{
  pkgs,
  lib,
  config,
  ...
}:
with lib;
let
  cfg = config.global.kernel;
in
{
  options.global.kernel = {
    enable = mkEnableOption "kernel version and configuration" // {
      default = true;
    };
    lts = mkEnableOption "longterm kernel releases";
    sysctl = {
      enable = mkEnableOption "sysctl presets" // {
        default = true;
      };
      harden = mkEnableOption "hardening sysctls" // {
        default = true;
      };
      swappiness = mkOption {
        type = with types; int;
        default = 0;
        description = "vm.swappiness value, should be zero for low memory SSD systems";
      };
    };
  };

  config = mkIf cfg.enable {
    boot.kernel.sysctl = {
      "kernel.dmesg_restrict" = mkIf cfg.sysctl.harden 1;
      "vm.swappiness" = cfg.sysctl.swappiness;
    };
    boot.kernelPackages =
      with pkgs;
      mkOverride 1001 (if cfg.lts then linuxPackages else linuxPackages_latest);
  };
}