{
  modulesPath,
  ...
}:
{

  imports = [
    (modulesPath + "/profiles/minimal.nix")
    ./network.nix
  ];

  boot.kernel.sysctl = {
    "net.ipv4.ip_unprivileged_port_start" = 0;
  };

  users.users."admin" = {
    isNormalUser = true;
    linger = true;
    extraGroups = [ "wheel" ];
  };

  environment.etc = {
    subuid = {
      text = "admin:100000:65536";
      mode = "0644";
    };

    subgid = {
      text = "admin:100000:65536";
      mode = "0644";
    };
  };

  services.openssh.enable = true;
  system.image.sshKeys.enable = true;
  system.image.sshKeys.keys = [
    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIIHMAEZx02kbHrEygyPQYStiXlrIe6EIqBCv7anIkL0pAAAABHNzaDo= dln1"
    "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIJNOBFoU7Cdsgi4KpYRcv7EhR/8kD4DYjEZnwk6urRx7AAAABHNzaDo= dln2"
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKDx+7ZEJi7lUCAtoHRRIduJzH3hrpx4YS1f0ZxrJ+uW dln3"
  ];

  virtualisation.podman.enable = true;
}