{
  lib,
  pkgs,
  ...
}:
{
  global = {
    id = "ff96c05be13e44f681292205370eed1a";
    auth.openssh.enable = true;
    fs.esp.uuid = "C368-7571";
    fs.type = "zfs";
    fs.zfs.alert.secret = "/nix/persist/secret/telegram";
    fs.zfs.split.enable = true;
    fs.zfs.split.store = "d9202e56-a14f-4342-acdb-dbae33d680fc";
    fs.zfs.split.secret = "1404c4f1-b890-4cf0-ab8a-26bd81bd2254";
    fs.zfs.replication.enable = true;
    fs.zfs.replication.remote = "eientei@archive:archive/backup/koishi/eientei";
    fs.cryptsetup.enable = true;
    fs.cryptsetup.allowDiscards = false;
    fs.cryptsetup.uuids.secret = "c33c9b18-a280-42d7-8740-3f8d3f60dc43";
    gpu.enable = true;
    gpu.type = "intel";
    gpu.session = false;
    boot.lanzaboote = true;
    boot.memtest = 4;
    acme.enable = true;
    oci.enable = true;
  };

  services.udev.extraRules = ''
    SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="80:61:5f:07:9e:2f", NAME="ix0"
    SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="00:e0:4c:68:bb:30", NAME="ss0"
  '';
  boot.kernelParams = [ "zfs.zfs_arc_max=17179869184" ];

  imports = lib.pipe ./. [
    builtins.readDir
    (lib.filterAttrs (n: ty: ty == "regular" && n != "default.nix"))
    (lib.mapAttrsToList (n: _: ./${n}))
  ];

  hardware.enableRedistributableFirmware = true;
  boot.initrd.availableKernelModules = [
    "xhci_pci"
    "ahci"
    "mpt3sas"
    "nvme"
    "usbhid"
    "usb_storage"
    "sd_mod"
  ];
  boot.initrd.kernelModules = [ "i915" ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];

  environment.systemPackages = with pkgs; [ python3 ];
}