{ ... }:

{
  # Networking
  networking = {
    hostName = "zora";
    domain = "lyes.eu";
    hostId = "233c35ca";

    enableIPv6 = false;

    nameservers = [
      "9.9.9.9"
      "149.112.112.112"
      "1.1.1.1"
      "1.0.0.1"
    ];

    firewall = {
      enable = true;

      allowedTCPPorts = [
        22
        80
        443
      ];
      allowedUDPPorts = [
        80
        443
      ];
    };

    interfaces = {
      ens2f0 = {
        ipv4 = {
          addresses = [
            {
              address = "185.230.78.13";
              prefixLength = 24;
            }
          ];
          routes = [
            {
              address = "0.0.0.0";
              prefixLength = 0;
              via = "185.230.78.99";
            }
          ];
        };
      };
    };
  };

  # Imposing a bandwidth limit to avoid Aurore/Crans disruptions
  # networking.nftables = {
  #   tables.rate_limit = {
  #     name = "rate_limit";
  #     family = "inet";
  #     enable = true;
  #     content = ''
  #       limit lim  { rate over 20 mbytes/second burst 40 mbytes ; comment "use to limit taffic" ; }

  #       chain IN {
  #         type filter hook input priority filter; policy drop;
  #         tcp dport 80 limit name "lim" accept
  #         tcp dport 443 limit name "lim" accept
  #       }
  #     '';
  #   };
  # };
}