{ pkgs, secrets, ... }: {
  networking = {
    hostName = "monolith";
    hostId = "44551c32";
    networkmanager.enable = true;
  };

  fileSystems = {
    "/" = {
      device = "/dev/disk/by-uuid/0c335248-f2b4-4a33-86f0-e96cfac82866";
      fsType = "ext4";
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/D945-7F54";
      fsType = "vfat";
      options = [ "fmask=0022" "dmask=0022" ];
    };
    "/library" = {
      device = "library";
      fsType = "zfs";
    };
  };

  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
    kernelModules = [ "kvm-amd" ];
    supportedFilesystems = [ "zfs" ];
  };

  users.users = {
    nettika = {
      isNormalUser = true;
      extraGroups = [ "wheel" "networkmanager" ];
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika"
      ];
    };
  };

  nixpkgs.config.allowUnfree = true;

  nix.settings.experimental-features = [ "nix-command" "flakes" ];

  tools.secrets = {
    enable = true;
  };

  tools.coding = {
    enable = true;
  };

  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
  };

  services.zerotierone = {
    enable = true;
    joinNetworks = secrets.zerotier.networks;
  };

  security.sudo.wheelNeedsPassword = false;

  time.timeZone = "America/Los_Angeles";
  
  system.stateVersion = "24.05";
}