{ ... }:
{
  imports = [
    ./hardware-configuration.nix
  ];
  boot.tmp.cleanOnBoot = true;
  zramSwap.enable = true;
  swapDevices = [
    {
      device = "/swapfile";
      size = 16 * 1024;
    }
  ];
  services = {
    fail2ban.enable = true;
    fail2ban.maxretry = 5;
    fail2ban.bantime = "1h";
    fail2ban.ignoreIP = [
      "172.16.0.0/12"
      "192.168.0.0/16"
      "10.0.0.0/8"
      "tailc353f.ts.net"
    ];

    fail2ban.bantime-increment = {
      enable = true;
      multipliers = "1 2 4 8 16 32 64 128 256";
      maxtime = "24h";
      overalljails = true;
    };
    tailscale.enable = true;
    openssh.enable = true;
  };
  networking = {
    domain = "";
    hostId = "81238132";
    hostName = "iofq-oracle-x840";
  };
  users.users.root.openssh.authorizedKeys.keys = [
    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDcL53Gdrj5V9YDwKlCBIcgqiS+zHtOQpJlnOHTevJCJ e@t14''
    ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHM4Zr0PFN7QdOG2aJ+nuzRCK6caulrpY6bphA1Ppl8Y e@t14''
  ];
  system.stateVersion = "23.11";
}