{ privateFiles ? ./. }:
{
  network = {
    description = "Immae's network";
    enableRollback = true;
  };

  eldiron = { config, pkgs, mylibs, myconfig, ... }:
  {
    _module.args = {
      pkgsNext = import <nixpkgsNext> {};
      pkgsPrevious = import <nixpkgsPrevious> {};
      mylibs = import ../libs.nix { nixpkgs = pkgs; };
      mypkgs = import ../default.nix;
      myconfig = {
        inherit privateFiles;
        env = import "${privateFiles}/environment.nix";
        ips = {
          main = "176.9.151.89";
          production = "176.9.151.154";
          integration = "176.9.151.155";
        };
      };
    };

    imports = [
      ./modules/ssh
      ./modules/certificates.nix
      ./modules/gitolite
      ./modules/databases
      ./modules/mpd
      ./modules/websites
      ./modules/mail
      ./modules/ftp
      ./modules/pub
      ./modules/task
      ./modules/irc
      ./modules/buildbot
    ];
    services.myGitolite.enable = true;
    services.myDatabases.enable = true;
    services.myWebsites.production.enable = true;
    services.myWebsites.integration.enable = true;
    services.myWebsites.tools.enable = true;
    services.pure-ftpd.enable = true;
    services.irc.enable = true;
    services.pub.enable = true;
    services.myTasks.enable = true;
    services.buildbot.enable = true;

    services.journald.extraConfig = ''
      MaxLevelStore="warning"
      MaxRetentionSec="1year"
      '';
    networking.firewall.enable = true;

    deployment = {
      targetEnv = "hetzner";
      hetzner = {
        robotUser = myconfig.env.hetzner.user;
        robotPass = myconfig.env.hetzner.pass;
        mainIPv4 = myconfig.ips.main;
        partitions = ''
          clearpart --all --initlabel --drives=sda,sdb

          part swap1 --recommended --label=swap1 --fstype=swap --ondisk=sda
          part swap2 --recommended --label=swap2 --fstype=swap --ondisk=sdb

          part raid.1 --grow --ondisk=sda
          part raid.2 --grow --ondisk=sdb

          raid / --level=1 --device=md0 --fstype=ext4 --label=root raid.1 raid.2
        '';
      };
    };

    environment.systemPackages = [
      pkgs.telnet
      pkgs.htop
      pkgs.vim
    ];

    services.cron = {
      enable = true;
      systemCronJobs = [
        ''
          # The star after /var/lib/* avoids deleting all folders in case of problem
          0 3,9,15,21 * * * root rsync -e "ssh -i /root/.ssh/id_charon_vpn" -aAXvz --delete --numeric-ids --super --rsync-path="sudo rsync" /var/lib/* immae@immae.eu: > /dev/null
        ''
      ];
    };

    # This value determines the NixOS release with which your system is
    # to be compatible, in order to avoid breaking some software such as
    # database servers. You should change this only after NixOS release
    # notes say you should.
    system.stateVersion = "18.09"; # Did you read the comment?
  };
}