{ config, pkgs, ... }:

{
  imports =
    [
      ./hardware-configuration.nix
      ./firmware.nix
      ./mixcloud.nix
      ./syncthing.nix
      ./users.nix
    ];

  profiles.clerie.mercury-vm.enable = true;

  boot.loader.grub.enable = true;
  boot.loader.grub.device = "/dev/vda";

  networking.useDHCP = false;
  systemd.network.enable = true;

  systemd.network.networks."10-wan" = {
    matchConfig.Name = "ens18";
    address = [
      "2001:638:904:ffc0::4/64"
    ];
    routes = [
      { Gateway = "2001:638:904:ffc0::1"; }
    ];
    linkConfig.RequiredForOnline = "routable";
  };
  systemd.network.networks."10-nat-netz-mercury" = {
    matchConfig.Name = "ens19";
    address = [
      "192.168.10.35/24"
    ];
    routes = [
      { Gateway = "192.168.10.1"; }
    ];
    linkConfig.RequiredForOnline = "routable";
  };

  services.nginx.enable = true;

  networking.firewall.allowedTCPPorts = [ 80 443 ];

  clerie.backup = {
    enable = true;
    jobs.main = {
      paths = [
        "/data/firmware"
      ];
    };
  };

  clerie.system-auto-upgrade = {
    allowReboot = true;
    autoUpgrade = true;
  };

  clerie.monitoring = {
    enable = true;
    id = "209";
    pubkey = "j48FqhMyPo7PG1uxQip2aCM9l91UNtACAIv7PanMFk8=";
  };

  system.stateVersion = "22.05";
}