{
  lib,
  sources ? import ../../../npins,
  ...
}:
{
  mkNixosConfiguration =
    environment: requests:
    { ... }:
    {
      imports = [
        ../common/sharedOptions.nix
        ../common/targetNode.nix
        "${sources.nixpkgs}/nixos/modules/profiles/minimal.nix"
        "${sources.nixpkgs}/nixos/modules/profiles/qemu-guest.nix"
        # systemd-repart
        # ../../../infra/common/nixos/repart.nix
        # disko
        "${sources.disko}/module.nix"
        ../../../infra/common/proxmox-qemu-vm.nix
      ];

      nixpkgs.hostPlatform = "x86_64-linux";

      system.stateVersion = "25.05";
      services.qemuGuest.enable = true;
      systemd.services.qemu-guest-agent = {
        wants = [ "network-online.target" ];
        after = [ "network-online.target" ];
      };

      services.openssh = {
        enable = true;
        settings.PasswordAuthentication = false;
      };
      networking = {
        firewall.enable = false;
        useDHCP = false;
        usePredictableInterfaceNames = false;
        useNetworkd = true;
        nameservers = [
          "95.215.185.6"
          "95.215.185.7"
          "2a00:51c0::5fd7:b906"
          "2a00:51c0::5fd7:b907"
        ];
      };

      services.cloud-init = {
        enable = true;
        network.enable = true;
      };

      users.mutableUsers = false;
      users.users =
        {
          root = {
            openssh.authorizedKeys.keys = [
              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFZsldWMEsajYysjYsEpNvMOjO4D8L21pTrfQS1T+Hfy"
            ];
          };
        }
        // environment.config.resources."operator-environment".login-shell.apply {
          resources = lib.filterAttrs (_name: value: value ? login-shell) (
            lib.concatMapAttrs (
              k': req: lib.mapAttrs' (k: lib.nameValuePair "${k'}.${k}") req.resources
            ) requests
          );
        };
    };
}