# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).

# NixOS-WSL specific options are documented on the NixOS-WSL repository:
# https://github.com/nix-community/NixOS-WSL

{ config, lib, pkgs, ... }:
let
  cfg = config.services.forgejo;
  srv = cfg.settings.server;
in
{
  system.stateVersion = "24.11";

  nix = {
    settings = {
      experimental-features = [ "nix-command" "flakes" ];
    };
  };

  users.users = {
    # connection only via ssh key
    pipeline = {
      isNormalUser = true;
      home = "/home/pipeline";
      description = "User used by forgejo runners to connect to this system";
      extraGroups = [ "docker" ];
      openssh.authorizedKeys.keys = [ "TODO" ];
    };

    # connection only via hashed password;
    dev = {
      isNormalUser = true;
      home = "/home/dev";
      description = "User used to manually connect to this system (e.g. for maintenance)";
      extraGroups = [ "docker" "wheel" ];
      hashesPassword = "TODO";
    }
  };

  environment.systemPackages = with pkgs; [
    git
  ];

  virtualisation.docker = {
    enable = true;
  };

  services = {
    endlessh = {
      enable = true;
      port = 22;
    };

    openssh = {
      enable = true;
      ports = [ 23 ];
    };
  };
}