control
/
home


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141
							{
  config,
  lib,
  pkgs,
  outputs,
  ...
}:
{
  imports = [
    # TODO: auto-import via `outputs.modules.nixos`
    outputs.modules.global.nix-config

    ./system
    ./services
    ./users
  ]
  ++ (builtins.attrValues outputs.modules.nixos);

  security.sudo.wheelNeedsPassword = false;

  # Services configuration
  services = {
    openssh = {
      enable = true;
      openFirewall = true;
      settings = {
        PasswordAuthentication = false;
        PermitRootLogin = "no";
        X11Forwarding = false;
      };
    };

    # System monitoring
    smartd = {
      enable = true;
      autodetect = true;
      notifications.mail.enable = true;
      notifications.mail.sender = "[email protected]";
      notifications.mail.recipient = "I <[email protected]>";
    };

    nullmailer = {
      enable = true;
      setSendmail = true;
      remotesFile = config.age.secrets."odin/services/nullmailer".path;
      config = {
        me = "odin.t5.st";
        defaulthost = "odin.t5.st";
        defaultdomain = "odin.t5.st";
        allmailfrom = "[email protected]";
        adminaddr = "[email protected]";
      };
    };

    # Drive spin-down management
    # hdparm.devices = [
    #   {
    #     device = "/dev/disk/by-id/ata-ST8000VN002-2ZM188_WPV023WG";
    #     spindownTime = 120; # 10 minutes
    #     apmLevel = 127;
    #   }
    #   {
    #     device = "/dev/disk/by-id/ata-ST8000VN002-2ZM188_WPV07RMA";
    #     spindownTime = 120;
    #     apmLevel = 127;
    #   }
    #   {
    #     device = "/dev/disk/by-id/ata-ST8000VN002-2ZM188_WPV020CG";
    #     spindownTime = 120;
    #     apmLevel = 127;
    #   }
    # ];
  };

  # # Container runtime
  # virtualisation = {
  #   docker = {
  #     enable = true;
  #     storageDriver = "btrfs";
  #     autoPrune = {
  #       enable = true;
  #       dates = "weekly";
  #       flags = [ "--all" "--force" "--volumes" ];
  #     };
  #   };
  # };

  programs.fish = {
    enable = true;
    vendor = {
      completions.enable = true;
      config.enable = true;
      functions.enable = true;
    };
  };

  environment.shells = [
    config.programs.fish.package
  ];

  # System packages
  environment.systemPackages = with pkgs; [
    # System utilities
    git
    htop
    btop
    iotop
    powertop
    lsof
    pciutils
    usbutils

    # Network tools
    curl
    wget
    rsync

    # File system tools
    btrfs-progs
    xfsprogs
    smartmontools
    hdparm

    # # Container tools
    # docker-compose

    # Monitoring
    lm_sensors
    nvme-cli
  ];

  # System identification
  networking.hostName = "odin";
  networking.useDHCP = lib.mkDefault true;
  # Time synchronization
  services.timesyncd.enable = true;
  time.timeZone = "Europe/Vienna";

  # System state version
  system.stateVersion = "25.05";
}