{ config, pkgs, lib, ... }:
{
  # Host Firewall
  networking.firewall.allowedUDPPorts = [ 8211 ];
  #networking.nat = {
    #enable = true;
    #enableIPv6 = true;
    #externalInterface = "eth0";
    #internalInterfaces = [ "microvm" ];
  #};

  microvm.vms.palworld-server = {
    # Basic Requirements
    # https://docs.palworldgame.com/getting-started/requirements
    #hypervisor = "qemu";
    vcpu = 4;
    memory = 16348;

    # Networking
    interfaces = [{ type = "user"; id = "main-net"; }];

    # Interface Name on the Host
    # Ethernet Address of MicroVM's interface.
    # Locally administered have one of 2/6/A/E in the second nibble.
    #interfaces = [{type = "tap";id = "vm-palworld";mac = "02:00:00:00:00:01";}];
    #forwardPorts = [
      #{ proto = "udp"; from = "host"; host.port = 8211; guest.port = 8211; }
      # Optional: If you need RCON or other ports, add them here
      # { proto = "tcp"; from = "host"; host.port = 25575; guest.port = 25575; }
    #];

    # Persistent Data
    sharedDirectories = [
      {
        source = "/var/lib/palworld-data";
        target = "/var/lib/palworld-server";
        readonly = false;
      }
    ];

    # VM NixOS Configuration
    config = {
      imports = [ pkgs.nixosModules.notDetected ];

      networking.hostName = "palworld-vm";
      time.timeZone = "America/Chicago";

      environment.systemPackages = with pkgs; [
        steamcmd
        #glibc
        #gnumake
        #cff
      ];

      # Pre-VM-Start
      binScripts.tap-up = lib.mkAfter ''
        ${lib.getExe' pkgs.iproute2 "ip"} link set dev 'vm-ixp-as11201p' master 'ixp-peering'
      '';

      # Service Definition
      systemd.services.palworld-dedicated = {
        description = "Palworld Dedicated Server";
        wantedBy = [ "multi-user.target" ];
        after = [ "network.target" ];
        serviceConfig = {
          Type = "simple";
          User = "palworld";
          Group = "palworld";
          # Working Directory points to where steamcmd installs the server
          WorkingDirectory = "/var/lib/palworld-server/Pal/Binaries/Win64";
          ExecStart = ''
            ${pkgs.steam-run}/bin/steam-run ${pkgs.bash}/bin/bash -c '\
              ${pkgs.steamcmd}/bin/steamcmd \
              +force_install_dur /var/lib/palworld-server \
              +login anonymous \
              +app_update 2394010 validate \
              +quit \
            && \
              ./PalServer.sh -userperfthreads -NoAsyncLoadingThread -UseNvidiaServers -nosteamclient \
                -Players=8 -Port=8211 -queryport=27015 -PublicPort=8211 -PublicIP=\"\" -RCONEnabled=False
            '
          '';
          Restart = "on-failure";
          RestartSec = "5s";
          LimitNPROC = 10000;
          LimitNOFILE = 100000;
        };
      };

      # User and Group Configuration
      users.users.palworld = {
        isSystem = true;
        group = "palworld";
        createHome = false;
      };
      users.groups.palworld = {};

      # Firewall Configuration
      networking.firewall.allowedUDPPorts = [ 8211 ];

      # Ensure correct permissions for shared directory
      systemd.tmpfiles.rules = [
        "d /var/lib/palworld-server 0755 palworld palworld -"
      ];
    };
  };
}