{ modulesPath, config, pkgs, ... }:

{
  # Administrative sudo user
  users.users.admin = {
    isNormalUser = true;
    extraGroups = [ "wheel" ]; # wheel group is sudo access
    };

  # Enable password-based SSH login for admin user
  services.openssh = {
    enable = true;
    settings = {
      AllowUsers = ["admin"]; # everyone
      PasswordAuthentication = true;
      PermitRootLogin = "no";
    };
  };

}