{
  locations = {
    cloud = {
      owner = "yaro";
      subnets = {
        dmz = {
          systems = {
            janus = {
              primary = true;
              macAddresses = [ "AA:BB:CC:DD:EE:FF" ];
            };
          };
        };
        main = {
          systems = {
            metatron = {
              primary = true;
              macAddresses = [ "11:22:33:44:55:66" ];
            };
          };
        };
      };
    };
    home = {
      owner = "yaro";
      subnets = {
        open = {
          managed = false;
          systems = {
            io = {
              useDHCP = true;
              macAddresses = [ "DD:DD:DD:DD:DD:DD" ];
            };
          };
        };
        dmz = {
          isVLAN = true;
          systems = {
            io = {
              primary = true;
              macAddresses = [ "12:34:56:78:9A:BC" ];
            };
            europa = {
              macAddresses = [ "FE:DC:BA:98:76:54" ];
            };
            deimos = {
              primary = true;
              macAddresses = [ "AA:AA:AA:AA:AA:AA" ];
            };
          };
        };
        main = {
          users = [
            "alice"
            "bob"
          ];
          isVLAN = true;
          systems = {
            europa = {
              primary = true;
              macAddresses = [ "BB:BB:BB:BB:BB:BB" ];
            };
            phobos = {
              primary = true;
              macAddresses = [ "CC:CC:CC:CC:CC:CC" ];
            };
            terra = {
              primary = true;
              macAddresses = [ "EE:EE:EE:EE:EE:EE" ];
            };
          };
        };
      };
    };
  };

  systems = {
    janus = {
      owner = "yaro";
      nixOS = true;
      role = "infrastructure";
      tags = [ "router" "linode" ];
      services = [ "nginx-proxy" "headscale" ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    metatron = {
      owner = "yaro";
      nixOS = true;
      role = "server";
      tags = [ "server" "linode" "upstream" ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    io = {
      owner = "yaro";
      nixOS = true;
      role = "infrastructure";
      tags = [ "router" "downstream" ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    europa = {
      owner = "yaro";
      nixOS = true;
      role = "infrastructure";
      tags = [ "router" "downstream" ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    deimos = {
      owner = "yaro";
      nixOS = true;
      role = "server";
      tags = [ "server" ];
      servicesPlane = "janus";
      hostPlane = "deimos";
      services = [
        "nextcloud"
        "yaro-site"
        "vaultwarden"
        "jellyfin"
        "forgejo"
        "headscale"
      ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    phobos = {
      owner = "yaro";
      nixOS = true;
      role = "server";
      tags = [ "server" ];
      servicesPlane = "deimos";
      services = [
        "mosquitto"
        "home-assistant"
        "sandbox"
        "node-red"
      ];
      config = { ... }: {
        # NixOS config here, or use a path to one.
      };
    };
    terra = {
      owner = "yaro";
      nixOS = false;
      role = "infrastructure";
    };
  };

  users = {
    yaro = { };
    alice = { };
    bob = { };
  };

  group = {
    userGroups = {
      programmers = {
        config = { ... }: {
          # Home-manager config here, or use a path to one.
        };
      };
    };
    systemGroups = {
      storage = {
        services = [
          "nfs"
          "isci"
        ];
        config = { ... }: {
          # Home-manager config here, or use a path to one.
        };
      };
    };
  };
}