home/nixos/base.nix

{
  system, pkgs, hostname,
  use-efi ? false, efi-mountpoint ? "/boot",
  use-grub ? false, grub-device ? "/dev/sda",
}:
{
  nixpkgs.config.allowUnfree = true; # lol

  networking.hostName = hostname;

  boot.loader = if use-efi
    then {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
      efi.efiSysMountPoint = efi-mountpoint;
    } else if use-grub then {
      grub.enable = true;
      grub.devce = grub-device;
    } else throw "Please use either use-efi or use-grub = true";

  networking.networkmanager.enable = true;

  time.timeZone = "Europe/Stockholm";

  services.logind.lidSwitch = "ignore";
  services.logind.lidSwitchDocked = "ignore";

  services.openssh = {
    enable = true;
    ports = [ 24 ]; # TODO: Set up honeypot on port 22
    settings = {
      PasswordAuthentication = false;
      PermitRootLogin = "no";
    };
  };

  programs.mosh.enable = true;

  # TODO: Options for more users
  users.users.coral = { # hi # hi
    isNormalUser = true;
    extraGroups = [ "wheel" "docker" ];
    shell = pkgs.zsh;
  };

  environment.systemPackages = with pkgs; [
    binutils
    coreutils

    home-manager
    git # for home-manager
  ];

  programs.zsh.enable = true;
  programs.java = { enable = true; package = pkgs.jdk11; };

  virtualisation.docker.enable = true;

  networking.resolvconf.enable = true;
  networking.nameservers = [ "8.8.8.8" ];
  networking.resolvconf.dnsExtensionMechanism = false; # edns seems to be fucky with this enabled

  nix.settings = {
    experimental-features = [ "nix-command" "flakes" ];
    auto-optimise-store = true;
  };

  system.stateVersion = "22.11"; # Did you read the comment?
}