{ pkgs, ... }: { security.polkit.enable = true; security.rtkit.enable = true; programs.zsh.enable = true; networking.firewall.enable = false; boot.loader.systemd-boot.memtest86.enable = true; boot.loader.systemd-boot.netbootxyz.enable = true; boot.loader.timeout = 1; boot.loader.efi.canTouchEfiVariables = true; systemd.extraConfig = "DefaultTimeoutStopSec=10s"; boot.kernelPackages = pkgs.linuxPackages_latest; services.thermald.enable = true; services.pcscd.enable = true; services.fwupd.enable = true; services.gvfs.enable = true; services.fstrim.enable = true; services.openssh = { enable = true; settings = { PermitRootLogin = "no"; PasswordAuthentication = false; }; }; environment.systemPackages = with pkgs; [ wget curl git lm_sensors wireguard-tools # Podman dive podman-tui docker-compose ]; virtualisation.containers.enable = true; virtualisation = { podman = { enable = true; dockerCompat = true; defaultNetwork.settings.dns_enabled = true; }; }; services.resolved = { enable = true; fallbackDns = [ "1.1.1.1" "1.0.0.1" ]; }; fileSystems."/home/server" = { device = "192.168.1.2:/home/server"; fsType = "nfs"; options = [ "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Workspace" = { device = "/home/server/Workspace"; options = [ "bind" "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Documents" = { device = "/home/server/Storage/Thomas/Documents"; options = [ "bind" "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Pictures" = { device = "/home/server/Storage/Thomas/Pictures"; options = [ "bind" "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; fileSystems."/home/user/Videos" = { device = "/home/server/Storage/Thomas/Videos"; options = [ "bind" "x-systemd.automount" "x-systemd.mount-timeout=1" "_netdev" "noauto" "timeo=1" ]; }; }