{ config, pkgs, ... }:

let
  hostname = "nostromo.sea.fudo.org";

in {

  boot.kernelModules = [ "kvm-amd" ];

  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/sdb";

  imports = [
    ../defaults.nix
    ../networks/sea.fudo.org.nix
    ../profiles/server.nix
    ../hardware-configuration.nix
    # ../profiles/services/local_nameserver.nix
  ];

  fudo.postgresql = {
    enable = true;
    ssl-private-key = "/srv/nostromo.sea.fudo.org/certs/private/privkey.pem";
    ssl-certificate = "/srv/nostromo.sea.fudo.org/certs/cert.pem";
    keytab = "/srv/nostromo.sea.fudo.org/keytabs/postgres.keytab";

    local-networks = [
      "10.0.0.1/24"
    ];
  };

  networking = {
    hostName = hostname;

    defaultGateway = "10.0.0.1";

    nameservers = [ "10.0.0.1" ];

    # Turn off for hypervisor: dhcp by default everywhere is a fuckin pain.
    dhcpcd.enable = false;

    # Create a bridge for VMs to use
    macvlans.intlan0 = {
      interface = "eno1";
      mode = "bridge";
    };

    interfaces = {
      intlan0 = {
        macAddress = "46:54:76:06:f1:10";
        ipv4.addresses = [
          {
            address = "10.0.0.2";
            prefixLength = 23;
          }
        ];
      };
    };
  };

  hardware.bluetooth.enable = false;

  environment.systemPackages = with pkgs; [
    ipfs
    libguestfs-with-appliance
    libvirt
    virtmanager
  ];

  virtualisation.libvirtd = {
    enable = true;
    qemuPackage = pkgs.qemu_kvm;
    onShutdown = "shutdown";
  };

  services.ipfs = {
    enable = true;
    enableGC = true;
    autoMount = false;
    defaultMode = "online";
    apiAddress = "/ip4/10.0.0.2/tcp/5001";
    gatewayAddress = "/ipv4/10.0.0.2/tcp/8080";
  };
}