{ config, pkgs, ... }:

{
  imports =
    [
      ./common-headless.nix
      ./i3.nix
      ./large-sw.nix
      ./uefi.nix
      ./fstrim.nix
      ./atmega.nix
      ./v4l2loopback.nix
      ./huion.nix
      ./nvim05.nix
      ./nm-restart.nix
    ];

  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
  boot.initrd.kernelModules = [ "dm-snapshot" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  fileSystems."/" =
    { device = "/dev/disk/by-uuid/a16ae3f7-11df-47fc-a8df-f22c474ec1c1";
      fsType = "ext4";
    };

  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/3C5C-049B";
      fsType = "vfat";
    };

  #swapDevices = [
  #  { device = "/dev/disk/by-uuid/b7274abd-58a5-4acc-8481-30e105e94eec"; }
  #];

  nix.maxJobs = pkgs.lib.mkDefault 6;
  powerManagement.cpuFreqGovernor = pkgs.lib.mkDefault "powersave";

  environment.etc."lvm/lvm.conf".text = ''
    devices {
      issue_discards = 1
    }
  '';
  boot.initrd.luks.devices = {
    sda_crypt = {
      device = "/dev/disk/by-partuuid/00292928-0088-4887-9e5d-2f2eccb4816f";
      preLVM = true;
      allowDiscards = true;
    };
  };

  networking = {
    hostName = "decoysnail";
    hostId = "cf04f682";
  };

  services.openssh.enable = true;

  hardware.cpu.intel.updateMicrocode = true;

  services.thermald.enable = true;

  hardware.opengl = {
    extraPackages = with pkgs; [ beignet ];
    driSupport32Bit = true;
  };

  #services.avahi.nssmdns = true;
  #services.nscd.enable = pkgs.lib.mkOverride 10 true;

  services.openssh.forwardX11 = true;

  system.stateVersion = "19.09";

  networking.wireguard.interfaces.wg0 = {
    ips = ["10.59.0.4/16"];
    privateKeyFile = "/etc/wgkeys/decoysnail";
    allowedIPsAsRoutes = true;
    postSetup = ''
      ${pkgs.systemd}/bin/resolvectl domain wg0 '~htdf.gebner.org' '~mtlaa.gebner.org' '~ams.gebner.org'
      ${pkgs.systemd}/bin/resolvectl dns wg0 10.57.0.1
    '';
    peers = [{
      publicKey = "ByLlJbevlTBooAo2RIZGGJvBHKqA9qiOpHBvR5yuJX4=";
      allowedIPs = ["10.56.0.0/14" "10.60.1.1"];
      # endpoint = "mtlaa-gw.gebner.org:35869";
      # endpoint = "84.112.114.160:35869";
      endpoint = "127.0.0.1:35869";
      persistentKeepalive = 25;
    }];
  };

  systemd.services.wstunnel = {
    path = [ pkgs.wstunnel ];
    wantedBy = [ "wireguard-wg0.service" ];
    after = [ "network.target" ];
    script = ''
      wstunnel -L 35869:htdf-gw.gebner.org:35869 -u wss://gebner.org
    '';
  };

  services.resolved = {
    domains = [];
    enable = true;
  };

  services.xserver = {
    videoDrivers = [ "intel" ];
  };

  fonts.fontconfig = {
    subpixel.rgba = "none";
  };

}