nix-config-v2/modules/machine/valefor/configuration.nix

{
  config,
  lib,
  pkgs,
  userName,
  ...
}: {
  imports = [
    ../../graphics
    ../../pwrMgmt
    ../../networking/core.nix
    ../../networking/dns.nix
    ../../virtualization/podman.nix
  ];

  # Enable flakes for NixOS
  nix.settings.experimental-features = ["nix-command" "flakes"];

  # Custom kernel/boot stuff
  boot.kernelPackages = pkgs.linuxPackages_latest;
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

  # Enable Bluetooth if present
  hardware.bluetooth.enable = true;

  # Set your timezone
  time.timeZone = "America/Detroit";

  # Enable OpenSSH
  services.openssh.enable = true;

  # Enable keyring
  services.gnome.gnome-keyring.enable = true;

  # Enable GnuPG
  programs.gnupg.agent = {
    enable = true;
    enableSSHSupport = true;
  };

  # Enable SUID wrappers (some programs need them)
  programs.mtr.enable = true;

  # Enable Polkit
  security.polkit.enable = true;

  # Graphics module (../../graphics/default.nix)
  graphics = {
    enable = true;
    gpuVendor = "intel";
    wayland.enable = true;
    vulkan.enable = true;
  };

  # Power management (see ../../pwrMgmt/default.nix)
  pwrMgmt = {
    enable = true;
    cpuFreqGovernor = "performance";
    powertop.enable = false;
  };

  # Podman module (see ../../virtualization/podman.nix)
  podman = {
    enable = true;
    extraPackages = with pkgs; [
      docker-credential-helpers
      toolbox
      cosign
      crane
      podman-tui
      podman-desktop
    ];
  };

  # Core networking module (see ../../networking/core.nix)
  network = {
    firewall.enable = true;
    networkManager.enable = true;
  };

  # DNS module (see ../../networking/dns.nix)
  dns = {
    technitium.enable = true;
  };

  # Add username to groups "wheel" and "video" - more may be added here later
  users.users.${userName}.extraGroups = ["wheel" "podman" "network"];

  system.stateVersion = "24.11";
}