{
  config,
  pkgs,
  ...
}:
{
  imports = [
    ./options
    ./secrets
  ];

  environment = {
    persistence."/persist" = {
      "/var/lib/containerd" = { };
      "/var/lib/kubernetes" = { };
      "/var/lib/kubelet" = { };
      "/var/lib/etcd" = { };
    };

    etc."kubeconfig".source = config.services.kubernetes.kubeconfigs.admin;
    systemPackages = with pkgs; [ kubectl ];
  };

  services = {
    kubernetes = {
      enable = true;

      roles = [
        "master"
        "node"
      ];
    };
  };

  systemd.services = {
    kube-addon-manager.after = [
      config.environment.persistence."/persist"."/var/lib/kubernetes".mount
    ];

    kubelet.after = [
      config.environment.persistence."/persist"."/var/lib/kubelet".mount
    ];

    kube-apiserver.after = [
      config.environment.persistence."/persist"."/var/lib/kubernetes".mount
    ];

    etcd.after = [
      config.environment.persistence."/persist"."/var/lib/etcd".mount
    ];
  };
}