{
  lib,
  inputs,
  getFlakePkg,
  ...
}:
{
  imports = [
    inputs.run0-shim.nixosModules.default
    inputs.yoke.nixosModules.default
  ];
  environment.shellAliases = {
    #make run0 use aliases
    run0 = "run0 --background='' ";
    s = "run0";
  };
  services.dbus.implementation = "broker";
  security = {
    sudo.enable = false;
    polkit = {
      enable = true;
      extraConfig = ''
        polkit.addRule(function(action, subject) {
          if (action.id == "org.freedesktop.policykit.exec" ||
              action.id.indexOf("org.freedesktop.systemd1.") == 0) {
            return polkit.Result.AUTH_ADMIN_KEEP;
          }
        });
      '';
    };
  };
  environment.systemPackages = [ (getFlakePkg inputs.run0-shim) ];
  security.soteria.enable = true;
  systemd.user.services.polkit-soteria = {
    after = [ "dbus.socket" ];
    requires = [ "dbus.socket" ];
    serviceConfig = {
      Environment = [
        "DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/%U/bus"
      ];
      # RestartSec = 3;
    };
    unitConfig = {
      StartLimitIntervalSec = 30;
      StartLimitBurst = 5;
    };
  };
  # niri-flake is death
  systemd.user.services.niri-flake-polkit = lib.mkForce { };
  services.gnome.gnome-keyring.enable = lib.mkForce false;
}