let
  #TODO: meta
  vlansPlan = {
    "uplink-cri".id = 223;

    "admin-core" = {
      id = 3000;
      l3-interface = "irb.0";
    };
    "admin-ap".id = 3001;
    "users".id-list = [
      {
        begin = 3045;
        end = 4094;
      }
    ];

    "ap-staging".id = 2000;
  };
  #TODO: additionnal module (always the same for APs)
  AP-staging = {
    poe = true;
    ethernet-switching = {
      interface-mode = "access";
      vlans = [ "ap-staging" ];
    };
  };
in
{ name, ... }:
{
  vlans = vlansPlan;
  system = {
    # TODO: use meta, in default
    host-name = name;
    services.ssh.root-login = "deny-password";
    root-authentication = {
      hashedPasswd = "$6$BKetIIfT$JVyE0B7F4O.fJwQFu5jVrVExAZROrEMLW5HkDkhjMShJ9cRIgxSm2VM9OThDowsnLmAewqDN7eAY.EQt4UR4U0";
      ssh-keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
      ];
    };
  };
  dgn-interfaces = {
    # "ge-0/0/0" = AP-staging;
    # "ge-0/0/1" = AP-staging;
    # "ge-0/0/2" = AP-staging;
    # "ge-0/0/3" = AP-staging;
    "ge-0/0/4" = AP-staging;
    # "ge-0/0/5" = AP-staging;
    # "ge-0/0/6" = AP-staging;
    # "ge-0/0/7" = AP-staging;
    # "ge-0/0/8" = AP-staging;
    # "ge-0/0/9" = AP-staging;
    # "ge-0/0/10" = AP-staging;
    # "ge-0/0/11" = AP-staging;
    # "ge-0/0/12" = AP-staging;
    # "ge-0/0/13" = AP-staging;
    # "ge-0/0/14" = AP-staging;
    # "ge-0/0/15" = AP-staging;
    # "ge-0/0/16" = AP-staging;
    # "ge-0/0/17" = AP-staging;

    # oob
    "ge-0/0/42".ethernet-switching = {
      interface-mode = "trunk";
      vlans = [ "all" ];
    };
    # AP de test
    "ge-0/0/43" = {
      poe = true;
      ethernet-switching = {
        interface-mode = "access";
        vlans = [ 4000 ];
      };
    };
    # uplink oob
    "ge-0/0/46".ethernet-switching = {
      interface-mode = "access";
      vlans = [ 222 ];
      rstp = false;
    };
    # ilo
    "ge-0/0/47".ethernet-switching = {
      interface-mode = "access";
      vlans = [ "admin-core" ];
    };

    # router
    "xe-0/1/0".ethernet-switching = {
      interface-mode = "trunk";
      vlans = [ "all" ];
    };
    # netaccess01
    "xe-0/1/1".ethernet-switching = {
      interface-mode = "trunk";
      vlans = [
        "users"
        "ap-staging"
        "admin-ap"
        "admin-core"
      ];
    };
    # netcore01 (Potos)
    "xe-0/1/2".ethernet-switching = {
      interface-mode = "access";
      vlans = [
        "ap-staging"
      ];
    };
    # uplink
    "ge-0/1/3".ethernet-switching = {
      interface-mode = "trunk";
      vlans = [ "uplink-cri" ];
    };

    # management
    "me0".inet.addresses = [ "192.168.42.6/24" ];
    "irb".inet6.addresses = [ "fd26:baf9:d250:8000::1001/64" ];
  };
}