# Edit this configuration file to define what should be installed on
# your system.  Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];

  networking.hostName = "gemini";
  time.timeZone = "America/Los_Angeles";

  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
    settings.KbdInteractiveAuthentication = false;
  };

  # Open ports in the firewall.
  networking.firewall.allowedTCPPorts = [ 22 ];
  networking.firewall.allowedUDPPorts = [ 51820 ];


  networking.wg-quick.interfaces = {
    wg0 = {
      address = [
        "10.100.0.4/32"
      ];

      listenPort = 51820;

      # Path to the private key file.
      privateKeyFile = "/etc/nixos/hosts/gemini/wg.key";

      peers = [{
        publicKey = "atXy3zi3FLoxP8hgzJIIeLGks4Te9HrKkQGoaobholM=";
	presharedKey = "Z3pRS99HKCOuQV7az2GqlR3X4XbX3PlfQrC5AoT3XkA=";
        allowedIPs = [ "10.100.0.0/24" ];
        endpoint = "https://moms.wireguard.stitchy.moe:47111";
        persistentKeepalive = 25;
      }];
    };
  };


  system.stateVersion = "23.05"; # Did you read the comment?
}