{ config, lib, pkgs, ... }: let
	ipAddress = "10.1.1.1";
in {
	# Setup bootloader
	boot._loader.enable = true;

	# Enable common options
	_archetypes = {
		profiles.headless = {
			enable = true;
			home.users.timmy.enable = true;
		};
		profiles.router.enable = true;
	};

	networking = {
		# Label lan and wan interfaces
		_interfaceLabels = {
			enable = true;
			interfaces = {
				lan0 = "98:b7:85:22:9b:43";  # Internal
				wan0 = "54:ee:75:8c:4b:2d";  # External
			};
		};
		# Set ip addresses
		interfaces = {
			lan0.ipv4.addresses = [{
				address = ipAddress;
				prefixLength = 24;
			}];
			wan0.ipv4.addresses = [{
				address = "46.110.173.163";  # Reserved static ip for wg-router
				prefixLength = 31;
			}];
		};
		defaultGateway = {
			address = "46.110.173.161";
			interface = "wan0";
		};
		nameservers = [ "127.0.0.1" ];
		# Firewall rules
		firewall = {
			interfaces.wan0 = {
				allowedTCPPorts = [ 22 ];
			};
		};
		#nat.forwardPorts = [
		#	{
		#		sourcePort = 2222;
		#		proto = "tcp";
		#		destination = "10.1.1.1:22";
		#	}
		#	{
		#		sourcePort = 22;
		#		proto = "tcp";
		#		destination = "10.1.1.1:22";
		#	}
		#];
	};

	services._router = {
		dnsDhcpConfig = {
			localDomain = "wg-router.pls.lan";
			dhcp = {
				defaultGateway = ipAddress;
				localhostIp = ipAddress;
				rangeStart = "10.1.1.100";
				rangeEnd = "10.1.1.250";
				staticLeases = {
					idrac-8HT2W52 = {
						macAddress = "18:fb:7b:9d:16:b3";
						staticIp = "10.1.1.10";
					};
				};
			};
		};
	};

	# Enable user timmy
	_users.timmy.enable = true;

	system.stateVersion = "25.05";
}