# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').

{ config, pkgs, lib, ... }:

{
  # Bootloader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  # kernel
  boot.kernelPackages = pkgs.linuxPackages_latest;

  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.

  # Enable networking
  networking.networkmanager.enable = true;
  
  # X11 and desktop/display manager is enabled using imported files

  # Enable CUPS to print documents.
  services.printing.enable = true;

  # Enable sound with pipewire.
  sound.enable = true;
  hardware.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;

    # Enable audio interfaces renaming
    wireplumber.enable = true;
  };

  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    wget
    git
    ffmpeg
    yt-dlp
    mpv
    htop
    btop
    fastfetch
    ranger
    smartmontools
    ddrescue
  ];

  # Enable fail2ban because of the OpenSSH server
  services.fail2ban = {
    enable = true;
    maxretry = 10;
    bantime = "7d";
  };

  # Enable the OpenSSH daemon.
  services.openssh = {
    enable = true;
    ports = [
      22
      8022
    ];
    extraConfig = ''
      X11Forwarding yes
    '';
  };
}