{ pkgs, ... }:

{
  imports = [
    ./users.nix
    ./motd.nix
  ];
  nix = {
    package = pkgs.lix;
    settings.experimental-features = [ "nix-command" "flakes" ];
  };
  environment.systemPackages = with pkgs; [
      vim
      wget
      curl
      htop
      tmux
      openssl
      git
      podman-tui
  ];
  programs.mtr.enable = true;
  programs.zsh.enable = true;
  security.sudo = {
    enable = true;
    wheelNeedsPassword = false;
    execWheelOnly = true;
  };
  networking.firewall.enable = false;
  services.openssh = {
    enable = true;
    settings = {
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = false;
    };
    extraConfig = ''
      AllowTcpForwarding yes
      AllowAgentForwarding yes
      AllowStreamLocalForwarding yes
      AuthenticationMethods publickey
    '';
  };

  virtualisation.containers.enable = true;
  virtualisation = {
    podman = {
      enable = true;
      dockerCompat = true;
      defaultNetwork.settings.dns_enabled = true;
    };
  };
}