{ config, lib, pkgs, ... }:

{
  imports =
    [
      ../../services/sshd
    ];

  # Use the systemd-boot EFI boot loader.
  boot = {
    loader = {
      systemd-boot.enable = true;
      efi = {
        canTouchEfiVariables = true;
        efiSysMountPoint = "/boot/efi";
      };
    };
    initrd = {
      network = {
        enable = true;
        ssh = {
          enable = true;
          port = 22;
          authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
          hostKeys = [
            "/boot/efi/initrd_id_ed25519"
            "/boot/efi/initrd_id_rsa4096"
          ];
        };
      };
      systemd = {
        enable = true;
        network = {
          enable = true;
          networks."10-dhcp" = {
            matchConfig.Name = "enp1s0";
            DHCP = "yes";
          };
        };
        targets.initrd.wants = [
          "systemd-networkd-wait-online@enp1s0.service"
        ];
        users.root.shell = "/bin/systemd-tty-ask-password-agent";
      };
    };
  };

  # Set your time zone.
  time.timeZone = "Europe/Berlin";

  # Select internationalisation properties.
  # i18n.defaultLocale = "en_US.UTF-8";
  # console = {
  #   font = "Lat2-Terminus16";
  #   keyMap = "us";
  #   useXkbConfig = true; # use xkb.options in tty.
  # };

  environment.systemPackages = with pkgs; [
    vim
    git
    tmux
    htop
  ];

  users.users.root = {
    openssh.authorizedKeys.keys = [
      ''ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCnjrKWYc0bcIsTkdpyC+yAsxSeY9M1WxVDNm3I/R3BYqyvfFuzJMQyh5APhM52yKGMN9UOuJPNPz0C4P6EY3iC3ZqUHFJ6ILrZZxdLZBVxdy2F19Xv6XcZkZxLpRKWapVFECF5z/Bi0rg1uzNRyrHjfZWcHfHIvlqxUYiitvvTbbSMQKqEV8wlnshSzBoYzaKtV1+crwlgz6wCnXq8HIupEeWfUc9kc+zunpYnuHnU5Z3HhzQGBuIiPoVritDjOo7qYREftV4qQ15xFWdezsMZlR15edwZeyNdAEx044QgaGddC8uEMoi5cp4APIqH1cEkIvSU6Y+esdgZ4CHU6M5G5ub5PTT2TaKoUMLLFtpW6QImjVApixFTHWR7tUhqInplWWLqvviS4MoI1ppxgcDUg/bgPdeDBsoRkbESr2uT8ResNi9DlPlN2rlUjlb28awzHm7agFhwfPQZ1afnFSUh0tTFz1WeR7xIGhxR1xXc8sapJhgLnYYWpR2NaJzbYYdk7CWW/3rgEsJem7Kvll6HevnFgRP/uVhEyGZl9hw+tECzvwB/LEmQ/4raDMxqOB9XO9kusJX/jTnQIObrFubfKn3ToXlYbQxZX9+QobANvQ8huILz1bBeH8aKjf9RXu+j4VNyoCKhzU/v0MIdRCsgVWgjuYXMGRo0MFMFyMqQiw==''
    ];
  };

  # Define a user account. Don't forget to set a password with ‘passwd’.
  # users.users.alice = {
  #   isNormalUser = true;
  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
  #   packages = with pkgs; [
  #     tree
  #   ];
  # };

  # List services that you want to enable:

  # Open ports in the firewall.
  # networking.firewall.allowedTCPPorts = [ ... ];
  # networking.firewall.allowedUDPPorts = [ ... ];

  # Copy the NixOS configuration file and link it from the resulting system
  # (/run/current-system/configuration.nix). This is useful in case you
  # accidentally delete configuration.nix.
  # system.copySystemConfiguration = true;

  system.stateVersion = "24.11"; # Did you read the comment?
}