dotfiles/config/nix/modules/common.nix

{ pkgs, lib, ... }:
{
  boot.loader.grub.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  networking.hostName = "nixos";

  time.timeZone = "Europe/Amsterdam";

  # TODO qwerty-fr for console

  # Enable CUPS to print documents
  services.printing.enable = true;

  # Enable passwordless sudo
  security.sudo.extraRules = [{
    groups = [ "wheel" ];
    commands = [{
      command = "ALL";
      options = [ "NOPASSWD" ];
    }];
  }];

  # Users
  users.users.geoffrey = {
    isNormalUser = true;
    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
    packages = with pkgs; [
      # dotfiles dependencies
      coreutils
      bash
      gnugrep
      gnused
      gnutar
      openssl
      git
      wget
      curl
      python3Packages.pip
      ansible # TODO Reevaluate

      # shell
      zsh-completions
      nix-zsh-completions
      zsh-history-substring-search
      antigen # TODO Reevaluate
      powerline-go

      # terminal essentials
      moreutils
      man
      visidata
      nodePackages.insect
      translate-shell
      unzip
      unrar
      p7zip

      # remote
      openssh
      rsync
      borgbackup

      # cleanup
      jdupes
      duperemove
      optipng
      libjpeg
      # FIXME reflac not available (but also a dumb shell script)

      # local monitoring
      htop
      iotop
      iftop
      lsof
      strace
      pv
      progress
      speedtest-cli

      # multimedia toolbox
      ffmpeg
      sox
      imagemagick

      # password
      pass
      pwgen

      # Mail
      isync
      msmtp
      notmuch
      neomutt
      lynx

      # Organisation
      vdirsyncer
      khard
      khal
      todoman
      syncthing

    ];
    initialPassword = "cartable"; # DEBUG
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPE41gxrO8oZ5n3saapSwZDViOQphm6RzqgsBUyA88pU geoffrey@frogeye.fr"
    ];
  };

  environment.systemPackages = with pkgs; [
    wget
    kexec-tools
    openvpn
    update-resolv-conf # TODO Is it what I think it is?
  ];

  # Enable compilation cache
  programs = {
    ccache.enable = true;
    # TODO Not enough, see https://nixos.wiki/wiki/CCache.
    # Might want to see if it's worth using on NixOS
    gnupg.agent.enable = true;

    # Let users mount disks
    udevil.enable = true;

    # TODO Below should be user config

    zsh = {
      enable = true;
      autosuggestions.enable = true;
      enableCompletion = true;
      syntaxHighlighting.enable = true;
    };
    neovim = {
      enable = true;
      defaultEditor = true;
      vimAlias = true;
      viAlias = true;
    };
  };

  services = {
    # Enable the OpenSSH daemon
    openssh.enable = true;
    getty.autologinUser = "geoffrey"; # DEBUG

    # Time sychronisation
    chrony = {
      enable = true;
      servers = map (n: "${toString n}.europe.pool.ntp.org") (lib.lists.range 0 3);
      extraConfig = "rtcsync";
    };

    # Prevent power button from shutting down the computer.
    # On Pinebook it's too easy to hit,
    # on others I sometimes turn it off when unsuspending.
    logind.extraConfig = "HandlePowerKey=ignore";

  };

  # FIXME services.openvpn.servers.<name>.updateResolvConf=true
  # For profiles in the extensions

  # TODO Hibernation?

  # TEST
  system.copySystemConfiguration = true;

  # Use defaults from
  system.stateVersion = "23.05";

}