{ inputs, config, lib, pkgs, modulesPath, desktop, username, ... }: {
  imports = [ 
    # inputs.nixos-hardware.nixosModules.framework-13-inch-13th-gen-intel
    inputs.nixos-hardware.nixosModules.framework-13th-gen-intel
    (modulesPath + "/installer/scan/not-detected.nix")
    ./disks.nix
    ../../common/modules/secureboot.nix
    ../../common/services/fwupd.nix
    ./builder.nix
    ./ssh-luks.nix
    ./docker.nix
    ./wireguard.nix
  ] ++ lib.optional (builtins.isString desktop) ./desktop.nix;

  # steam , etc
  nixpkgs.config.allowUnfree = true;

  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "thunderbolt" "sd_mod" "uas" ];
  boot.initrd.kernelModules = [ "r8152" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = with config.boot.kernelPackages; [ acpi_call ];

  networking.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;

  # Set your time zone.
  time.timeZone = "Asia/Tokyo";

  # Set the networking hostname:
  networking.hostName = "framework-server";
  networking.firewall.allowedTCPPorts = [ 22 ];

  # Generic Tailscale configs are in /nixos/common/services/tailscale.nix
  # Set up the secrets file:
  sops.secrets."tailscale_keys/framework-server" = {
    owner = "root";
    sopsFile = ../../../secrets/tailscale.yaml;
    restartUnits = [
      "tailscaled.service"
      "tailscaled-autoconnect.service"
    ];
  };
  services.tailscale.authKeyFile = "/run/secrets/tailscale_keys/framework-server";
  services.tailscale.extraUpFlags = [ 
    "--advertise-exit-node" 
    "--advertise-routes=10.2.0.0/24" 
  ];

  boot.kernel.sysctl = { 
    "net.ipv4.ip_forward" = true; 
    "net.ipv6.ip_forward" = true;
  };

  boot.initrd.services.udev.rules = ''
    # This is used to load the correct kernel module for the Framework USB-C Ethernet Adapter

    ACTION!="add", GOTO="usb_realtek_net_end"
    SUBSYSTEM!="usb", GOTO="usb_realtek_net_end"
    ENV{DEVTYPE}!="usb_device", GOTO="usb_realtek_net_end"

    # Modify this to change the default value
    ENV{REALTEK_MODE1}="1"

    # Realtek
    ATTR{idVendor}=="0bda", ATTR{idProduct}=="815[2,3,5,6]", ATTR{bConfigurationValue}!="$env{REALTEK_MODE1}", ATTR{bConfigurationValue}="$env{REALTEK_MODE1}"

    LABEL="usb_realtek_net_end"
  '';
}