home/hosts/odin/default.nix

{
  config,
  lib,
  pkgs,
  outputs,
  ...
}:
{
  imports = [
    # TODO: auto-import via `outputs.modules.nixos`
    outputs.modules.global.nix-config

    ./containers
    ./system
    ./services
    ./users
  ]
  ++ (builtins.attrValues outputs.modules.nixos);

  security.sudo.wheelNeedsPassword = false;

  # Services configuration
  services = {
    openssh = {
      enable = true;
      openFirewall = true;
      settings = {
        PasswordAuthentication = false;
        PermitRootLogin = "no";
        X11Forwarding = false;
      };
    };

    nullmailer = {
      enable = true;
      setSendmail = true;
      remotesFile = config.age.secrets."odin/services/nullmailer".path;
      config = {
        me = "odin.t5.st";
        defaulthost = "odin.t5.st";
        defaultdomain = "odin.t5.st";
        allmailfrom = "[email protected]";
        adminaddr = "[email protected]";
      };
    };
  };

  programs.fish = {
    enable = true;
    vendor = {
      completions.enable = true;
      config.enable = true;
      functions.enable = true;
    };
  };

  environment.shells = [
    config.programs.fish.package
  ];

  # System packages
  # nixos-container create grist --flake .#grist --host-address "192.168.1.1" --local-address

  environment.systemPackages = with pkgs; [
    # System utilities
    git
    htop
    btop
    iotop
    powertop
    lsof
    pciutils
    usbutils

    # Network tools
    curl
    wget
    rsync

    # File system tools
    btrfs-progs
    xfsprogs
    smartmontools
    hdparm

    # # Container tools
    # docker-compose

    # Monitoring
    lm_sensors
    nvme-cli
  ];

  # System identification
  networking.hostName = "odin";
  networking.useDHCP = lib.mkDefault true;
  # Time synchronization
  services.timesyncd.enable = true;
  time.timeZone = "Europe/Vienna";

  # System state version
  system.stateVersion = "25.05";
}