager-wait-online.enable = false;
  };
}