# Do not modify this file!  It was generated by ‘nixos-generate-config’
# and may be overwritten by future invocations.  Please make changes
# to /etc/nixos/configuration.nix instead.
{
  config,
  lib,
  pkgs,
  modulesPath,
  inputs,
  ...
}: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];

  sops.secrets = {
    "wireguard-keys/proton/horizon" = {
      sopsFile = "${inputs.secrets}/wireguard-keys.yaml";
    };
  };

  boot = {
    initrd = {
      availableKernelModules = ["xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod"];
      kernelModules = [];
    };
    kernelModules = ["kvm-intel" "sg"];
    extraModulePackages = [];

    # Bootloader.
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
  };

  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/866d422b-f816-4ad9-9846-791839cb9337";
      fsType = "ext4";
    };

    "/boot" = {
      device = "/dev/disk/by-uuid/E138-65B5";
      fsType = "vfat";
    };

    "/mnt/new_leyla_home" = {
      device = "defiant:/exports/leyla";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "noatime" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

    "/mnt/new_eve_home" = {
      device = "defiant:/exports/eve";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

    "/mnt/new_users_home" = {
      device = "defiant:/exports/users";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

    "/mnt/leyla_home" = {
      device = "server.arpa:/home/leyla";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

    "/mnt/share_home" = {
      device = "server.arpa:/home/share";
      fsType = "nfs";
      options = ["x-systemd.automount" "user" "nofail" "soft" "x-systemd.idle-timeout=600" "fsc"];
    };

    "/mnt/docker_home" = {
      device = "server.arpa:/home/docker";
      fsType = "nfs";
      options = ["x-systemd.automount" "noauto" "x-systemd.idle-timeout=600"];
    };
  };

  environment.systemPackages = with pkgs; [
    cachefilesd
  ];

  services.cachefilesd.enable = true;

  swapDevices = [
    {device = "/dev/disk/by-uuid/be98e952-a072-4c3a-8c12-69500b5a2fff";}
  ];

  networking = {
    networkmanager.enable = true;
    useDHCP = lib.mkDefault true;
    hostName = "horizon"; # Define your hostname.

    wg-quick.interfaces = {
      proton = {
        # IP address of this machine in the *tunnel network*
        address = ["10.2.0.1/32"];

        listenPort = 51820;

        privateKeyFile = config.sops.secrets."wireguard-keys/proton/horizon".path;

        peers = [
          {
            publicKey = "Yu2fgynXUAASCkkrXWj76LRriFxKMTQq+zjTzyOKG1Q=";
            allowedIPs = ["0.0.0.0/0"];
            endpoint = "84.17.63.8:51820";
            persistentKeepalive = 25;
          }
        ];
      };
    };
  };

  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";

  hardware = {
    graphics.enable = true;
    cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
  };
}