{
  config,
  pkgs,
  lib,
  ...
}:
{

  imports = [

    # todo : remove
    ../../system/all

    ./hardware-configuration

    ./packages.nix

    ./network-tinc.nix
    ./network-wireguard-wg0.nix

    ./hass-mqtt.nix
    ./hass-zigbee2mqtt.nix
    ./hass.nix

    # todo: add autotag again
    #./taskwarrior-autotag.nix

    ./media-audiobookshelf.nix
    ./media-castget.nix
    ./media-curl.nix
    ./media-jellyfin.nix
    ./media-navidrome.nix
    ./media-share.nix
    ./media-syncthing.nix
    ./media-youtube.nix

    ./telemetry/grafana.nix
    ./telemetry/telegraf-smart.nix
    ./telemetry/telegraf.nix
    ./telemetry/prometheus.nix
    ./telemetry/loki.nix # todo enable this one again

    ./sync-rbackup.nix
    ./sync-syncoid.nix

    ./service-atuin.nix
    ./service-forgejo.nix
    ./service-paperless-backup.nix
    ./service-paperless-healthchecks.nix
    ./service-paperless-tika.nix
    ./service-paperless.nix
    ./service-s3.nix
    #./service-taskwarrior.nix
    ./service-vault.nix

    ./zerotier-controller.nix

    ./topology.nix

  ];

  components.gui.enable = false;
  components.mainUser.enable = true;
  components.media.tts-server.enable = false;
  components.network.enable = true;
  components.network.wifi.enable = false;
  components.terminal.enable = true;

  features.boot.ssh.enable = true;
  features.boot.ssh.kernelModules = [ "e1000e" ];
  features.boot.tor.enable = true;

  telemetry.enable = true;
  telemetry.apps.opentelemetry.receiver.endpoint = "0.0.0.0:4317";
  networking.firewall.interfaces.wg0.allowedTCPPorts = [ 4317 ];
  networking.firewall.interfaces.wg0.allowedUDPPorts = [ 4317 ];

  healthchecks.closed.wg0.host = "10.100.0.2";

  services.printing.enable = false;

  networking.hostName = "chungus";

  # nix-shell -p speedtest_cli --run speedtest
  #configuration.fireqos = {
  #  enable = false;
  #  interface = "enp0s25";
  #  input = 200000;
  #  output = 2000;
  #  balance = false;
  #};

  system.stateVersion = "23.11";

}