{ config, lib, pkgs, ... }: let
	ipAddress = "10.1.1.1";
in {
	imports = [ ./wg.nix ];

	# Setup bootloader
	boot._loader.enable = true;

	# Enable common options
	_archetypes = {
		profiles.headless = {
			enable = true;
			home.users.timmy.enable = true;
		};
		profiles.router.enable = true;
	};

	networking = {
		# Label lan and wan interfaces
		_interfaceLabels = {
			enable = true;
			interfaces = {
				lan0 = "98:b7:85:22:9b:43";  # External
				wan0 = "54:ee:75:8c:4b:2d";  # Internal
			};
		};
		# Set ip addresses
		interfaces = {
			lan0.ipv4.addresses = [{
				address = ipAddress;
				prefixLength = 24;
			}];
			wan0.ipv4.addresses = [{
				address = "46.110.173.163";  # Reserved static ip for wg-router
				prefixLength = 31;
			}];
		};
		defaultGateway = {
			address = "46.110.173.161";
			interface = "wan0";
		};
		# Firewall rules
		firewall = {
			interfaces.wan0 = {
				allowedUDPPorts = [ 51820 ];
			};
		};
	};

	# Router config
	services._router = {
		dnsDhcpConfig = {
			localDomain = "wg-router.pls.lan";
			dhcp = {
				defaultGateway = ipAddress;
				localhostIp = ipAddress;
				rangeStart = "10.1.1.100";
				rangeEnd = "10.1.1.250";
				staticLeases = {
					idrac-8HT2W52 = {
						macAddress = "18:fb:7b:9d:16:b3";
						staticIp = "10.1.1.10";
					};
				};
			};
		};
	};

	# Enable user timmy
	_users.timmy.enable = true;

	system.stateVersion = "25.05";
}