# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running ‘nixos-help’).

{ inputs, hostName, config, pkgs, lib, ... }:

{
  imports = [ ./cachix.nix ];

  # Nix ######################################################################
  system.stateVersion = "20.03"; # Leave this alone (see configuration.nix(5))

  nixpkgs.config = {
    allowUnfree = true;
    joypixels.acceptLicense = true;
    permittedInsecurePackages = [ "electron-13.6.9" ];
  };
  nixpkgs.overlays = [
    #   (self: super: { libvirt = (import (builtins.fetchTarball "https://github.com/NixOS/nixpkgs/archive/066676b839a217f6b1b5d8ab05842604d33b7258.tar.gz") {}).libvirt; })
  ];

  nix = {
    package = pkgs.nixUnstable;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
    settings.auto-optimise-store = true;
    gc = {
      automatic = true;
      dates = "Saturday";
      options = "--delete-older-than 14d";
    };
    registry = {
      nixpkgs.flake = inputs.nixpkgs;
      nur.flake = inputs.nur;
    };
  };

  # Kernel ###################################################################
  boot = {
    extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
    kernelModules = [ "v4l2loopback" ];
    kernel.sysctl = {
      "net.core.rmem_max" = 2500000;
      "vm.swappiness" = 10;
    };
    supportedFilesystems = [ "btrfs" "ntfs" ];
  };
  powerManagement.cpuFreqGovernor = "schedutil";

  # Users ####################################################################
  users.users.jez = {
    isNormalUser = true;
    description = "Jez Cope";
    group = "jez";
    extraGroups = [ "wheel" "video" "audio" "networkmanager" ];
    shell = pkgs.zsh;
    openssh.authorizedKeys.keyFiles = [ ./data/yubikey_ssh.pub ];
  };
  users.groups.jez = { };
  users.users.elly.isNormalUser = true;

  environment.shells = with pkgs; [ bashInteractive bash xonsh fish zsh ];
  programs.zsh.enable = true;

  # Networking ###############################################################
  networking = {
    inherit hostName;
    useDHCP = false;
    networkmanager.enable = true;
    networkmanager.unmanaged = [ "interface-name:ve-*" ];
    firewall = {
      enable = true;
      allowedTCPPorts = [
        22000 # SyncThing
      ];
      allowedUDPPorts = [
        21027 # SyncThing
      ];
    };
    nat = {
      enable = true;
      externalInterface = "wlp37s0";
      internalInterfaces = [ "ve-+" ];
    };
  };

  services.avahi = {
    enable = true;
    nssmdns = true;
    publish = {
      enable = true;
      addresses = true;
    };
  };

  services.openssh.enable = true;
  programs.mosh.enable = true;

  # Bluetooth ################################################################
  hardware.bluetooth.enable = true;
  services.blueman.enable = true;

  # Localisation #############################################################
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.UTF-8";
  console = {
    font = "ter-124n";
    packages = [ pkgs.terminus_font ];
    keyMap = "us";
  };

  # General ##################################################################
  environment.systemPackages = with pkgs; [
    cachix
    zsh
    xonsh

    wget
    vim
    git
    git-crypt
    tree
    iputils
    ripgrep
    usbutils
    hdparm
    smartmontools
    cryptsetup
    thin-provisioning-tools

    refind
    terminus_font

    man-pages
  ];

  documentation = {
    man.generateCaches = true;
    dev.enable = true;
  };

  # Desktop environment ####################################################
  hardware.opengl.driSupport32Bit = true;

  services.xserver = {
    enable = true;
    layout = "us";
    libinput.enable = true;
    displayManager.gdm.enable = true;
    displayManager.importedVariables =
      [ "XDG_SESSION_TYPE" "XDG_CURRENT_DESKTOP" "XDG_SESSION_DESKTOP" ];
    desktopManager.mate.enable = true;
    desktopManager.gnome.enable = true;
    desktopManager.gnome.flashback.enableMetacity = true;
    windowManager.i3.enable = true;
  };
  programs.sway = {
    enable = true;
    wrapperFeatures.gtk = true;
  };
  programs.dconf.enable = true;

  xdg.portal = {
    enable = true;
    wlr.enable = true;
    xdgOpenUsePortal = false;
  };

  services.printing.enable = true;

  services.flatpak.enable = true;

  # Sound ####################################################################
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    pulse.enable = true;
    jack.enable = true;
  };
  security.rtkit.enable = true;

  # Location #################################################################
  location = {
    provider = "manual";
    # Somewhere roughly in the North of England
    latitude = 54.0;
    longitude = 1.0;
  };

  # Services #################################################################
  services.accounts-daemon.enable = true;

  services.pcscd = {
    enable = true;
    plugins = [ pkgs.ccid ]; # Needed for GPG + Yubikey
  };

  virtualisation = {
    docker = {
      enable = true;
      autoPrune.enable = true;
    };
    libvirtd.enable = true;
    waydroid.enable = true;

    spiceUSBRedirection.enable = true;
  };
  users.groups.libvirtd.members = [ "jez" ];

  services.smartd.enable = true;

  # Hardware #################################################################
  hardware.logitech.wireless.enable = true;

  hardware.keyboard = {
    qmk.enable = true;
    zsa.enable = true;
  };

}