{ config, lib, ... }:

with lib;
let
  nixos-version = "21.05";

  pkgs = import <nixpkgs> {
    config = {
      allowUnfree = true;
      permittedInsecurePackages = [
        "openssh-with-gssapi-8.4p1"
      ];
    };

    overlays = [
      (import ./fudo-pkgs/overlay.nix)
    ];
  };

in {
  imports = [
    <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
    <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
    <home-manager/nixos>
  ];

  hardware.enableAllFirmware = true;
  nixpkgs.config.allowUnfree = true;

  environment.systemPackages = with pkgs; [
    btrfs-progs
    emacs
    git
    gparted
    nix-prefetch-scripts
    wget
  ];

  services.openssh = {
    enable = true;
    startWhenNeeded = true;
    permitRootLogin = mkDefault "prohibit-password";
  };

  nixpkgs.config.permittedInsecurePackages = [ "openssh-with-gssapi-8.4p1" ];

  users = {
    users = {
      niten = {
        isNormalUser = true;
        createHome = true;
        hashedPassword =
          "$6$a1q2Duoe35hd5$IaZGXPfqyGv9uq5DQm7DZq0vIHsUs39sLktBiBBqMiwl/f/Z4jSvNZLJp9DZJYe5u2qGBYh1ca.jsXvQA8FPZ/";
        extraGroups = [ "wheel" ];
      };

      root = {
        openssh.authorizedKeys.keys = [
          "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDPwh522lvafTJYA0X2uFdP7Ws+Um1f8gZsARK1Y5nMzf6ZcWBF1jplTOKUVSOl4isMWni0Tu0TnX4zqCcgocWUVbwIwXSIRYqdiCPvVOH+/Ibc97n1/dYxk5JPMtbrsEw6/gWZxVg0qwe0J3dQWldEMiDY7iWhlrmIr7YL+Y3PUd7DOwp3PbfWfNyzTfE1kXcz5YvTeN+txFhbbXT0oS2R2wtc1vYXFZ/KbNstjqd+i8jszAq3ZkbbwL3aNR0RO4n8+GoIILGw8Ya4eP7D6+mYk608IhAoxpGyMrUch2TC2uvOK3rd/rw1hsTxf4AKjAZbrfd/FJaYru9ZeoLjD4bRGMdVp56F1m7pLvRiWRK62pV2Q/fjx+4KjHUrgyPd601eUIP0ayS/Rfuq8ijLpBJgO5/Y/6mFus/kjZIfRR9dXfLM67IMpyEzEITYrc/R2sedWf+YHxSh6eguAZ/kLzioar1nHLR7Wzgeu0tgWkD78WQGjpXGoefAz3xHeBg3Et0="
        ];
      };
    };

    # groups = { wheel = { members = [ "niten" ]; }; };
  };

  home-manager = let
    home-generator = pkgs.callPackage ./nix-home {};
  in {
    useGlobalPkgs = true;

    users = {
      niten = (home-generator.generate-config {
        username = "niten";
        user-email = "niten@fudo.org";
        home-dir = "/home/niten";
      }) {
        enable-gui = false;
      };
    };
  };

  i18n.defaultLocale = "en_US.UTF-8";
  console.useXkbConfig = true;

  services.xserver = {
    layout = "us";
    xkbVariant = "dvp";
    xkbOptions = "ctrl:nocaps";
  };

  nix = {
    package = pkgs.nixFlakes;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
  };

  programs = {
    ssh = {
      startAgent = true;

      package = pkgs.openssh_gssapi;

      extraConfig = ''
        GSSAPIAuthentication yes
        GSSAPIDelegateCredentials yes
      '';
    };
  };
}