{ inputs, username, ... }:
{
  # diva provides uptime-kuma, and website hosting for rougebordeaux.xyz

  imports = [
    # these files should be automatically generated by nixos-infect
    /etc/nixos/configuration/hardware.nix
    /etc/nixos/configuration/networking.nix

    ./features
    ../../shared
  ];

  networking.hostName = "diva"; # Define your hostname.
  networking.domain = "rougebordeaux.xyz";
  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;

  networking.firewall = {
    enable = true;
    allowedTCPPorts = [
      22 # ssh
      80 # http
      443 # ssl
    ];
  };

  services.caddy.enable = true;

  users.users.${username} = {
    isNormalUser = true;
    extraGroups = [
      "wheel"
      "dialout"
      "docker"
    ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA8sdToNavEQv7PTMJ97HIGM6UlChwGS3x9O8hFilzui harryh@ik.me"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHjz5MUSmc1ahtUJWuvzG7PHH432nx6a0Nj2zfxt3oTP geekcat@protonmail.com"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP9Yp7TbDhYJ27Sh+LcPXT569bMVwbFrkE4zksfU84l+ harry123@goober"
    ];
  };
}