# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).
{
  config,
  pkgs,
  lib,
  ...
}:
with lib;
with builtins; {
  nix = {
    package = pkgs.nixVersions.stable;
    extraOptions = ''
      experimental-features = nix-command flakes
      keep-outputs = true
      keep-derivations = true
    '';
  };

  nixpkgs = {
    config = {
      allowUnfree = true;
      permittedInsecurePackages = [
        "nodejs-16.20.0"
      ];
    };
  };

  environment = {
    systemPackages = with pkgs; [
      # pynitrokey
      # nitrokey-app2

      veracrypt

      htmlq

      wget
      git
      neofetch
      pciutils
      zip
      unzip
      gnutar
      iw
      btop
      nodejs
      jdk8
      jdk11
      jdk
      libsecret
      gh
      nix-prefetch-scripts
      fzf
      glab
      ripgrep
      sl
      lolcat
      appimage-run
      git-crypt
      file
      whois
      p7zip
      file
      nmap
      cmatrix
      tree
      socat
      smartmontools
      mprocs
      dig
      aria2
      usbutils
      numbat
    ];
  };

  networking = {
    networkmanager = {
      enable = true;
    };
  };

  services = {
    openssh = {
      enable = true;
      # settings.PasswordAuthentication = false;
      # settings.KbdInteractiveAuthentication = false;
    };
  };

  console.colors = [
    "282828"
    "cc241d"
    "98971a"
    "d79921"
    "458588"
    "b16286"
    "689d6a"
    "a89984"
    "928374"
    "fb4934"
    "b8bb26"
    "fabd2f"
    "83a598"
    "d3869b"
    "8ec07c"
    "ebdbb2"
  ];

  # nitrokey
  services.udev.packages = [pkgs.nitrokey-udev-rules];
  services.pcscd.enable = true;

  programs = {
    ssh.startAgent = false;
    gnupg.agent = {
      enable = true;
      enableSSHSupport = true;
    };

    dconf.enable = true;
    mtr.enable = true;
  };

  time.timeZone = "Europe/Berlin";

  home-manager.users.jade = {
    nixosConfig,
    pkgs,
    ...
  }: {
    home.sessionVariables.TZ = nixosConfig.time.timeZone;
  };

  nixpkgs.config.packageOverrides = pkgs: {
    sudo = pkgs.sudo.override {withInsults = true;};
  };
  security.sudo.extraConfig = "Defaults insults";

  boot.kernel.sysctl."vm.max_map_count" = 2147483642;

  hardware = {
    opengl.enable = true;
    uinput.enable = true;
    bluetooth.enable = true;
    # keyboard.uhk.enable = true;
  };

  services.avahi = {
    enable = true;
  };

  security.rtkit.enable = true;

  users.users.jade = {
    isNormalUser = true;
    extraGroups = ["wheel" "input" "uinput" "libvirtd" "adbusers" "dialout" "plugdev" "wireshark"];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOaE8TFsIazpn4OnHvHcRpOFr9FfvMaWOiEjmHsmnAoE cardno:000F_70CD7D05"
    ];
  };

  zramSwap = {
    enable = true;
    algorithm = "zstd";
  };

  users.defaultUserShell = pkgs.nushellFull;
}