{ config, lib, pkgs, ... }:

let

in {
  imports = [
    ./hardware.nix
    ./webapps/default.nix
  ];

  services.vscode-server.enable = true;

  normalUsers = {
    reidlab = {
      conf = {
        packages = with pkgs; [
          bat btop duf file micro nix-output-monitor tree which
        ];
        extraGroups = [ "wheel" "dotfiles" ];
        openssh.authorizedKeys.keys = [
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICmwWuwS+a1GzYFSNOkgk/zF5bolXqat1RP5FXJv+vto reidlab@rei-pc"
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKC12NkyZAFNDHfq1ECh4uAgM4mpKfsQnL3XF/ZzSyCJ reidlab@rei-phone"
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICwLg6iD9ylbJlxrmnCBI97CTGSBJaKELplZQ5PlVDfA (reidlab pgp)"
        ];
      };

      homeConf.home = {
        sessionVariables = {
          EDITOR = "micro";
        };
      };
    };
  };

  modules = {
    services = {
      ssh.enable = true;
      ssh.enableMoshSupport = true;

      postgres.enable = true;
    };

    security.useDoas = true;
  };

  security.doas = {
    extraRules = [
      { users = [ "reidlab" ]; noPass = true; persist = false; keepEnv = true; }
    ];
  };

  # enable network manager - probably not the best on a single server but Oh Well
  networking.networkmanager.enable = true;
}