{ config, pkgs, ... }:

{
  imports = [
    ./hardware-configuration.nix
  ];

  ########################
  # Infos générales
  ########################

  networking.hostName = "xxx";

  time.timeZone = "Europe/Zurich";

  i18n.defaultLocale = "fr_CH.UTF-8";
  i18n.extraLocaleSettings = {
    LC_TIME = "fr_CH.UTF-8";
    LC_MONETARY = "fr_CH.UTF-8";
  };

  ########################
  # Réseau
  ########################

  networking.useDHCP = true;

  # networking.useDHCP = false;
  # networking.interfaces.enp2s0.ipv4.addresses = [
  #   {
  #     address = "192.168.10.11";
  #     prefixLength = 24;
  #   }
  # ];
  # networking.defaultGateway = "192.168.10.1";
  # networking.nameservers = [ "1.1.1.1" "8.8.8.8" ];


  ########################
  # Bootloader (UEFI)
  ########################

  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  ########################
  # Utilisateurs / SSH
  ########################

  users.users.admin = {
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    packages = with pkgs; [
      tree
    ];
  };
  # Autoriser sudo pour le groupe wheel
  security.sudo.enable = true;
  security.sudo.wheelNeedsPassword = true;

  # SSH
  services.openssh.enable = true;
  services.openssh.settings.PasswordAuthentication = true;
  # services.openssh.settings.PasswordAuthentication = false;

  # Pare-feu simple : autoriser SSH
  networking.firewall.enable = true;
  networking.firewall.allowedTCPPorts = [ 22 ];

  ########################
  # Paquets utiles
  ########################

  environment.systemPackages = with pkgs; [
    git
    vim
    htop
    curl
    wget
  ];

  ########################
  # NixOS release
  ########################

  system.stateVersion = "24.05";