{ lib, config, ... }:
let
  cfg = config.my.modules.hardware.do-droplet;
in
{
  options.my.modules.hardware.do-droplet = {
    enable = lib.mkEnableOption "DigitalOcean Droplet hardware defaults";
  };

  config = lib.mkIf cfg.enable {
    boot.loader.grub = {
      efiSupport = true;
      efiInstallAsRemovable = true;
    };

    networking.useDHCP = lib.mkForce false;

    # this one seems to always be broken
    systemd.services.growpart.enable = lib.mkForce false;

    # in order to get networking setup we need to enable it in cloud-init
    # Disables all modules that do not work with NixOS
    # Based on https://github.com/nix-community/nixos-anywhere-examples/blob/7f945ff0ae676c0eb77360b892add91328dd1f17/digitalocean.nix
    services.cloud-init = {
      enable = true;
      network.enable = true;
      settings = {
        datasource_list = [
          "ConfigDrive"
          "Digitalocean"
        ];
        datasource.ConfigDrive = { };
        datasource.Digitalocean = { };
        # Based on https://github.com/canonical/cloud-init/blob/main/config/cloud.cfg.tmpl
        cloud_init_modules = [
          "seed_random"
          "bootcmd"
          "write_files"
          "growpart"
          "resizefs"
          "set_hostname"
          "update_hostname"
          "set_password"
        ];
        cloud_config_modules = [
          "ssh-import-id"
          "keyboard"
          "runcmd"
          "disable_ec2_metadata"
        ];
        cloud_final_modules = [
          "write_files_deferred"
          "puppet"
          "chef"
          "ansible"
          "mcollective"
          "salt_minion"
          "reset_rmc"
          "scripts_per_once"
          "scripts_per_boot"
          "scripts_user"
          "ssh_authkey_fingerprints"
          "keys_to_console"
          "install_hotplug"
          "phone_home"
          "final_message"
        ];
      };
    };
  };
}