{ hostname, lib, modulesPath, ... }: {
  imports = [ 
    (modulesPath + "/profiles/qemu-guest.nix")
    ../../common/services/tailscale-autoconnect.nix
    ./firewall.nix
    ../../common/services/docker.nix
    (import ../../common/containers/derp.nix { domainName = "milan.sysctl.io"; })
  ];

  boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_scsi" "ahci" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ ];
  boot.extraModulePackages = [ ];

  # Enable LISH
  boot.kernelParams = [ "console=ttyS0,19200n8" ];
  boot.loader.grub.extraConfig = ''
    serial --speed=19200 --unit=0 --word=8 --parity=no --stop=1;
    terminal_input serial;
    terminal_output serial
  '';

  boot.loader.grub.forceInstall = true;
  boot.loader.grub.device = "nodev";
  boot.loader.timeout = 10;

  fileSystems."/" = { 
      device = "/dev/disk/by-label/nixos";
      fsType = "ext4";
    };

  swapDevices = [ { device = "/dev/disk/by-label/linode-swap"; } ];
  
  # Distributed Builds
  nix.distributedBuilds = true;

  networking.useDHCP = lib.mkDefault true;
  time.timeZone = "Europe/Rome";
  networking.hostName = hostname;

  services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
  boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };
}