pi/configuration.nix

{
  config,
  pkgs,
  lib,
  ...
}: let
  nixosHardwareVersion = "7f1836531b126cfcf584e7d7d71bf8758bb58969";
  sopsNixVersion = "8f093d0d2f08f37317778bd94db5951d6cce6c46";

  timeZone = "Europe/Berlin";
  defaultLocale = "en_US.UTF-8";
  storageModel = import ./intermediate/storage.nix;
in {
  imports = [
    "${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/${nixosHardwareVersion}.tar.gz"}/raspberry-pi/4"
    "${fetchTarball "https://github.com/Mic92/sops-nix/archive/${sopsNixVersion}.tar.gz"}/modules/sops"
    ./system
    ./services
    ./programs
  ];

  fileSystems = storageModel.fileSystems;

  networking.hostName = "raspberry";

  environment.systemPackages = with pkgs; [
    docker-compose
    docker-client
    podman
    podman-compose
  ];

  time.timeZone = timeZone;

  virtualisation.docker = {
    enable = true;
    autoPrune.enable = true;
    daemon.settings = {
      "log-driver" = "json-file";
      "log-opts" = {
        "max-size" = "10m";
        "max-file" = "3";
      };
    };
  };
  virtualisation.podman = {
    enable = true;
    defaultNetwork.settings.dns_enabled = false;
  };

  i18n = {
    defaultLocale = defaultLocale;
    extraLocaleSettings = {
      LC_ADDRESS = defaultLocale;
      LC_IDENTIFICATION = defaultLocale;
      LC_MEASUREMENT = defaultLocale;
      LC_MONETARY = defaultLocale;
      LC_NAME = defaultLocale;
      LC_NUMERIC = defaultLocale;
      LC_PAPER = defaultLocale;
      LC_TELEPHONE = defaultLocale;
      LC_TIME = defaultLocale;
    };
  };

  users = {
    mutableUsers = false;
  };

  # Enable passwordless sudo.
  security.sudo.extraRules = [
    {
      users = ["nudelerde"];
      commands = [
        {
          command = "ALL";
          options = ["NOPASSWD"];
        }
      ];
    }
  ];

  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than +5";  # Keep last 5 generations
  };

  nix.settings.experimental-features = [ "nix-command" "flakes" ];

  # Enable GPU acceleration
  hardware.raspberry-pi."4".fkms-3d.enable = true;

  system.stateVersion = "23.11";
}