{
  modulesPath,
  lib,
  pkgs,
  ...
}:
{
  imports = [
    # see https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/installer/scan
    (modulesPath + "/installer/scan/not-detected.nix")
    # see https://github.com/NixOS/nixpkgs/tree/master/nixos/modules/profiles
    (modulesPath + "/profiles/headless.nix")
  ];

  boot.loader.grub = {
    # efi? idk experiment if we can leave this away
    efiSupport = true;
    efiInstallAsRemovable = true;

    # main device that grub will boot from
    device = "/dev/nvme0n1";

    # configure second fallback boot partition
    mirroredBoots = [
      {
        devices = [ "/dev/nvme1n1" ];
        path = "/boot-fallback";
      }
    ];

    # dunno, maybe not needed but sounds nice
    zfsSupport = true;
  };

  # use `head -c4 /dev/urandom | od -A none -t x4` or see nixos options docs for more info
  # https://search.nixos.org/options?channel=24.11&show=networking.hostId&from=0&size=50&sort=relevance&type=packages&query=hostid
  networking.hostId = "0a7337de";

  environment.systemPackages = map lib.lowPrio [
    pkgs.curl
    pkgs.gitMinimal
  ];

  services.openssh.enable = true;
  users.users.root.openssh.authorizedKeys.keys = [
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBA4Kpx7RN53V3uINjRj1Ow7p8/SkKGOnqHG3BR9tNXU cardno:25_310_930"
    # add yours
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHDuOIycRP7Ney136ro/doWj1kttJUqmbGz6OC2nia09 michael.huebner@ptspaper.de"
  ];

  system.stateVersion = "24.11";
}