nix-config/hosts/Niko/default.nix

{ config, pkgs, ... }:

{
  imports = [
    # Include the results of the hardware scan.
    ./hardware-configuration.nix
  ];

  homelab = {
    apps = {
      technitiumDNS.enable = true;
      traefik.enable = true;
    };
    users.deploy.enable = true;
  };

  # Use the systemd-boot EFI boot loader.
  boot.loader = {
    systemd-boot.enable = true;
    efi = {
      canTouchEfiVariables = true;
      efiSysMountPoint = "/boot/efi";
    };
  };

  console = {
    font = "Lat2-Terminus16";
    keyMap = "us";
  };

  # List packages installed in the system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    cifs-utils
  ];

  hardware = {
    enableRedistributableFirmware = true;
    enableAllFirmware = true;
    graphics.enable = true;
  };

  # Select internationalisation properties.
  i18n.defaultLocale = "en_GB.UTF-8";

  networking = {
    hostName = "Niko";
    domain = "depeuter.dev";

    enableIPv6 = true;

    # Open ports in the firewall.
    firewall = {
      enable = true;
    };

    networkmanager.enable = true;

    extraHosts = ''
      192.168.0.11 jelly.depeuter.dev
    '';
  };

  nixpkgs.config.allowUnfree = true;

  # List services that you want to enable:
  services = {
    # Cage, a wayland kiosk service
    cage = {
      enable = true;
      environment = {
        # Do not fail when there are no input devices.
        # WLR_LIBINPUT_NO_DEVICES = "1";
      };
      extraArguments = [
        "-d" # Don't draw client side decorations, when possible
        # "-m" "last" # Use only the last connected output
        "-s" # Allow VT switching
      ];
      program = "/home/jellyfin-mpv-shim/start.sh";
      user = config.users.users.jellyfin-mpv-shim.name;
    };

    pulseaudio.enable = true;

    tailscale = {
      enable = true;
      useRoutingFeatures = "server";
      authKeyFile = "/etc/nixos/tailscale-authkey";
      extraUpFlags = [
        "--advertise-routes=192.168.0.0/24"
        "--exit-node"
      ];
    };

    # Fix DNS issues. See:
    # https://github.com/tailscale/tailscale/issues/4254
    # resolved.enable = true;
  };

  # Define a user account. Don't forget to set a password with 'passwd'.
  users.users.jellyfin-mpv-shim = {
    description = "Jellyfin MPV Shim User";
    isNormalUser = true;
    extraGroups = [
      config.users.groups.audio.name
      config.users.groups.video.name
    ];
    packages = with pkgs; [
      jellyfin-mpv-shim
      mpv
      socat
    ];
  };

  systemd.services."cage-tty1".serviceConfig.Restart = "always";

  system.stateVersion = "24.05";
}