{
  config,
  lib,
  inputs,
  pkgs,
  ...
}:
{

  mods = {
    tailscale.enable = true;
    flakePath = "/etc/nixos";
  };

  services = {
    netbird.enable = true;
    netbird.ui.enable = true;
  };

  networking.nftables.enable = true;
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [
      47984
      47989
      48910
    ];

    allowedUDPPortRanges = [
      {
        from = 47998;
        to = 48000;
      }
      {
        from = 48002;
        to = 48010;
      }
    ];
    trustedInterfaces = [ "tailscale0" ];
    allowedUDPPorts = [ config.services.tailscale.port ];
  };

  ## Configuraçao de Docker

  boot.kernel.sysctl = {
    "net.ipv4.ip_unprivileged_port_start" = 53;
    "net.ipv6.conf.all.forwarding" = true;
  };

  users.users.gui.extraGroups = [ "docker" ];
  users.groups.docker.gid = 131;
  virtualisation.docker = {
    enable = true;
  };

  services.openssh = {
    enable = true;
    settings = {
      PermitRootLogin = "yes";
      PasswordAuthentication = false;
    };
  };

  services.sunshine = {
    enable = true;
    autoStart = true;
    capSysAdmin = true;
    openFirewall = true;

  };

}