{ ... }:
{
  imports = [
    <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
  ];

  boot.loader.grub.device = "/dev/sda";
  boot.cleanTmpDir = true;

  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; label = "root"; };

  networking.firewall.allowPing = true;
  networking.hostName = (builtins.readFile (builtins.fetchurl "http://169.254.169.254/hetzner/v1/metadata/hostname"));

  services.openssh.enable = true;
  services.cloud-init.enable = true;

  security.sudo.wheelNeedsPassword = false;

  #  The created service `nixos-rebuild.service` can be used to trigger an unattended configuration change
  #  See https://nixos.org/manual/nixos/stable/#sec-changing-config
  #
  #  `systemctl start nixos-rebuild` := `nixos-rebuild switch`
  systemd.services.nixos-rebuild = {
    serviceConfig.Type = "oneshot";
    postStart = "systemctl stop socket-nixos-rebuild-trigger.service && systemctl restart socket-nixos-rebuild-trigger.socket";
    script = ''
        /run/current-system/sw/bin/nixos-rebuild switch -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs -I nixos-config=/etc/nixos/configuration.nix
    '';

  };

  systemd.services.socket-nixos-rebuild-trigger = {
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = "yes";
    };
    after = [ "socket-nixos-rebuild-trigger.socket" ];
    requires = [ "socket-nixos-rebuild-trigger.socket" ];
    script = ''
      systemctl start nixos-rebuild
    '';
  };

  systemd.sockets.socket-nixos-rebuild-trigger = {
    listenStreams = [ "10.0.1.51:4444" ];
    partOf = [ "socket-nixos-rebuild-trigger.service" ];
    wantedBy = [ "sockets.target" ];
  };

  users.extraUsers.operator = {
    isNormalUser = true;
    uid = 1000;
    extraGroups = [ "wheel" ];
    openssh.authorizedKeys.keys = [
      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDCAOgDVmgLQ1tEiE7kXoLu14wLW0LoYbNPsKae0DlMeWJe6JcR8HkQnSZm3aFEt30SmaFDtXcw3fyur0wByrIh0cFMUsdiO4e4B+Gke/vTc4/51rfjjzsA/1zipWnD5Yf0lO6KqE6Vm2uTejJ7NIRume3c2nlLCZ/Ajt0GqYwIuMOOGZSA5o/pNKiH88GyW9C+kI0kIOwswMHHQ5bFmpWttTy8JNI0iC4FzcQrAFIMUPTsM2kphJyqTPMGoztzRX64HSfmdr43MfLEWtIWvUXcYiazXFCTfXrStUS/z1GN2kOGvmr6fcC4MX3zhJF9WETRjM0VTFHJbERAQOmw3P87oAK759l0eHGiS7bbmX2hNLz6LLOCmPpaih5TaFp3NjMnVlEd1bGzZC4mgmFqxMUtx8Uqyd3zr3Wlp+u4zHaNiNhZo0USsIzagcdmeGIuXT1deyjnpbJVesixTMcttm6rlhVd4/McO972bP+4qtPSVZcGZd6d01TgK16fXp1WybuO6SpaLUIYcnimM+/zeanJkfgtA419xkZqEHvBf80/RTqmX/NTree8vHBVFSxla2Ru4RDBpGnbDKUYpRFeP9SMSkpGtdjZK45U7ffikK+UdXr24Nl6NFeFFs/PW5gOibfPzTJwpLqeu4E8xXXyakRSHW8aa+BtuV8WKFB4e/4dSQ==" 
    ];
  };
}