{ config, pkgs, ... }:

{
  networking = {
    domain = config.domain;
    networkmanager.enable = true;
    firewall = {
      enable = true;
      allowedUDPPorts = [
        config.services.tailscale.port
        53317
        16261
        16262
      ];
      allowedTCPPorts = [
        53317
        16261
        16262
      ];
      trustedInterfaces = [ "tailscale0" ];
    };
  };
  services = {
    tailscale = {
      enable = true;
      extraSetFlags = [
        "--ssh"
      ];
    };
  };
  hardware = {
    bluetooth = {
      enable = true;
      powerOnBoot = true;
      settings = {
        General = {
          Experimental = true;
        };
      };
    };
  };
}