{
  pkgs,
  lib,
  config,
  inputs,
  ...
}:
let
  domain = "sourcephile.fr";
  port = 10005;
  ipv4Prefix = "10.0.0";
in
{
  imports = [
    (inputs.julm-nix + "/domains/sourcephile.fr/nebula.nix")
  ];
  services.nebula.networks.${domain} = {
    enable = true;
    listen.port = port;
    isLighthouse = false;
    isRelay = false;
    firewall = {
      outbound = [
        {
          port = "any";
          proto = "any";
          host = "any";
        }
      ];
      inbound = [
        {
          port = "any";
          proto = "any";
          host = "any";
        }
      ];
    };
  };
  networking.nftables.ruleset = '''';
  networking.networkmanager.unmanaged = [ config.services.nebula.networks.${domain}.tun.device ];
  #boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
}