# Universe - The big bang to my universe
#
# Copyright (c) 2023-2024 Sameer Rahmani <lxsameer@gnu.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, version 2.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.
params:
rec {
  zshModule = {config, pkgs, ...}: {
    programs.zsh = {
      enable = true;
      autosuggestions.enable = true;
      histSize = 5000;
      syntaxHighlighting.enable = true;
    };
  };

  user = {config, pkgs, inputs, ...}:
    let
      rager = pkgs.callPackage ../../derivations/rager.nix {
        ageBin = "${pkgs.rage}/bin/rage";
      };
    in {
    imports = [
      zshModule
      inputs.agenix.nixosModules.default

    ];

    # (r)age by default can't find age-plugin-yubikey during the configuration
    # this is a wrapper to force age-plugin-yubikey into its PATH
    age.ageBin = "${rager}/bin/rager";
    environment.systemPackages = [
      (inputs.agenix.packages.x86_64-linux.default.override { ageBin = "${rager}/bin/rager"; })
    ];


    age.identityPaths = [
      # This is an actual private key, we should avoid
      # including it in the store
      "/home/lxsameer/.ssh/universe"

      # Since these are stubs, its ok to include them in the store
      ./yubikey_1.stub.id
      ./yubikey_2.stub.id

    ];

    age.secrets.user.file = ../../secrets/lxsameer/user.age;

    users = {
      groups.lxsameer = {
        gid = 1000;
      };

      users.lxsameer1 = {
        isNormalUser = true;
        shell = pkgs.zsh;
        uid = 9000;
        group = "lxsameer";

        extraGroups = [
          "wheel"
          "networkmanager"
        ];
	      password = "123123";
      };
      users.lxsameer = {
        isNormalUser = true;
        shell = pkgs.zsh;
        uid = 1000;
        group = "lxsameer";

        extraGroups = [
          "wheel"
          "networkmanager"
          "dialout"
          "video"
          "kvm"
        ];
        # hashedPasswordFile = config.age.secrets.user.path;
	      #password = "123123";
        openssh.authorizedKeys.keys = [
          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG3aV2dwnll3KxFR57Oj6Br51c7gJ/pkRa+IkKM6slve lxsameer@lxsameer.com"
        ];
      };
    };

    nix.settings = {
      trusted-users = [ "root" "@wheel" "lxsameer" "lxsameer1" ];
    };
  };

  desktop = import ./desktop.nix;
}