nix-docker/configuration.nix

{ pkgs, lib, modulesPath, ... }:
let
  stateVersion = "24.05";
  unstable = import <nixos-unstable> {};
in
{
  system.stateVersion = stateVersion;
  imports = [
    (modulesPath + "/virtualisation/proxmox-lxc.nix")
    (import "${builtins.fetchTarball https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz}/nixos")
    (fetchTarball "https://github.com/nix-community/nixos-vscode-server/tarball/master")
    ./users.nix
    # ./mounts.nix
  ];

  environment.systemPackages = with pkgs; [
    (pkgs.writeShellScriptBin "nrbs" "sudo nixos-rebuild switch")
    (pkgs.writeShellScriptBin "nrbsu" "sudo nix-channel --update && sudo nixos-rebuild switch")
    bash
    busybox
    git
    eza
    gh
  ];

  # For SSH access
  services.openssh.enable = true;

  # Networking stuff
  services.avahi = { enable = true; nssmdns4 = true; };

  # https://nixos.wiki/wiki/Docker
  virtualisation.docker = {
    enable = true;
    # https://docs.docker.com/engine/security/rootless/
    rootless = {
      enable = true;
      setSocketVariable = true;
    };
  };
  services.vscode-server.enable = true;
  
  system.activationScripts.startup = ''
    echo "Starting Nix-Docker container"
  '';

  # Uses rust-based sudo
  security.sudo-rs = {
    enable = true;
    execWheelOnly = false;
    wheelNeedsPassword = false; # allows sudo without password for those in the wheel group
  };

}