{ config, lib, pkgs, ... }:
{
  nix.settings.substituters = 
  [ 
    "https://mirrors.ustc.edu.cn/nix-channels/store" 
  ];
  nix.settings.trusted-public-keys = [
    "cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
  ];
  imports =
    [
      ./hardware-configuration.nix
    ];

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/sdb";

  networking.hostName = "kami";

  time.timeZone = "Asia/Shanghai";

  i18n.defaultLocale = "en_US.UTF-8";

  systemd.tmpfiles.rules = [
  "d /docker-compose 0755 root root -"
  "d /docker-compose/docker-root 0755 root root -"
  ];  
  
  virtualisation.docker.enable = true;

  virtualisation.docker.daemon.settings = {
  registry-mirrors = [
    "https://docker.m.daocloud.io"
    "https://docker.1panel.live"
    "https://hub.rat.dev"
    "https://registry.docker.jp"
    "https://kr.registry.ktcloud.com"
    "https://docker.sg.mirror"
    "https://my.mirror.docker.io"
    "https://dockerhub.mirror.tw"
    "https://docker.1ms.run"
  ];
  
  data-root = "/docker-compose/docker-root";
  };  

  users.users.kami = {
     isNormalUser = true;
     extraGroups = [ "wheel" "docker"];
     hashedPassword = "$6$K3dbe2DC/9mq7Y8h$0Uy/lNwnFTHAjC61imz1wWQvDo12BUtOsgbP4vRAgN9gR.RFV8ZHw/6ns16.QO1KoXNuPxxNSoYMDk1HSYq/O/";
     };

  environment.systemPackages = with pkgs; [
     vim
     curl
     openssh
     htop
     git
     neofetch
   ];

  services.openssh.enable = true;
  services.openssh.settings.PasswordAuthentication = true;

  networking.firewall.enable = false;

  system.copySystemConfiguration = true;

  system.stateVersion = "25.05";

}