{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  # Bootloader.
  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/sda";
  boot.loader.grub.useOSProber = true;

  networking.hostName = "deneb";
  networking.wireless.enable = true;  # Enables wireless support
  networking.wireless.networks = {
    "Lockdown Welfare WiFi" = {
      psk = "snip";
    };
  };
  networking.wireguard.interfaces = {
    gemini = {
      ips = [ "fded:cafe:babe:1::240/64" ];
      listenPort = 51820;
      privateKeyFile= "/home/servicedata/wireguard.key";
      peers = [{
        publicKey  = "uQ36+e+ZYdM/zz+cprvTWDUNsQ+cvoA9BitRIPg44Bo=";
        endpoint   = "snip:51820";
        allowedIPs = [ "fded:cafe:babe:1::/64" ];
        persistentKeepalive = 20;
      }];
    };
  };

  # Set your time zone.
  time.timeZone = "UTC";

  # Select internationalisation properties.
  i18n.defaultLocale = "en_GB.UTF-8";

  # Configure keymap in X11
  services.xserver = {
    layout = "gb";
    xkbVariant = "";
  };

  # Configure console keymap
  console.keyMap = "uk";

  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.gareth = {
    isNormalUser = true;
    description = "gareth";
    extraGroups = [ "wheel" "plugdev" ];
    packages = with pkgs; [];
    shell = pkgs.zsh;
    openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSDJD25uruBAAfK3qRTZm55GoTYUkNJiX5XbkgztXZh gareth at deneb" ];
  };

  # Enable automatic login for the user.
  #services.getty.autologinUser = "gareth";

  # Allow unfree packages
  nixpkgs.config.allowUnfree = true;

  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    vim
    curl
    python3
    rtl-sdr
    wireguard-tools
  ];
  environment.variables = {
    EDITOR = "vim";
    TERM = "xterm-256color";
  };

  programs.zsh = {
    enable = true;
    ohMyZsh = {
      enable = true;
      plugins = ["git"];
      theme = "amuse";
    };
  };
  environment.shells = with pkgs; [ zsh ];

  # Enable the OpenSSH daemon.
  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
    settings.KbdInteractiveAuthentication = false;
  };

  system.stateVersion = "23.05"; # NixOS version
}