{ lib, inputs, self, pkgs, pkgs-unstable, ... }: let
  hostName = "outpost";
  hostId = "373a7023";
  tinc-ip = "10.86.84.106/32";

  stateVersion = "25.05";
in {
  networking.hostId = hostId;
  networking.hostName = hostName;
  system.stateVersion = stateVersion;

  home-manager = {
    users."lauren_lagarde" = {
      home.stateVersion = stateVersion;
      imports = self.homeManagerModules."lauren_lagarde@tui.mlaga97.space";
    };
    extraSpecialArgs = { inherit self pkgs-unstable; };
  };

  time.timeZone = "America/Chicago";
  sops.defaultSopsFile = ./secrets.yaml;

  imports = [
    inputs.sops-nix.nixosModules.sops
    inputs.home-manager.nixosModules.home-manager

    ../../nixos/features/pi.nix

    # Core Features
    ../../nixos/features/base.nix
    ../../nixos/features/tui-apps.nix
    ../../nixos/features/openssh-server.nix

    # Core Tweaks
    ../../nixos/tweaks/zram.nix
    ../../nixos/tweaks/enable_flakes.nix
    ../../nixos/tweaks/systemd-resolved_nonsense.nix

    # Dotspace
    ../../dotspace/parts/tinc.nix

    # Users
    ../../users/lauren_lagarde/configuration.nix
    ../../users/ashley_funkhouser/ashley_funkhouser.nix

    # Outpost
    ../../nixos/tweaks/disable_firewall.nix
    ../../nixos/tweaks/zfs.nix
  ];

  # TODO: Break this one out, for sure
  nix.settings.trusted-users = [
    "lauren_lagarde"
  ];

  ##############################################################################
  ##############################################################################
  ##############################################################################
  # Services

  services.smartd.enable = lib.mkForce false;

  ##############################################################################
  ##############################################################################
  ##############################################################################
  # Networking

  networking.useNetworkd = true;
  systemd.network = {
    enable = true;
  };

  ##############################################################################
  # Tinc

  sops.secrets."dotspace/${hostName}/keys/tinc/rsa_key.priv" = { sopsFile = ./secrets.yaml; };
  sops.secrets."dotspace/${hostName}/keys/tinc/ed25519_key.priv" = { sopsFile = ./secrets.yaml; };

  systemd.network.networks."90-tinc" = {
    matchConfig.Name = "tinc.dotspace";
    address = [ "${tinc-ip}" ];
    routes = [ { Destination = "10.86.84.0/24"; } ];
  };

  services.tinc.networks.dotspace = {
    name = hostName;
    ed25519PrivateKeyFile = "/run/secrets/dotspace/${hostName}/keys/tinc/ed25519_key.priv";

    chroot = false;
    settings.ConnectTo = [ "fortress" ];
  };
}