{ config, inputs, outputs, pkgs, ... }: {
  boot = {
    initrd.kernelModules = [ "zfs" ];
    kernel.sysctl = {
      "kernel.hostname" = "prometheus.trentguthrie.net";
      #"kernel.split_lock_mitigate" = 0; # https://lwn.net/Articles/911219/
      #"net.ipv4.tcp_congestion_control" = "reno";
    };
    kernelPackages = pkgs.master.linuxPackages_7_0;
    #kernelParams = [
    #  "amdgpu.ppfeaturemask=0xfffd3fff"
    #  "split_lock_detect=off"
    #];
    loader = {
      efi = {
        canTouchEfiVariables = true;
        efiSysMountPoint = "/efiboot/efi1";
      };
      systemd-boot = {
        enable = true;
        memtest86.enable = true;
      };
      timeout = 3;
    };
    supportedFilesystems = [ "zfs" ];
    zfs = {
      forceImportRoot = true;
      package = pkgs.master.zfs_2_4;
    };
  };

  environment.systemPackages = [
    pkgs.linux-firmware
    pkgs.master.linuxKernel.packages.linux_7_0.turbostat
    pkgs.mailutils
  ];

  imports = [
    ./disks.nix
    ./hardware-configuration.nix
    ../common/core
    #../common/optional/db.nix
    #../common/optional/dev.nix
    #../common/optional/ebooks.nix
    #../common/optional/games.nix
    #../common/optional/google-authenticator.nix
    #../common/optional/gui.nix
    #../common/optional/misc.nix
    #../common/optional/multimedia.nix
    #../common/optional/pipewire.nix
    #../common/optional/printer.nix
    #../common/optional/sdr.nix
    #../common/optional/services/chrony.nix
    ../common/optional/services/openssh.nix
    #../common/optional/services/wayland.nix
    #../common/optional/services/xorg.nix
    #../common/optional/sound.nix
    #../common/optional/wdt.nix
    ../common/optional/zfs.nix
    ../common/users/nipsy
    ../common/users/root
    ../common/users/trent
  ];

  networking = {
    defaultGateway = {
      address = "10.0.1.1";
      interface = "enp89s0";
    };
    hostId = "a227ce4d";
    hostName = "prometheus";
    interfaces = {
      enp89s0 = {
        ipv4.addresses = [
          { address = "10.0.1.17"; prefixLength = 24; }
        ];
      };
    };
    nameservers = [ "10.0.1.1" ];
    nftables.enable = true;
    search = [
      "trentguthrie.net"
    ];
    useDHCP = false;
    #wireless = {
    #  enable = true;
    #  networks = {
    #    "Crystal Palace" = {
    #      pskRaw = "ext:psk_crystal_palace";
    #    };
    #  };
    #  secretsFile = "${config.sops.secrets."wpa_supplicant".path}";
    #};
  };

  nixpkgs = {
    config = {
      allowUnfree = true;
    };
    hostPlatform = "x86_64-linux";
    overlays = [
      inputs.nvidia-patch.overlays.default
      outputs.overlays.additions
      outputs.overlays.modifications
      outputs.overlays.master-packages
      #outputs.overlays.my-nixpkgs-packages
      #outputs.overlays.pr495610-packages
      outputs.overlays.stable-packages
      #outputs.overlays.staging-packages
      #outputs.overlays.wine9_22-packages
    ];
  };

  services.openssh.settings.X11Forwarding = true;
  #services.xserver.videoDrivers = [ "amdgpu" ];

  #sops = {
  #  age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
  #  defaultSopsFile = ../secrets/caladan.yaml;

  #  secrets = {
  #    "nftables/ssh" = {};
  #    "nix-access-token-github" = {};
  #    "ssh_config".path = "/root/.ssh/config";
  #    #"wpa_supplicant" = {
  #    #  group = config.users.users.wpa_supplicant.group;
  #    #  owner = config.users.users.wpa_supplicant.name;
  #    #};
  #  };
  #};

  system.stateVersion = "26.05";
}