{ config, pkgs, lib, ... }:

{
  imports = [
    ./netboot-base.nix
    ../modules  # Import PlasmaCloud service modules
  ];

  # ============================================================================
  # WORKER NODE PROFILE
  # ============================================================================
  # This profile includes compute-focused services for a worker node:
  # - PlasmaVMC: Virtual machine control plane (for running VMs)
  # - NovaNET: Software-defined networking (for VM networking)
  #
  # Worker nodes are designed for running tenant workloads (VMs, containers)
  # and do not run the core distributed services (Chainfire, FlareDB, IAM).
  #
  # Services are DISABLED by default in the netboot image.
  # They will be enabled in the final installed system configuration.
  # ============================================================================

  # ============================================================================
  # SERVICE PACKAGE AVAILABILITY
  # ============================================================================
  # Make worker service packages available in the netboot image
  environment.systemPackages = with pkgs; [
    plasmavmc-server
    novanet-server

    # Additional tools for worker nodes
    qemu               # For running VMs
    libvirt            # Virtualization management
    bridge-utils       # Network bridge configuration
    openvswitch        # Software-defined networking
  ];

  # ============================================================================
  # PLASMAVMC CONFIGURATION (DISABLED)
  # ============================================================================
  services.plasmavmc = {
    enable = lib.mkDefault false;
    port = 8081;
  };

  # ============================================================================
  # NOVANET CONFIGURATION (DISABLED)
  # ============================================================================
  services.novanet = {
    enable = lib.mkDefault false;
    port = 8082;
  };

  # ============================================================================
  # VIRTUALIZATION SUPPORT
  # ============================================================================
  # Enable KVM virtualization
  boot.kernelModules = [ "kvm-intel" "kvm-amd" ];

  # Enable nested virtualization
  boot.extraModprobeConfig = ''
    options kvm_intel nested=1
    options kvm_amd nested=1
  '';

  # ============================================================================
  # NETWORKING CONFIGURATION
  # ============================================================================
  # Enable Open vSwitch for SDN
  networking.vswitches = lib.mkDefault {};

  # Open firewall ports for worker services
  networking.firewall.allowedTCPPorts = [
    # PlasmaVMC
    8081

    # NovaNET
    8082

    # QEMU/LibVirt
    16509  # libvirtd
    5900   # VNC (for VM console access)
  ];

  networking.firewall.allowedUDPPorts = [
    # VXLAN for overlay networking
    4789
  ];

  # ============================================================================
  # STORAGE CONFIGURATION
  # ============================================================================
  # Enable LVM for flexible storage management
  services.lvm.enable = true;

  # Enable ZFS if needed for VM storage
  boot.supportedFilesystems = [ "ext4" "xfs" "btrfs" "zfs" ];

  # ============================================================================
  # RESOURCE LIMITS
  # ============================================================================
  # Worker nodes should dedicate most resources to tenant workloads
  # Minimal resource limits for management services
  systemd.services.plasmavmc.serviceConfig = lib.mkIf config.services.plasmavmc.enable {
    MemoryMax = "256M";
    CPUQuota = "25%";
  };

  systemd.services.novanet.serviceConfig = lib.mkIf config.services.novanet.enable {
    MemoryMax = "256M";
    CPUQuota = "25%";
  };

  # ============================================================================
  # PERFORMANCE TUNING
  # ============================================================================
  # Optimize for VM workloads
  boot.kernel.sysctl = {
    # Increase max number of open files
    "fs.file-max" = 1000000;

    # Increase network buffer sizes
    "net.core.rmem_max" = 134217728;
    "net.core.wmem_max" = 134217728;

    # Enable IP forwarding for VM networking
    "net.ipv4.ip_forward" = 1;
    "net.ipv6.conf.all.forwarding" = 1;

    # Optimize for high-performance networking
    "net.core.netdev_max_backlog" = 5000;
  };
}