complete refactor of packages and options

hosts/default.nix

@@ -1,9 +1,55 @@
 
-{config, pkg, home-manager, ...}:
+{ config, lib, pkgs, ... }:
 
+let
+  # This is a placeholder
+in
 {
+  options = {};
+  imports = [ ../packages/default.nix ];
 
+  config = {
+    hardware = {
+      bluetooth.enable = lib.mkDefault false;
+      steam-hardware.enable = lib.mkDefault false;
+    };
 
+    boot = {
+      kernelPackages = lib.mkDefault pkgs.linuxPackages_zen;
+      loader = {
+        efi.canTouchEfiVariables = lib.mkDefault true;
+        systemd-boot.enable = lib.mkDefault true;
+      };
+    };
 
+    security.sudo.wheelNeedsPassword = false;
+    security.rtkit.enable = true;
+    services.xserver.displayManager.lightdm.enable = false;
 
+    # Wireguard stuff, to-do make better
+    networking.firewall = {
+      enable = true;
+      # if packets are still dropped, they will show up in dmesg
+      logReversePathDrops = true;
+      # wireguard trips rpfilter up
+      extraCommands = ''
+        ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 47111 -j RETURN
+        ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 47111 -j RETURN
+        ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN
+        ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN
+      '';
+      extraStopCommands = ''
+        ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 47111 -j RETURN || true
+        ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 47111 -j RETURN || true
+        ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 51820 -j RETURN || true
+        ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 51820 -j RETURN || true
+      '';
+      # Open ports in the firewall.
+      allowedTCPPorts = [ 22000 ];
+      allowedUDPPorts = [ 22000 ];
+    };
+
+    environment.etc.hosts.mode = "0644";
+    nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  };
 }