# Performance optimizations
{
  config,
  lib,
  pkgs,
  nomarchyConfig,
  ...
}: {
  # Zram swap for better memory management
  zramSwap = {
    enable = true;
    algorithm = "zstd";
    memoryPercent = 50;
  };

  # Tmpfs for /tmp (faster, auto-cleans)
  boot.tmp = {
    useTmpfs = true;
    tmpfsSize = "50%";
  };

  # Kernel parameters for performance
  boot.kernelParams =
    [
      "quiet"
      "splash"
    ]
    # SECURITY WARNING: mitigations=off disables CPU vulnerability protections
    # Only enable if you understand the security implications
    ++ lib.optionals (nomarchyConfig.enableMitigationsOff or false) [
      "mitigations=off"
    ];

  # Better I/O scheduler for SSDs
  services.udev.extraRules = ''
    ACTION=="add|change", KERNEL=="sd[a-z]*|nvme[0-9]*", ATTR{queue/scheduler}="mq-deadline"
  '';

  # Kernel sysctl tuning
  boot.kernel.sysctl = {
    # Increase inotify watches for large projects (IDEs, file watchers)
    "fs.inotify.max_user_watches" = 524288;
    "fs.inotify.max_user_instances" = 1024;

    # Memory management
    "vm.swappiness" = 10;           # Prefer RAM over swap
    "vm.vfs_cache_pressure" = 50;   # Balance inode/dentry cache
  };

  # Nix garbage collection
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 7d";
  };

  # Nix store optimization
  nix.settings = {
    auto-optimise-store = true;
    max-jobs = "auto";
    cores = 0;  # Use all cores
  };

  # Earlyoom to prevent OOM freezes
  services.earlyoom = {
    enable = true;
    freeMemThreshold = 5;
    freeSwapThreshold = 10;
  };
}