{ lib, namespace, ... }: with lib; { options.${namespace}.network = with types; { hostName = lib.mkOption { type = str; default = "nixos"; description = "The hostname of the system."; }; ipv4 = { method = mkOption { type = types.str; default = "auto"; description = "Method for IPv4 configuration (auto or manual)."; }; address = lib.mkOption { type = types.str; default = "10.0.1.1/24"; description = "IPv4 address with subnet mask (e.g., 10.0.1.1/24)."; }; gateway = lib.mkOption { type = types.str; default = "10.0.1.1"; description = "IPv4 default gateway."; }; interface = lib.mkOption { type = types.str; default = ""; description = "Interface for the default gateway (required when using networkd)."; }; dns = lib.mkOption { type = types.str; default = "10.0.1.1"; description = "IPv4 DNS server."; }; }; useNetworkd = mkOption { type = types.bool; default = false; description = "Whether to use systemd-networkd for networking."; }; nat = { enable = mkOption { type = types.bool; default = false; description = "Whether to enable NAT."; }; internalInterfaces = mkOption { type = types.listOf types.str; default = [ ]; description = "List of internal interfaces for NAT."; }; externalInterface = mkOption { type = types.str; default = ""; description = "External interface for NAT."; }; enableIPv6 = mkOption { type = types.bool; default = false; description = "Whether to enable IPv6 NAT."; }; }; firewall = { enable = mkOption { type = types.bool; default = true; description = "Whether to enable the firewall."; }; allowPing = mkOption { type = types.bool; default = true; description = "Whether to allow ICMP ping."; }; allowedTCPPorts = mkOption { type = types.listOf types.port; default = [ ]; description = "List of allowed TCP ports."; }; allowedUDPPorts = mkOption { type = types.listOf types.port; default = [ ]; description = "List of allowed UDP ports."; }; trustedInterfaces = mkOption { type = types.listOf types.str; default = [ ]; description = "List of trusted interfaces."; }; }; wifi = { enable = mkOption { type = types.bool; default = true; description = "Whether to enable WiFi configuration."; }; powersave = mkOption { type = types.bool; default = false; description = "Whether to enable WiFi power saving."; }; profiles = mkOption { type = types.attrsOf ( types.submodule { options = { ssid = mkOption { type = types.str; description = "SSID of the WiFi network."; }; psk = mkOption { type = types.str; default = "$PSK"; description = "PSK environment variable for the WiFi password."; }; keyMgmt = mkOption { type = types.str; default = "sae"; description = "Key management type (e.g., sae, wpa-psk)."; }; }; } ); default = { }; description = "WiFi network profiles."; }; }; hostId = mkOption { type = types.str; default = ""; description = "Host ID for ZFS and other services."; }; iwd = { enable = mkOption { type = types.bool; default = false; description = "Whether to enable iwd for wireless networking."; }; settings = mkOption { type = types.attrs; default = { }; description = "Settings for iwd."; }; }; extraFirewallCommands = mkOption { type = types.str; default = ""; description = "Extra commands for the firewall."; }; }; }