infra/nix/os/devices/steveej-t480s-work/system.nix

{ pkgs
, lib
, config
, ... }:

let
  keys = import ../../../variables/keys.nix;
in {

  # TASK: new device
  networking.hostName = "steveej-t480s-work"; # Define your hostname.

  # Used for testing local Tectonic clusters
  environment.etc."NetworkManager/dnsmasq.d/tectonic.conf".text = ''
    server=/tt.testing/192.168.124.1
    server=/tectonic-ci.de/192.168.124.1
    server=/tectonic-ci.lan/192.168.124.1
  '';
  networking.firewall.enable = lib.mkForce false;
  networking.firewall.checkReversePath = false;

  networking.bridges."virbr1".interfaces = [];
  networking.interfaces."virbr1".ipv4.addresses = [
      { address = "10.254.254.254"; prefixLength = 24; }
  ];

  services.printing = {
    enable = true;
    drivers = with pkgs; [
      hplip
      cups-kyodialog3
      mfcj6510dwlpr
      mfcj6510dw-cupswrapper
    ];
  };

# TODO: get external fingerprint reader
#  services.fprintd.enable = true;
#  security.pam.services = {
#    login.fprintAuth = true;
#    sudo.fprintAuth = true;
#  };

  # Kubernetes
  # services.kubernetes.roles = ["master" "node"];

  # virtualization
  virtualisation = {
    libvirtd.enable = true;
    virtualbox.host.enable = true;
    virtualbox.host.addNetworkInterface = true;
    docker.enable = true;
  };

  boot.initrd.network = {
    enable = true;
    useDHCP = true;
    udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ];

    ssh = {
      enable = true;
      authorizedKeys = keys.users.steveej.openssh;
    };
  };
}