{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./yubikey-gpg.nix
      ./wireguard.nix
    ];

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  boot.plymouth.enable = true;

  fileSystems."/tmp" = {
    device = "none";
    fsType = "tmpfs";
  };

  networking.hostName = "kid";
  networking.networkmanager = {
    enable = true;
  };

  time.timeZone = "Europe/Berlin";

  environment.systemPackages = with pkgs; [
    wget vim sudo htop tmux zsh iotop less brightnessctl lm_sensors
    file
    powertop
    networkmanager-openvpn
    pulseaudio-modules-bt 

    # LTE
    ppp modemmanager
  ];

  programs.sway = {
    enable = true;
    extraPackages = with pkgs; [ swaylock swayidle xwayland dmenu rofi ];
  };

  programs.tmux = {
    enable = true;
    clock24 = true;
  };

  programs.vim.defaultEditor = true;
  programs.nm-applet.enable = true;
  programs.firejail.enable = true;
  programs.java.enable = true;

  fonts.fonts = with pkgs; [
    source-code-pro noto-fonts noto-fonts-emoji dina-font
  ];

  virtualisation.libvirtd.enable = true;
  virtualisation.virtualbox.host.enable = true;
  virtualisation.docker.enable = true;

  # List services that you want to enable:
  services.openssh.enable = true;
  services.acpid.enable = true;
  services.cron.enable = true;
  services.dbus.enable = true;
  services.openvpn.servers = {
    turris = {
      config = "config /home/chief/downloads/turris.conf";
      updateResolvConf = true;
      autoStart = false;
    };
    turris6 = {
      config = "config /home/chief/downloads/turris6.conf";
      updateResolvConf = true;
      autoStart = false;
    };
  };


  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];
  networking.firewall.enable = false;

  # Enable sound.
  hardware.pulseaudio = {
    enable = true;
    package = pkgs.pulseaudioFull;
    extraModules = [ pkgs.pulseaudio-modules-bt ];
  };
  hardware.opengl.enable = true;
  hardware.brightnessctl.enable = true;
  hardware.bluetooth = {
    enable = true;
    powerOnBoot = false;
    extraConfig = "
      [General]
      Enable=Source,Sink,Media,Socket
    ";
  };

  users.groups.chief = {
    name = "chief";
    gid = 1000;
  };

  users.groups.plugdev = {
    name = "plugdev";
  };

  users.users.chief = {
    name = "chief";
    group = "chief";
    uid = 1000;
    initialPassword = "password";
    createHome = true;
    shell = pkgs.zsh;
    isNormalUser = true;
    extraGroups = [ "wheel" "networkmanager" "disk" "kvm" "audio" "video" "systemd-journal" "plugdev" "libvirtd" "docker" ];
  };

  # This value determines the NixOS release with which your system is to be
  # compatible, in order to avoid breaking some software such as database
  # servers. You should change this only after NixOS release notes say you
  # should.
  system.stateVersion = "19.03"; # Did you read the comment?
}