nixos-config/base.nix

{ config, lib, pkgs, inputs, values, ... }:

{
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  networking = {
    domain = lib.mkDefault "home.feal.no";
    nameservers = lib.mkDefault [ "192.168.10.175" "192.168.10.1" "1.1.1.1" ];
    useDHCP = lib.mkDefault false;
  };

  time.timeZone = "Europe/Oslo";
  i18n.defaultLocale = "en_US.UTF-8";

  console = {
    font = "Lat2-Terminus16";
    keyMap = lib.mkDefault "no";
  };

  nix = {
    gc = {
      automatic = true;
      options = "--delete-older-than 2d";
    };

    settings = {
      experimental-features = ["nix-command" "flakes"];
      trusted-users = [ "felixalb" ];
      builders-use-substitutes = true;
    };
  };

  programs.zsh.enable = true;

  environment.systemPackages = with pkgs; [
    bottom
    eza
    file
    git
    gnugrep
    gnutar
    htop
    iotop
    lm_sensors
    nix-output-monitor
    p7zip
    python3
    ripgrep
    rsync
    screen
    unzip
    usbutils
    vim
    wget
    zip
  ] ++ lib.optionals (pkgs.stdenv.isLinux) [
    dmidecode
    lm_sensors
    pciutils
  ];

  services.openssh = {
    enable = true;
    openFirewall = lib.mkDefault true;
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = false;
    };

    extraConfig = ''
      AllowTcpForwarding yes
      AllowAgentForwarding yes
      AuthenticationMethods publickey
    '';
  };

  programs.mosh.enable = true;

  users.users.felixalb = {
    isNormalUser = true;
    extraGroups = [
      "wheel"
      "docker"
    ];
    uid = lib.mkDefault 1000;
    openssh.authorizedKeys.keys = lib.mkDefault [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBTXSL0w7OUcz1LzEt1T3I3K5RgyNV+MYz0x/1RbpDHQ felixalb@worf"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDKzPICGew7uN0cmvRmbwkwTCodTBUgEhkoftQnZuO4Q felixalbrigtsen@gmail.com"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH5M7hYl3saBNMAo6sczgfUvASEJWFHuERB7xvf4gxst nix-builder-worf"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJky33ynjqyWP+hh24gFCMFIEqe3CjIIowGM9jiPbT79 felixalb@sisko.home.feal.no"
    ];
    shell = pkgs.zsh;
  };
  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
}