{
  jefke = {
    type = "physical";

    nixosModule = {
      lab = {
        terraformDatabase.enable = true;

        storage = {
          osDisk = "/dev/sda";
          dataPartition = "/dev/nvme0n1p1";
        };

        ssh = {
          useCertificates = true;
          # TODO: automatically set this?
          hostCert = builtins.readFile ./jefke_host_ed25519-cert.pub;
          userCert = builtins.readFile ./jefke_user_ed25519-cert.pub;
        };
      };
    };
  };

  atlas = {
    type = "physical";

    nixosModule = { config, ... }:
      let inherit (config.lab.networking) dmzServicesIPv4 dmzServicesIPv6; in
      {
        lab = {
          networking = {
            # TODO: Ideally, we don't have to set this here.
            staticDMZIPv4Address = "${dmzServicesIPv4}/24";
            staticDMZIPv6Address = "${dmzServicesIPv6}/64";
            dmzServices.enable = true;
          };

          storage = {
            osDisk = "/dev/sda";
            dataPartition = "/dev/nvme0n1p1";
          };

          ssh = {
            useCertificates = true;
            hostCert = builtins.readFile ./atlas_host_ed25519-cert.pub;
            userCert = builtins.readFile ./atlas_user_ed25519-cert.pub;
          };
        };
      };
  };

  lewis = {
    type = "physical";

    nixosModule = {
      lab = {
        dataHost.enable = true;

        storage = {
          osDisk = "/dev/sda";
          dataPartition = "/dev/nvme0n1p1";
        };

        ssh = {
          useCertificates = true;
          hostCert = builtins.readFile ./lewis_host_ed25519-cert.pub;
          userCert = builtins.readFile ./lewis_user_ed25519-cert.pub;
        };
      };
    };
  };

  my-microvm = {
    type = "virtual";
    hypervisorName = "lewis";

    nixosModule = { pkgs, ... }: {
      lab.vmMacAddress = "BA:DB:EE:F0:00:00";

      programs.bash.interactiveShellInit = ''
        echo "Hello world from inside a virtual machine!!" | ${pkgs.lolcat}/bin/lolcat
      '';
    };
  };
}