{ config, fp, pkgs, lib, values, ... }:
{
  imports = [
      # Include the results of the hardware scan.
      ./hardware-configuration.nix
      (fp /base)

      ./services/monitoring
      ./services/nginx
      ./services/journald-remote.nix
    ];

  sops.defaultSopsFile = fp /secrets/ildkule/ildkule.yaml;
  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
  sops.age.keyFile = "/var/lib/sops-nix/key.txt";
  sops.age.generateKey = true;

  boot.loader.systemd-boot.enable = false;
  boot.loader.grub.device = "/dev/vda";
  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;

  # Openstack Neutron and systemd-networkd are not best friends, use something else:
  systemd.network.enable = lib.mkForce false;
  networking = let
    hostConf = values.hosts.ildkule;
  in {
    tempAddresses = "disabled";
    useDHCP = lib.mkForce true;

    search = values.defaultNetworkConfig.domains;
    nameservers = values.defaultNetworkConfig.dns;
    defaultGateway.address = hostConf.ipv4_internal_gw;

    interfaces."ens4" = {
      ipv4.addresses = [
        { address = hostConf.ipv4;          prefixLength = 32; }
        { address = hostConf.ipv4_internal; prefixLength = 24; }
      ];
      ipv6.addresses = [
        { address = hostConf.ipv6;          prefixLength = 64; }
      ];
    };
  };

  # No devices with SMART
  services.smartd.enable = false;

  # Don't change (even during upgrades) unless you know what you are doing.
  # See https://search.nixos.org/options?show=system.stateVersion
  system.stateVersion = "23.11";
}