rec {
  # interfaces
  wan-if           = "enp5s0";
  vpn-if           = "wg0";

  # nets
  lan-net          = "10.0.0.0/24";
  vpn-net          = "10.3.0.0/24";
  external_lan-net = "192.168.1.0/24";

  # ips
  architect-lan    = "10.0.0.250";
  dvr-lan          = "10.0.0.2";
  nas-lan          = "10.0.0.3";

  architect-wg     = "10.3.0.1";
  galuminum-wg     = "10.3.0.2";
  oneplus-wg       = "10.3.0.3";
  ipad-wg          = "10.3.0.4";
  manduria-wg      = "10.3.0.5";
  antonio-wg       = "10.3.0.6";
  gbeast-wg        = "10.3.0.7";
  parisaphone-wg   = "10.3.0.8";
  parisapc-wg      = "10.3.0.9";
  peppiniell-wg    = "10.3.0.10";
  padulino-wg      = "10.3.0.11";
  shield-wg        = "10.3.0.12";
  angelino-wg      = "10.3.0.13";
  pepos_one-wg     = "10.3.0.14";
  pepos_two-wg     = "10.3.0.15";
  salvatore-wg     = "10.3.0.16";
  papa-wg          = "10.3.0.17";
  defy-wg          = "10.3.0.18";
  germano-wg       = "10.3.0.19";
  eleonora-wg      = "10.3.0.100";
  broccolino-wg    = "10.3.0.200";
  hotpottino-wg    = "10.3.0.201";

  # groups
  gdevices-wg      = [ galuminum-wg oneplus-wg ipad-wg gbeast-wg peppiniell-wg padulino-wg angelino-wg ];
  routers-wg       = [ hotpottino-wg broccolino-wg ];
  c2c-wg           = [ ] ++ gdevices-wg;
  towan-wg         = [ shield-wg parisaphone-wg parisapc-wg ] ++ gdevices-wg ++ routers-wg;

  # domains
  sonarrdomain = "htson.giugl.io";
  radarrdomain = "htrad.giugl.io";
  bazarrdomain = "htbaz.giugl.io";
  nzbgetdomain = "htnzb.giugl.io";
  mediadomain = "media.giugl.io";
  gitdomain = "git.giugl.io";
  nextclouddomain = "cloud.giugl.io";
  miniodomain = "s3.giugl.io";
  clouddomain = "cloud.giugl.io";
}