{ config, pkgs, lib, hostName, ... }:
let
  wlan1Iface = "wlp2s0";
  wlan2Iface = "wlp0s26u1u2";
  wwanIface = "wwp0s29u1u4";
  ethIface = "enp0s25";
in
{
imports = [
  ../../nixos/profiles/networking.nix
  ../../nixos/profiles/dnscrypt-proxy2.nix
  ../../nixos/profiles/wireguard/wg-intra.nix
  networking/nftables.nix
];
install.substituteOnDestination = false;
#networking.domain = "sourcephile.fr";
networking.useDHCP = false;

networking.nftables.ruleset = lib.mkAfter ''
  table inet filter {
    chain input {
      goto input-net
    }
    chain output {
      ip daddr 10.0.0.0/8 counter goto output-lan
      ip daddr 172.16.0.0/12 counter goto output-lan
      ip daddr 192.168.0.0/16 counter goto output-lan
      ip daddr 224.0.0.0/3 counter goto output-lan
      jump output-net
      log level warn prefix "output-net: " counter drop
    }
  }
'';

networking.interfaces = {
};

networking.networkmanager = {
  enable = true;
  unmanaged = [
  ];
};
environment.etc."NetworkManager/system-connections/Prixtel.nmconnection" = {
  mode = "600";
  text = ''
    [connection]
    id=Prixtel
    uuid=b223f550-dff1-4ba3-9755-cd4557faaa5a
    type=gsm
    autoconnect=false
    permissions=user:julm:;

    [gsm]
    apn=sl2sfr
    number=*99#
    home-only=true

    [ppp]

    [ipv4]
    method=auto

    [ipv6]
    addr-gen-mode=stable-privacy
    method=disabled

    [proxy]
  '';
};

networking.wireguard.wg-intra.peers = {
  mermet.enable = true;
  losurdo.enable = true;
  patate.enable = true;
  aubergine.enable = true;
};

services.openssh.listenAddresses = [
];

environment.systemPackages = [
  pkgs.iw
  pkgs.modem-manager-gui
];
}