{
  inputs,
  configVars,
  lib,
  ...
}: let
  # Disko setup
  fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
  dev = "/dev/disk/by-id/wwn-0x5001b448b5f7cc7f";
  encrypted = false; # currrently only applies to btrfs
  btrfsMountDevice =
    if encrypted
    then "/dev/mapper/crypted"
    else "/dev/root_vg/root";

  impermanence = true;

  pubKeys = lib.filesystem.listFilesRecursive ../common/users/keys;
  piholeIp = configVars.networking.addresses.pihole.ip;
  gatewayIp = configVars.networking.addresses.gateway.ip;
  merlinIp = configVars.networking.addresses.merlin.ip;
in {
  imports = [
    # Create users for this host
    ../common/users/admin

    # Disk configuration
    inputs.disko.nixosModules.disko
    (import ../common/disks {
      device = dev;
      impermanence = impermanence;
      fsType = fsType;
      encrypted = encrypted;
    })

    # Impermanence
    (import ../common/disks/btrfs/impermanence.nix {
      btrfsMountDevice = btrfsMountDevice;
      lib = lib;
    })

    # Import core options
    ./hardware-configuration.nix
    ../common/core

    # Import optional options
    ../common/optional/openssh.nix
  ];

  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
      timeout = 3;
    };
  };

  users.users = {
    root = {
      openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
    };
  };

  networking = {
    hostName = "merlin";
    nameservers = ["${piholeIp}" "${gatewayIp}" "8.8.8.8"];
    defaultGateway = "${gatewayIp}";
    useDHCP = false;
    bridges = {
      br0 = {
        interfaces = ["eth0"];
      };
    };
    interfaces.br0 = {
      ipv4.addresses = [
        {
          "address" = "${merlinIp}";
          "prefixLength" = 24;
        }
      ];
    };
  };

  boot.supportedFilesystems = ["zfs"];
  boot.zfs.forceImportRoot = false;
  networking.hostId = "18aec5d7";
  boot.zfs.extraPools = ["deepzfs"];

  services.libinput.enable = true;
}