dendritic/modules/hosts/john-p14s/configuration.nix

{ self, inputs, ... }:
{
  flake.modules.nixos.p14sConfiguration = { config, pkgs, lib, ... }:
    let
      hostname = "john-p14s";
      homeDirectory = config.home-manager.users.john.home.homeDirectory;
      flakeDir = "${homeDirectory}/Documents/dendritic";
      selfPkgs = inputs.self.packages.${pkgs.stdenv.hostPlatform.system};
    in
    {
      imports = [
        self.modules.nixos.base
        self.modules.nixos.p14sHardware
        self.modules.nixos.onepassword
      ];

      rebuild.flakeDir = flakeDir;

      networking.hostname = hostname;

      programs.zsh.enable = true;
      services.tailscale.enable = true;

      # List packages installed in system profile. To search, run:
      # $ nix search wget
      environment.systemPackages = with pkgs; [
        samba
        selfPkgs.my-neovim
        selfPkgs.wg-platform
        selfPkgs.jsl-zsh
      ];

      security.pam.services.swaylock = {};
      security.pam.services.swaylock.fprintAuth = true;

      # This value determines the NixOS release from which the default
      # settings for stateful data, like file locations and database versions
      # on your system were taken. It's perfectly fine and recommended to leave
      # this value at the release version of the first install of this system.
      # Before changing this value read the documentation for this option
      # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
      system.stateVersion = "24.05"; # Did you read the comment?

      services.libinput.enable = true; # Enable touchpad support (enabled default in most desktopManager).
      services.fprintd.enable = true; # Enables fingerprint sensor

      home-manager.users.root = {
        imports = with inputs.self.modules.homeManager; [
          rebuild
        ];
        home.stateVersion = "25.11";
      };
      home-manager.users.john.imports = with inputs.self.modules.homeManager; [
        gnome
        desktop
        mysops
        rebuild
        {
          my-vscode.enable = true;
          mysops.hostSecretFile = "${flakeDir}/modules/hosts/john-p14s/secrets.yaml";
          homeManagerFlakeDir = "${flakeDir}";
          home.packages = with pkgs; [
            bash
            discord
            proton-vpn
            joplin-desktop
          ];
          ssh.certificates.enable = true;
          ssh.matchSets = {
            appdaemon = true;
            homelab = true;
            dev = true;
            certs = true;
          };
        }
      ];
      sops.defaultSopsFile = ./secrets.yaml;
      sops.age.sshKeyPaths = [ "${homeDirectory}/.ssh/id_ed25519" ];
      mtls = {
        enable = true;
        subject = hostname;
      };
    };
}