{ config, pkgs, ... }:

{
  services.openssh = {
    enable = true;
    ports = [ 22 ];
    settings = {
      PermitRootLogin = "no";
      PasswordAuthentication = false;
      KbdInteractiveAuthentication = false;
      PermitEmptyPasswords = false;

      X11Forwarding = false;
      AllowTcpForwarding = false;
      AllowAgentForwarding = false;
      AllowStreamLocalForwarding = false;

      ClientAliveInterval = 300;
      ClientAliveCountMax = 2;
      MaxAuthTries = 3;
      MaxSessions = 2;
      LoginGraceTime = 30;
    };
  };

  services.tailscale.enable = true;

  services.fwupd.enable = true;

  services.sunshine = {
      enable = true;
      autoStart = true;
      openFirewall = true;
      capSysAdmin = true;
      applications = {
        apps = [
          {
            name = "Steam Big Picture";
            cmd = "${pkgs.steam}/bin/steam -bigpicture";
          }
          {
            name = "Desktop";
            cmd = "${pkgs.coreutils}/bin/true";
          }
        ];
      };
  };

  services = {
      syncthing = {
          enable = true;
          group = "wheel";
          user = "atridad";
          dataDir = "/home/atridad/syncthing/data";
          configDir = "/home/atridad/syncthing/conf";
      };
  };

  services.avahi.publish.enable = true;
  services.avahi.publish.userServices = true;

  services.system76-scheduler.enable = true;
}