{
  pkgs,
  lib,
  config,
  inputs,
  hostName,
  hosts,
  ...
}:
let
  domain = "sourcephile.fr";
  iface = config.services.nebula.networks.${domain}.tun.device;
  aubergine = import ../aubergine/networking/names-and-numbers.nix;
in
{
  imports = [
    ../../domains/sourcephile.fr/nebula.nix
  ];
  services.nebula.networks.${domain} = {
    listen.port = 10008;
    firewall = {
      inbound = [
        {
          port = "any";
          proto = "any";
          groups = [
            "sourcephile"
            "intra"
          ];
        }
      ];
      outbound = [
        {
          port = "any";
          proto = "any";
          host = "any";
        }
      ];
    };
    staticHostMap = {
      # Speed up discovering of aubergine at startup
      "10.0.0.6" = [
        "${aubergine.eth2IPv4}.1:${
          toString hosts.aubergine.config.services.nebula.networks.${domain}.listen.port
        }"
      ];
    };
    settings = {
      punchy = {
        punch = true;
        respond = true;
      };
    };
  };
  networking.nftables.ruleset = ''
    table inet filter {
      chain input-${iface} {
      }
      chain output-${iface} {
        tcp dport 9091 counter accept comment "Transmission RPC"
        counter accept
      }
    }
  '';
}