{ pkgs, ... }:
{
  # Services configs
  services = {
    tailscale = {
      enable = true;
      openFirewall = true;
      useRoutingFeatures = "client";
      extraUpFlags = [
        "--advertise-exit-node"
        "--accept-dns=false"
        "--advertise-routes=10.0.1.0/24"
        "--hostname=jallen-nas"
      ];
      extraSetFlags = [
        "--advertise-exit-node"
        "--hostname=jallen-nas"
        "--webclient"
      ];
      # authKeyFile = "/media/nas/main/nix-app-data/tailscale/auth";
    };

    postgresql = {
      enable = true;
      package = pkgs.postgresql_16;
      dataDir = "/media/nas/main/nix-app-data/postgresql";
      ensureDatabases = [ "authentik" ];
      ensureUsers = [
        {
          name = "authentik";
          ensureDBOwnership = true;
        }
      ];
    };

    redis = {
      servers = {
        authentik = {
          enable = true;
          port = 6379;
        };

        manyfold = {
          enable = true;
          port = 6380;
        };
      };
    };

  };
}