{ pkgs, config, lib, modulesPath, microvm, disko, agenix, machines, ... }: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
    microvm.nixosModules.host
  ];

  config = {
    boot = {
      kernelModules = [ "kvm-intel" ];
      extraModulePackages = [ ];

      initrd = {
        availableKernelModules = [
          "ahci"
          "xhci_pci"
          "nvme"
          "usbhid"
          "usb_storage"
          "sd_mod"
          "sdhci_pci"
        ];
        kernelModules = [ ];
      };

      loader = {
        systemd-boot.enable = true;
        efi.canTouchEfiVariables = true;
      };
    };

    nixpkgs = {
      config.allowUnfree = true;
      hostPlatform = "x86_64-linux";
    };

    hardware.cpu.intel.updateMicrocode = config.hardware.enableRedistributableFirmware;

    age.identityPaths = [ "/etc/age_ed25519" ];

    virtualisation.libvirtd.enable = true;

    nix = {
      package = pkgs.nixFlakes;
      extraOptions = ''
        experimental-features = nix-command flakes
      '';
    };

    system = {
      stateVersion = "23.05";

      activationScripts.diff = ''
        if [[ -e  /run/current-system ]]; then
          ${pkgs.nix}/bin/nix store diff-closures /run/current-system "$systemConfig"
        fi
      '';
    };

    microvm.vms =
      let
        vmsForHypervisor = lib.filterAttrs (n: v: v.type == "virtual" && v.hypervisorName == config.networking.hostName) machines;
      in
      builtins.mapAttrs
        (name: vm:
          {
            # TODO Simplify?
            specialArgs = { inherit agenix disko pkgs lib microvm; machine = vm; hypervisorConfig = config; };
            config.imports = [
              ./.
              { networking.hostName = name; }
            ];
          }
        )
        vmsForHypervisor;
  };
}