{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./router.nix
      ./dhcp.nix
      ./dns.nix
      ./ipv6.nix
      ./nginx.nix
    ];

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  networking.hostName = "pre-router"; # Define your hostname.

  # Set your time zone.
  time.timeZone = "Europe/Berlin";

  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
  # Per-interface useDHCP will be mandatory in the future, so this generated config
  # replicates the default behaviour.
  networking.useDHCP = false;
  #networking.interfaces.ens18.useDHCP = false;
  #networking.interfaces.ens19.useDHCP = false;
  networking.firewall.allowedTCPPorts = [ 19999 ];
  services.netdata.enable = true;

  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";
  console = {
    font = "Lat2-Terminus16";
    keyMap = "de-latin1";
  };


  users.users.garionion = {
        isNormalUser = true;
        shell = pkgs.zsh;
        packages =  with pkgs; [
            wget vim screen mtr iperf
            htop dstat dnsutils nettools tcpdump
            git bat starship direnv
        ];
        hashedPassword = "$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
        extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
        openssh.authorizedKeys.keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"];
    };
    programs.zsh = {
        enable = true;
        histSize = 10000;
        autosuggestions.enable = true;
        enableBashCompletion = true;
        syntaxHighlighting.enable = true;
        promptInit = ''
            source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-''$VENDOR-''$OSTYPE}
            [[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
            [[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
            bindkey "''${key[Up]}" up-line-or-search
            bindkey "''${key[Home]}" beginning-of-line
            bindkey "''${key[End]}" end-of-line
            bindkey "''${key[Delete]}" delete-char
            function command_not_found_handler() { command-not-found $1 }
            alias cat='bat'
            eval "$(direnv hook zsh)"
            eval "$(starship init zsh)"
        '';
    };
     programs.starship = {
        enable = true;
        settings = {
        # add_newline = false;
        # character = {
        #   success_symbol = "[➜](bold green)";
        #   error_symbol = "[➜](bold red)";
        # };
        # package.disabled = true;
        };
    };

  programs.mtr.enable = true;
  nix.settings = {
        trusted-users = [ "@wheel" ];
        auto-optimise-store = true;
    };
    nix.gc = {
        automatic = true;
        dates = "weekly";
        options = "--delete-older-than 14d";
    };
    nix.extraOptions = ''
        min-free = ${toString (100 * 1024 * 1024)}
        max-free = ${toString (1024 * 1024 * 1024)}
    '';

  # List services that you want to enable:

  services.openssh = {
        enable = true;
        passwordAuthentication = false;
        kbdInteractiveAuthentication = false;
        permitRootLogin = "yes";
    };


  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
  # this value at the release version of the first install of this system.
  # Before changing this value read the documentation for this option
  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
  system.stateVersion = "21.11"; # Did you read the comment?

}