{
	network.description = "Cryto";

	osmium = { config, lib, pkgs, ... }: let
		proxiedApplications = [{
			hostname = "pastebin-stream.cryto.net";
			tls = false;
			root = "${pkgs.valgrind.doc}/share/doc/valgrind/html";
			config = ''

			'';
		}];

		generateCaddyHostConfiguration = applications:
			lib.concatStrings (map (application: ''
				${application.hostname} {
					${lib.optionalString (application.tls == false) "tls off"}
					${lib.optionalString (application.root != null) "root ${application.root}"}
					${application.config}
				}
			'') applications);

		pastebinStream = (import ../applications/pastebin-stream.nix);
	in {
		imports = [
			pastebinStream { inherit pkgs; }
		];

		services.caddy = {
			enable = true;
			agree = true;
			email = "admin@cryto.net";
			config = ''
				${generateCaddyHostConfiguration proxiedApplications}
			'';
		};

		networking.firewall.allowedTCPPorts = [ 2015 ];

		environment.systemPackages = with pkgs; [
			htop
		];
	};
}