{ lib, config, ... }: {
  networking = {
    hostName = config.syscfg.hostname;
    useDHCP = true;
    nameservers = [ "1.1.1.1" "9.9.9.9" ];

    extraHosts = ''
      ${lib.concatStringsSep "\n" config.syscfg.extra.hosts}
    '';

    proxy = lib.mkIf (config.syscfg.extra.proxy.domain != "") {
      default = "http://${config.syscfg.extra.proxy.domain}:${config.syscfg.extra.proxy.port or "8080"}";
      noProxy = "${config.syscfg.extra.proxy.noProxy}";
    };


    firewall = { 
      enable = true;
      allowedUDPPorts = 
        (if (config.syscfg.server != false && config.syscfg.server.wireguard) then [ 1515 ] else [ ]) ++ 
        (if (config.syscfg.server != false && config.syscfg.server.web) then [ 80 443 22 ] else [ ]) ++ 
        [ ];

      allowedTCPPorts = 
        (if (config.syscfg.server != false && config.syscfg.server.web) then [ 80 443 22 ] else [ ]) ++ 
        (if (config.syscfg.server != false) then [ 5432 6379 8181 ] else [ ]) ++ 
        [ ];
    };
  };
}