{ inputs, pkgs, ...}: { nixpkgs.config.allowUnfree = true; nix.settings.trusted-users = [ "root" "@wheel" ]; nix.registry.nixpkgs.flake = inputs.nixpkgs; nix.extraOptions = '' experimental-features = nix-command flakes ''; nix.gc = { automatic = true; options = "--delete-older-than 21d"; }; security.sudo.wheelNeedsPassword = false; services.openssh = { enable = true; settings = { PasswordAuthentication = false; KbdInteractiveAuthentication = false; PermitRootLogin = "prohibit-password"; }; }; environment.shellAliases = { "nixos-switch" = "sudo nixos-rebuild switch --flake .#"; "nom-affogato" = "nom build .#nixosConfigurations.affogato.config.system.build.toplevel"; }; environment.systemPackages = with pkgs; [ python3 vim tmux jq yq tree git bind.dnsutils openssl curl htop pinentry gnupg sequoia ]; }