{
  lib,
  config,
  ...
}: let
  prefix = "meshconfig";

  #define wireguard subnets
  wg_subnets = {
    IPv4 = "10.35.0.1/24";
    IPv6 = "fd1a:acab:cafe:1337::/64";
  };

  #Below is where all hosts are defined
  hosts = {
    wg-gateway = {
      wg = {
        enabled = true;
        pubkey = "lol";
        port = 51820;
      };
      v4 = {
        public = "78.47.226.47";
        # we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
        internal = "10.35.0.1";
      };
      v6 = {
        public = "2a01:4f8:1c1b:d2db::";
        # 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
        internal = "fd1a:acab:cafe:1337:8f4c:68cd";
      };
    };
    supernova = {
      wg = {
        enabled = true;
        pubkey = "lol";
        port = 51820;
      };
      v4 = {
        public = "";
        # we use 10.35.0.0/16 as a range for private subnets, specifically 10.35.0.0/24 for wireguard peers
        internal = "10.35.0.2";
      };
      v6 = {
        public = "";
        # 1aacabcafe is the global ID and 1337 is the wireguard peer subnet ID, resulting in the ULA fd1a:acab:cafe:1337::/64
        internal = "fd1a:acab:cafe:1337:6722:3657";
      };
    };
  };
in {
  options = {
    ${prefix} = {
      network.wg_subnets.IPv4 = lib.mkOption {
        type = str;
        description = "The IPv6 range that wireguard peers will use";
      };
      network.wg_subnets.IPv6 = lib.mkOption {
        type = str;
        description = "The IPv4 range that wireguard peers will use";
      };
      network.hosts = lib.mkOption {
        type = lib.types.set;
        description = "All hosts in this network that this config should be aware of";
      };
    };
  };
  config = {
    ${prefix}.network = {
      inherit hosts wg_subnets;
    };
  };
}