{ config, pkgs, pkgs-unstable, secret, ... }:

{
	imports = [
		./hardware-configuration.nix
		./nginx.nix
	];

	environment.systemPackages = with pkgs; [
		pkgs-unstable.sing-box
	];
	
	services.yggdrasil.persistentKeys = true;
	networking.firewall.allowedTCPPorts = [ 443 ];
}