{ config, lib, pkgs, ... }:


let
  gitpkgs = import /home/steveej/src/github/NixOS/nixpkgs {};
  unstablepkgs = import <nixos-unstable> {};

in 

rec {
  nix.binaryCachePublicKeys = [
    # "hydra.nixos.org-1:CNHJZBh9K4tP3EKF6FkkgeVYsS3ohTl+oS0Qa8bezVs="
  ];
  nix.binaryCaches = [
    "https://cache.nixos.org"
    # "https://hydra.nixos.org"
  ];
  nix.trustedBinaryCaches = [
    "https://cache.nixos.org"
    # "https://hydra.nixos.org"
  ];

  nix.daemonNiceLevel = 19;
  nix.daemonIONiceLevel = 7;

  nix.package = pkgs.nixUnstable;

  nix.useSandbox = true;

  # The NixOS release to be compatible with for stateful data such as databases.
  # system.stateVersion = "unstable";
  networking.hostName = "steveej-laptop"; # Define your hostname.

  networking.hosts = {
    "160.85.37.177" = [ "splabchat" ];
  };

  networking.firewall.enable = true;
  networking.firewall.checkReversePath = false;

  # Provide a NAT/DHCP Router
  #
  # networking.nat.enable = true;
  # networking.nat.internalInterfaces = [ "enp0s20f0u4u1u3" ];
  # networking.nat.externalInterface = "wlp1s0";
  # networking.interfaces."enp0s20f0u4u1u3".ipv4.addresses = [
  #     { address = "10.254.253.254"; prefixLength = 24; }
  # ];
  # services.dnsmasq = {
  #   enable = true;
  #   servers = [ "8.8.8.8" "8.8.4.4" ];
  #   extraConfig = ''
  #     domain=lan
  #     interface=enp0s20f0u4u1u3
  #     bind-interfaces
  #     dhcp-range=10.254.253.100,10.254.253.199,1h
  #   '';
  # };


  networking.networkmanager = {
    enable = true;
    unmanaged = [
      "interface-name:veth*"
      "interface-name:virbr*"
      "interface-name:br*"
      "interface-name:*vbox*"
      "interface-name:*cni*"
    ];
  };

  networking.bridges."virbr1".interfaces = [];
  networking.interfaces."virbr1".ipv4.addresses = [
      { address = "10.254.254.254"; prefixLength = 24; }
  ];

  programs.zsh = {
    enable = false;
#    enableAutosuggestions = true; #    enableCompletion = true;
#    syntaxHighlighting.enable = true;
#    syntaxHighlighting.patterns = {};
#    ohMyZsh = {
#      enable = true;
#      theme = "tjkirch";
#    };
#    promptInit = ''
#      autoload -U promptinit
#      promptinit
#      ZSH_THEME_GIT_PROMPT_PREFIX='@ '
#      PROMPT='%F{%(!.red.green)}%n%f@%m %(?.%F{green}✓%f.%F{red}✗ ($?%))%f %F{blue}%~%f %F{magenta}$(git_prompt_info)%f
#%_%F{%(!.red.green)}$(prompt_char)%f '
#      RPROMPT=""
#    '';
#    interactiveShellInit = ''
#    '';
  };

  programs.bash = {
    enableCompletion = true;
    promptInit = ''
      function exitstatus() {
        if [[ $? -eq 0 ]]; then
          printf '✓'
        else
          printf '✗'
        fi
      }
      function nixshellEval {
        if [[ "$1" != "" ]]; then
          printf "»$1« "
        fi
      }
      function setPS1 {
        if test "$TERM" != "dumb"; then
          # Provide a nice prompt.
          BLUE="\[\033[0;34m\]"
          RED="\[\033[1;31m\]"
          GREEN="\[\033[1;32m\]"
          NO_COLOR="\[\033[0m\]"

          PROMPT_COLOR=$RED
          let $UID && PROMPT_COLOR=$GREEN
          PS1="$PROMPT_COLOR\u$NO_COLOR@\h \$(exitstatus) \$(nixshellEval $1)$BLUE\w$NO_COLOR\n$PROMPT_COLOR\\$ $NO_COLOR"
          if test "$TERM" = "xterm"; then
            PS1="\[\033]2;\h:\u:\w\007\]$PS1"
          fi
        fi
      }
      setPS1
    '';
  };

  environment.sessionVariables = {
    EDITOR = "vim";
    NIXPKGS_ALLOW_UNFREE = "1";

    # Don't create .pyc files.
    PYTHONDONTWRITEBYTECODE = "1";
  };

  environment.etc."lvm/lvm.conf".text = ''
    devices {
      issue_discards = 1
    }
  '';

  environment.pathsToLink = [ "/share/zsh" ];

  # Fonts, I18N, Date ...
  fonts = {
    enableCoreFonts = true;
  };

  i18n = {
    consoleFont = "lat9w-16";
    defaultLocale = "en_US.UTF-8";
  };
  time.timeZone = "Europe/Berlin";
  #time.timeZone = "America/Los_Angeles";

  # Services
  services.gpm.enable = true;
  services.openssh.enable = true;
  services.openssh.permitRootLogin = "yes";

  services.gnome3 = {
    gnome-disks.enable = false;
    gnome-documents.enable = false;
    gnome-online-miners.enable = false;
    gnome-user-share.enable = false;
    gnome-terminal-server.enable = false;
    gpaste.enable = false;
    sushi.enable = false;
    tracker.enable = false;

    # FIXME: gnome should be moved to user session
    seahorse.enable = true;
    gvfs.enable = true;
    at-spi2-core.enable = true;
    evolution-data-server.enable = true;
    gnome-online-accounts.enable = true;
    gnome-keyring.enable = true;
  };

  services.teamviewer.enable = false;

  services.printing = {
    enable = true;
    drivers = [ 
      pkgs.hplip
      unstablepkgs.cups-kyodialog3
    ];
  };

  services.pcscd.enable = true;
  services.xserver = {
    enable = true;
    libinput.enable = true;
    libinput.naturalScrolling = true;

    videoDrivers = [ "qxl" "modesetting" ];
    xkbVariant = "altgr-intl";
    xkbOptions = "nodeadkeys";

    desktopManager = {
      # FIXME: gnome should be moved to user session
      gnome3.enable = true;

      xterm.enable = true;
      plasma5.enable = false;
    };

    displayManager = {
      lightdm = {
        enable = true;
        autoLogin = {
          enable = true;
          user = "steveej";
        };
        background = "${pkgs.nixos-artwork.wallpapers.simple-blue}/share/artwork/gnome/nix-wallpaper-simple-blue.png";
      };

      sessionCommands = ''
      '';
    };
  };

 # Package configuration
  environment.systemPackages = with pkgs; [
  ];

  # More Services
  services.udev.packages = [
    pkgs.libu2f-host
    pkgs.yubikey-personalization
  ];
  services.udev.extraRules = ''
    # OnePlusOne
    ATTR{idVendor}=="05c6", ATTR{idProduct}=="6764", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"
    ATTR{idVendor}=="05c6", ATTR{idProduct}=="6765", SYMLINK+="libmtp-%k", MODE="660", GROUP="audio", ENV{ID_MTP_DEVICE}="1", ENV{ID_MEDIA_PLAYER}="1", TAG+="uaccess"

    # Plantronics BackBeat PRO
    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="011a", GROUP="users", MODE="0777"
    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="fffe", GROUP="users", MODE="0777"
    SUBSYSTEM=="usb", ATTR{idVendor}=="047f", ATTR{idProduct}=="0001", GROUP="users", MODE="0777"
  ''
      ;

  services.packagekit.enable = true;

  services.resolved.enable = false;
  services.nix-serve.enable = true;

  services.samba.enable = true;
  services.samba.extraConfig = ''
  client max protocol = SMB3
  '';

  # hardware related services
  services.illum.enable = true;

  hardware = {
    bluetooth.enable = true;
    pulseaudio = {
      enable = true;
      package = pkgs.pulseaudioFull;
      support32Bit = true;
    };
  };

  services.fprintd.enable = true;
  security.pam.services = {
    login.fprintAuth = true;
    sudo.fprintAuth = true;
  };

  # required for running blueman-applet in user sessions
  services.dbus.packages = with pkgs; [ 
    blueman
  ];

  # Kubernetes
  # services.kubernetes.roles = ["master" "node"];

  # virtualization
  virtualisation = {
    libvirtd.enable = true;
    libvirtd.qemuPackage = pkgs.qemu;
    virtualbox.host.enable = true;
    virtualbox.host.addNetworkInterface = true;
    docker.enable = true;
  };

  # Activation scripts for impure set up of paths in /
  system.activationScripts.bin = ''
    echo "setting up /bin..."
    ln -sfn ${pkgs.bash}/bin/bash /tmp/.binbash
    mv /tmp/.binbash /bin/bash
  '';
  system.activationScripts.etcX11sessinos = ''
    echo "setting up /etc/X11/sessions..."
    mkdir -p /etc/X11
    [[ ! -L /etc/X11/sessions ]] || rm /etc/X11/sessions
    ln -sf ${config.services.xserver.displayManager.session.desktops} /etc/X11/sessions
  '';

  system.activationScripts.lib64 = ''
    echo "setting up /lib64..."
    mkdir -p /lib64
    ln -sf ${pkgs.stdenv.glibc}/lib/ld-linux-x86-64.so.2 /lib64/ld-linux-x86-64.so.2
  '';
}