{config, ...}: {
  imports = [
    ./networking.nix # network configuration that just works
    ./hardware.nix
  ];

  sils = {
    gallery = {
      enable = true;
      domain = "gallery.s-schoeffel.de";
    };
  };

  vhack = {
    back = {
      enable = true;
      repositories = {
        "${config.services.gitolite.dataDir}/repositories/vhack.eu/nixos-server.git" = {
          domain = "issues.foss-syndicate.org";
          port = 9220;
        };
      };
    };
    backup = {
      enable = true;
      privateSshKey = ./secrets/backup/backupssh.age;
      privatePassword = ./secrets/backup/backuppass.age;
      user = "u384702-sub3";
    };
    etesync = {
      enable = true;
      secretFile = ./secrets/etesync/secret_file.age;
    };
    fail2ban.enable = true;
    git-server = {
      enable = true;
      domain = "git.foss-syndicate.org";
      gitolite.adminPubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz cardno:000F_18F83532";
    };
    invidious-router = {
      enable = true;
      domain = "invidious-router.vhack.eu";
      extraDomains = [
        "video.fosswelt.org"
        "invidious-router.sils.li"
      ];
    };
    mail = {
      enable = true;
      fqdn = "mail.foss-syndicate.org";
    };
    nginx = {
      enable = true;
      redirects = {
        "source.foss-syndicate.org" = "https://git.foss-syndicate.org/vhack.eu/nixos-server";
        "source.vhack.eu" = "https://source.foss-syndicate.org";
      };
    };
    nixconfig.enable = true;
    openssh.enable = true;
    persist = {
      enable = true;
      directories = [
        "/var/log"
      ];
    };
    redlib.enable = true;
    rust-motd.enable = true;
    users.enable = true;
  };

  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;
  networking.hostName = "server2";
  networking.domain = "vhack.eu";

  system.stateVersion = "24.11";
}