{ host, config, lib, ...}: let cfg = config.system-sys; in { options.system-sys = { enable = lib.mkOption { type = lib.types.bool; default = true; }; swapSize = lib.mkOption { type = lib.types.int; default = 4; }; zram = lib.mkOption { type = lib.types.bool; default = true; }; documentation = lib.mkOption { type = lib.types.bool; default = false; }; }; config = lib.mkIf cfg.enable { time.timeZone = "America/Chicago"; boot.tmp.cleanOnBoot = true; zramSwap.enable = cfg.zram; security.sudo-rs = { enable = true; wheelNeedsPassword = false; }; swapDevices = [ { device = "/swapfile"; size = cfg.swapSize * 1024; } ]; documentation = lib.mkIf cfg.documentation { enable = lib.mkDefault false; info.enable = lib.mkDefault false; man.enable = lib.mkDefault false; nixos.enable = lib.mkDefault false; }; networking = { domain = ""; hostName = host.hostName; firewall = { enable = true; allowedTCPPorts = [ 22 ]; logRefusedConnections = true; }; }; users = { groups.plugdev = { }; groups.${host.username} = { }; users.${host.username} = { isNormalUser = true; group = "${host.username}"; home = "/home/e"; extraGroups = [ "wheel" "plugdev" "video" "adbusers" "network" ]; openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJou+k8HtIWdlztpWog7fVfJgxJnRIo7c5xVPUBhBxhi'' # phone ]; }; }; users.users.root.openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcL53Gdrj5V9YDwKlCBIcgqiS+zHtOQpJlnOHTevJCJ e@t14'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14'' ]; }; }