configuration.nix

{ config, lib, pkgs, ... }:

{
  imports =
    [ ./hardware-configuration.nix ];

  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.optimise.automatic = true;
  nixpkgs.config.allowUnfree = false;

  networking.hostName = "coracle";
  networking.networkmanager.enable = true;  

  hardware.bluetooth.enable = true;
  hardware.bluetooth.powerOnBoot = false;

  time.timeZone = "America/New_York";

  fonts.packages = with pkgs; [
    noto-fonts
    noto-fonts-cjk
    noto-fonts-emoji
    liberation_ttf
    fira-code
    fira-code-symbols
    nerdfonts
  ];

  security.rtkit.enable = true;
  security.pam.services.hyprlock = {};

  services.printing.enable = true;
  services.udisks2.enable = true;

  services.pipewire = {
    enable = true;
    alsa.enable = true;
    alsa.support32Bit = true;
    pulse.enable = true;
  };

  services.flatpak.enable = true;
  xdg.portal = {
    enable = true;
    extraPortals = [ pkgs.xdg-desktop-portal-hyprland pkgs.xdg-desktop-portal-gtk ];
  };

  services.openssh = {
    enable = true;
    ports = [ 22 ];
    settings = {
      PasswordAuthentication = false;
      PermitRootLogin = "prohibit-password";
    };
  };
  
  services.auto-cpufreq.enable = true;
  powerManagement.enable = true;

  users.mutableUsers = true;
  users.defaultUserShell = pkgs.zsh;
  users.users.root = {
  };
  users.users.game = {
    isNormalUser = true;
    createHome = true;
    extraGroups = [ "networkmanager" ];
  };
  users.users.code = {
    isNormalUser = true;
    createHome = true;
    extraGroups = [ "networkmanager" "adbusers" "dialout" ];
  };

  environment.systemPackages = [ ];

  programs.zsh.enable = true;
  programs.hyprland.enable = true;
  programs.neovim = {
    enable = true;
    configure = {
      customRC = ''
        set number relativenumber
        filetype plugin indent on
      '';
    };
    viAlias = true;
    vimAlias = true;
  };
  programs.tmux = {
    enable = true;
    extraConfig = import ./tmux.conf;
  };
  programs.firejail = {
    enable = true;
  };
  programs.adb.enable = true;

  virtualisation.containers.enable = true;
  virtualisation = {
    podman = {
      enable = true;
    };
  };

  networking.firewall.enable = false;
  system.copySystemConfiguration = true;
  system.autoUpgrade = {
    enable = true;
    flake = "inputs.self.outPath";
    flags = [
      "--update-input"
      "nixpkgs"
      "-L"
      ];
      dates  = "02:00";
      randomizedDelaySec = "45min";
  };

  system.stateVersion = "24.11"; 

}