{
  networking = {
    useNetworkd = true;
    hostName = "109-199-104-83";
    firewall = {
      enable = true;
      allowedTCPPorts = [80 443];
      allowedUDPPorts = [80 443];
    };
  };

  # the following is from nixos-bite

  # netif=$(ip -6 route show default | sed -r 's|.*default.+?dev ([a-z0-9]+).*|\1|' | head -n1)
  # netifx=enx$(ip link show dev "$netif" | grep link/ether | sed -r 's|.*link/ether ([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}):([a-f0-9]{2}).*|\1\2\3\4\5\6|')
  # netip6=$(ip -6 address show dev "$netif" scope global | sed -z -r 's|.*inet6 ([0-9a-f:]+)/([0-9]+).*|"\1/\2"|')
  # netgw6=$(ip -6 route show dev "$netif" default | sed -r 's|.*default.+?via ([0-9a-f:]+).*|"\1"|' | head -n1)
  # netip4=$(ip -4 address show dev "$netif" scope global | sed -z -r 's|.*inet ([0-9.]+)/([0-9]+).*|"\1/\2"|')
  # netgw4=$(ip -4 route show dev "$netif" default | sed -r 's|.*default.+?via ([0-9.]+).*|"\1"|' | head -n1)

  # route=""
  # [[ -n "${netgw4}" ]] && route="$route { Gateway = $netgw4; GatewayOnLink = true; }"
  # [[ -n "${netgw6}" ]] && route="$route { Gateway = $netgw6; }"

  # dns='"2620:fe::fe" "9.9.9.9"'

  #  systemd.network = {
  #    enable = true;
  #    networks."40-wan" = {
  #      matchConfig.name = "enx0050565f4fff";
  #      address = ["2a02:c207:2299:8419::1/64" "109.199.104.83/20"];
  #      routes = [
  #        {
  #          Gateway = ["109.199.96.1" "fe80::1"];
  #          GatewayOnLink = true;
  #        }
  #      ];
  #      dns = ["9.9.9.9" "2620:fe::fe"];
  #    };
  #  };
  services.cloud-init = {
    enable = true;
    network.enable = true;
  };
}