{ config, pkgs, myUser, release, disko, ... }:

{
    # Imports
    imports = [
        disko.nixosModules.disko ../disko/isengard/btrfs-legacy.nix
        
        # Secrets
        ../modules/agenix.nix

        # Containers
        ../modules/containers/ntfy.nix
        ../modules/containers/mindwtr.nix
        ../modules/containers/vaultwarden.nix
        ../modules/containers/nextcloud.nix
        ../modules/containers/actualbudget.nix

    ];
    # Disks
    boot.loader = {
        grub.enable = true;
    };

    # Networking
    networking.hostName = "isengard";
    networking.useDHCP = true;
    time.timeZone = "Europe/Bucharest";

    # User is admin
    users.groups.admin.gid = 10000;
    users.users.${myUser}.extraGroups = [
        "admin"
    ];

    # Virtualisation
    boot.enableContainers = true;
    virtualisation.podman = {
        enable = true;
        dockerCompat = true;
    };
    virtualisation.oci-containers.backend = "podman";
    systemd.tmpfiles.rules = [
        "d /srv/containers 0775 root admin"
    ];

    # Security
    security.auditd.enable = true;

    system.stateVersion = release;
}