{ config, pkgs, ... }:
{
##### sysstat #####

services.sysstat = {
	enable = true;
	collect-frequency = "*:*:00";
	};


###### Virtualisation and Docker #######

virtualisation.libvirtd.enable = true;
programs.dconf.enable = true;

virtualisation.docker.enable = true;

environment.systemPackages = with pkgs; [
  virt-manager
  virt-viewer
  qemu
  docker-compose
  nvtopPackages.full
];

# Adb

programs.adb.enable = true;
services.udev.packages = [
    pkgs.android-udev-rules
  ];


###### Yubikey service #####

services.pcscd.enable = true;

###### NTFS (3G) support ######

boot.supportedFilesystems = [ "ntfs" ];

##### Let wiregurad thru firewall ##########
  networking.firewall = {
   # if packets are still dropped, they will show up in dmesg
   logReversePathDrops = true;
   # wireguard trips rpfilter up
   extraCommands = ''
     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 1637 -j RETURN
     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 1637 -j RETURN
     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --sport 44999 -j RETURN
     ip46tables -t mangle -I nixos-fw-rpfilter -p udp -m udp --dport 44999 -j RETURN
   '';
   extraStopCommands = ''
     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 1637 -j RETURN || true
     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 1637 -j RETURN || true
     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --sport 44999 -j RETURN || true
     ip46tables -t mangle -D nixos-fw-rpfilter -p udp -m udp --dport 44999 -j RETURN || true
   '';
  };

}