{
  lib,
  pkgs,
  ...
}: let
  # gives some output like:
  # Address = [
  #   "10.10.10.10/32"
  #   ":::1746/128"
  # ];
  # AllowedIPs = [
  #   "0.0.0.0/0"
  #   "::0/0"
  # ];
  # DNS = [
  #   "10.64.0.1"
  # ];
  # Endpoint = [
  #   "1.2.3.4:51820"
  # ];
  # PrivateKey = [
  #   "xxx"
  # ];
  # PublicKey = [
  #   "xxx"
  # ];
  inherit (lib) mapAttrs' mapAttrs mapAttrsToList listToAttrs splitString filter filterAttrs length head last;
  inherit (builtins) readFile readDir;
  # parseMullvad = file: {
  #   name = head (splitString "." file);
  #   value = listToAttrs (map (entry: {
  #       name = head entry;
  #       value = splitString "," (last entry);
  #     })
  #     (filter (entry: (length entry) == 2)
  #       (map (line: splitString " = " line)
  #         (splitString "\n" (readFile ../../mullvad/${file})))));
  # };
  # definitions =
  #   map parseMullvad (getFiles ../../mullvad);
  getFiles = path:
    mapAttrsToList (n: v: n)
    (filterAttrs (n: v: v == "regular")
      (readDir path));
in {
  environment.systemPackages = [pkgs.wireguard-tools.out];
  networking.wg-quick.interfaces = listToAttrs (map (f: rec {
      name = head (splitString "." f);
      value = {
        autostart =
          if (name == "au-syd-wg-101")
          then true
          else false;
        configFile = builtins.toString ../../mullvad/${f};
      };
    })
    (getFiles
      ../../mullvad));
  # listToAttrs (map ({
  #     name,
  #     value,
  #   }: {
  #     inherit name;
  #     value = {
  #       address = value.Address;
  #       peers = [
  #         {
  #           allowedIPs = value.AllowedIPs;
  #           endpoint = head value.Endpoint;
  #           publicKey = head value.PublicKey;
  #         }
  #       ];
  #       privateKey = head value.PrivateKey;
  #       autostart =
  #         if (name == "au-syd-wg-101")
  #         then true
  #         else false;
  #     };
  #   })
  #   definitions);
}