nixos-config/hosts/fa-t14-2025/configuration.nix

{ config, pkgs, lib, ... }:

{
  imports =
    [
      ../../base.nix
      ./hardware-configuration.nix

      ./desktop.nix
  ];

  networking = {
    networkmanager.enable = true;
    # interfaces.eno1 = {
    #   useDHCP = true;
    #   tempAddress = "disabled";
    # };

    tempAddresses = "disabled";
    hostName = "fa-t14-2025";
    nameservers = [ "1.1.1.1" "1.0.0.1" ];
    domain = "mktv.local";
    hostId = "f458d6aa";

    search = [
      "mktv.no"
      "mktv.local"
    ];

    # firewall.extraCommands = ''
    #   # IT VPN
    #   iptables -I nixos-fw -p tcp -m tcp --dport 22 --source 129.241.117.0/24 -j nixos-fw-accept
    #   ip6tables -I nixos-fw -p tcp -m tcp --dport 22 --source 2001:700:301:12::/63 -j nixos-fw-accept
    # '';

    # firewall.extraStopCommands = ''
    #   iptables -F nixos-fw
    #   ip6tables -F nixos-fw
    # '';
  };

  console.keyMap = "no";

  nixpkgs.config = {
    allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
      "copilot.vim"
    ];
  };

  services.openssh.openFirewall = false;

  users.users.felixalb = {
    uid = 1000;
    openssh.authorizedKeys.keys = [ ];
    extraGroups = [ "networkmanager" ];
  };

  system.stateVersion = "25.05";
}