{ config, lib, pkgs, ... }:

with lib; {
  boot = {
    initrd = {
      availableKernelModules = [
        "ehci_pci"
        "ahci"
        "isci"
        "usbhid"
        "usb_storage"
        "sd_mod"
      ];
      kernelModules = [ "dm-snapshot" ];
    };
    kernelModules = [ "kvm-intel" ];
    extraModulePackages = [ ];
    loader.grub = {
      enable = true;
      version = 2;
      device = "/dev/sda";
    };

    supportedFilesystems = [ "btrfs" ];
  };

  fileSystems = {
    "/" = {
      device = "root-tmpfs";
      fsType = "tmpfs";
      options = [ "mode=755" "noexec" ];
    };

    "/boot" = {
      device = "/dev/disk/by-label/boot";
      fsType = "ext4";
      options = [ "noexec" "noatime" "nodiratime" ];
    };

    "/nix" = {
      device = "/dev/disk/by-label/data";
      fsType = "btrfs";
      options = [ "subvol=@nix" "compress=zstd" "noatime" "nodiratime" ];
    };

    "/var/log" = {
      device = "/dev/disk/by-label/data";
      fsType = "btrfs";
      options = [ "subvol=@logs" "compress=zstd" "noatime" "nodiratime" "noexec" ];
      neededForBoot = true;
    };

    "/state" = {
      device = "/dev/disk/by-label/data";
      fsType = "btrfs";
      options = [ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ];
    };
  };

  swapDevices = [{ device = "/dev/disk/by-label/swap"; }];

  networking = {
    macvlans = {
      extif0 = {
        interface = "eno1";
        mode = "bridge";
      };
    };

    useDHCP = false;

    interfaces = {
      extif0 = {
        macAddress =
          pkgs.lib.network.generate-mac-address config.instance.hostname "extif0";
      };
    };
  };
}