nixos/system/default.nix

{
  config,
  lib,
  pkgs,
  inputs,
  username,
  hostName,
  ...
}:
{
  imports = [
    inputs.home-manager.nixosModules.home-manager
    ./${hostName}.nix
    ./hardware-configuration/${hostName}.nix
  ];
  nix = {
    enable = true;
    package = pkgs.nixVersions.latest;
    settings = {
      cores = 0;
      max-jobs = "auto";
      trusted-users = [
        "root"
        username
      ];
      experimental-features = [
        "nix-command"
        "flakes"
      ];
      auto-optimise-store = true;
    };
    channel.enable = true;
    gc = {
      automatic = true;
      options = "--delete-older-than 7d";
    };
    optimise.automatic = true;
    registry.my-nixos = {
      from = {
        type = "indirect";
        id = "my-nixos";
      };
      to = {
        type = "git";
        url = "https://git.xenia.me.uk/pixelifytica/nixos.git?ref=main";
      };
    };
    extraOptions = ''
      keep-outputs = false
      keep-derivations = false
      min-free = ${toString (100 * 1024 * 1024)}
      max-free = ${toString (1024 * 1024 * 1024)}
    '';
  };
  nixpkgs = {
    config.allowUnfreePredicate =
      pkg:
      builtins.elem (lib.getName pkg) [
        "steam"
        "steam-original"
        "steam-run"
      ];
    overlays = [ (final: prev: { inherit (inputs.plasma-manager.packages.${prev.system}) rc2nix; }) ];
  };
  system = {
    stateVersion = "23.05";
    autoUpgrade = {
      enable = true;
      persistent = true;
      allowReboot = false;
      flake = "git+${config.nix.registry.my-nixos.to.url}";
      dates = "02:00";
      randomizedDelaySec = "15min";
      flags = [
        "--accept-flake-config"
        "--option"
        "extra-binary-caches"
        "https://nix.xenia.me.uk"
      ];
    };
  };
  systemd.services = lib.mkIf config.system.autoUpgrade.enable {
    nixos-upgrade.serviceConfig = {
      CPUQuota = "75%";
      CPUWeight = 20;
      IOWeight = 20;
    };
  };
  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
  };
  networking = {
    inherit hostName;
    networkmanager.enable = true;
    firewall.enable = true;
    nameservers = [ "9.9.9.9" ];
  };
  users.users =
    let
      authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINI1dWlS16Keil0MGPWmMsBzx8F9ylfz+fRwxUr8/tZ/ ion"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC4M1zV3yLMMI1tYwdY9QDXJDlOBugm7UXKC+Xk89yHq pixelifytica@Vanguard"
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICPypUUGVAdpl0SHrUDVw0RureuFNsljrXQvrf0uc055 pixelifytica@Northstar"
      ];
    in
    {
      root.openssh = {
        inherit authorizedKeys;
      };
      ${username} = {
        isNormalUser = true;
        group = "users";
        description = "Evie Litherland-Smith";
        extraGroups = [
          "networkmanager"
          "wheel"
          "video"
          "input"
          "uinput"
          "dialout"
        ];
        initialHashedPassword = "$y$j9T$tHIPQt09Kf3KH2eIRze3g/$2mwSlcq27DTGvHNPJ5EP9/1CfL3bXP0F6oS/Vuffmn3";
        openssh = {
          inherit authorizedKeys;
        };
      };
    };
  home-manager = {
    useGlobalPkgs = true;
    useUserPackages = true;
    backupFileExtension = "backup";
    users.${username} = {
      imports = [ ./home/default.nix ];
      home = {
        inherit username;
        stateVersion = "23.05";
        homeDirectory = "/home/${username}";
      };
    };
    extraSpecialArgs = {
      inherit inputs;
      accentColourName = "base0E";
      # Emulating stylix behaviour, rewrite at some point
      fonts =
        let
          monospace.name = inputs.iosevka-custom.outputs.names.iosevka-custom-nerdfont;
          serif.name = inputs.iosevka-custom.outputs.names.iosevka-custom-aile;
          sansSerif.name = serif.name;
        in
        {
          inherit monospace serif sansSerif;
          sizes = {
            applications = 12;
            desktop = 10;
            popups = 14;
            terminal = 12;
          };
        };
    };
  };
  environment = {
    sessionVariables = {
      XDG_CONFIG_HOME = "$HOME/.config";
      XDG_CACHE_HOME = "$HOME/.cache";
      XDG_DATA_HOME = "$HOME/.local/share";
      XDG_STATE_HOME = "$HOME/.local/state";
    };
    systemPackages = with pkgs; [
      coreutils-full
      gnumake
      git
      file
      zip
      unzip
      curl
      wget
      dig
      wireguard-tools
      quickemu
    ];
    localBinInPath = true;
  };
  programs = {
    command-not-found.enable = false;
    ssh.startAgent = true;
    fish.enable = true;
    nano = {
      enable = true;
      syntaxHighlight = true;
      nanorc = ''
        set nowrap
        set tabstospaces
        set tabsize 2
      '';
    };
  };
  services = {
    passSecretService.enable = true;
    upower.enable = true;
    power-profiles-daemon.enable = true;
    system76-scheduler = {
      enable = true;
      useStockConfig = true;
    };
  };
  security.rtkit.enable = true;
  virtualisation.podman.enable = true;
  time.timeZone = "Europe/London";
  i18n.defaultLocale = "en_GB.UTF-8";
  console.useXkbConfig = true;
  fonts = {
    packages =
      (with inputs.iosevka-custom.outputs.packages.${pkgs.system}; [
        iosevka-custom-nerdfont
        iosevka-custom-aile
      ])
      ++ (with pkgs; [
        lmodern # LaTeX
        noto-fonts-emoji # Emoji
        (nerdfonts.override { fonts = [ "NerdFontsSymbolsOnly" ]; })
      ]);
    fontconfig = {
      enable = true;
      defaultFonts = with inputs.iosevka-custom.outputs.names; {
        serif = [ iosevka-custom-aile ];
        sansSerif = [ iosevka-custom-aile ];
        monospace = [ iosevka-custom-nerdfont ];
        emoji = [ "Noto Color Emoji" ];
      };
    };
  };
}