{
  description = "NixOS configuration with nix-bitcoin";

  inputs = {
    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; # mempool error: Node.js 18.x has reached End-Of-Life and has been removed
    nixpkgs-2411.url = "github:NixOS/nixpkgs/nixos-24.11";
    nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
    nix-bitcoin.url = "github:fort-nix/nix-bitcoin/release";
    nix-bitcoin.inputs.nixpkgs.follows = "nixpkgs";
  };

  outputs = { self, nixpkgs, nixpkgs-unstable, nixpkgs-2411, nix-bitcoin }: {
 
    nixosConfigurations.squirtle = nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      specialArgs = {
        unstablePkgs = import nixpkgs-unstable {
          system = "x86_64-linux";
        };
        deprecatedPkgs = import nixpkgs-2411 {
          system = "x86_64-linux";
        };
      };
      modules = [
        ./configuration.nix
        
        ({ config, pkgs, lib, unstablePkgs, deprecatedPkgs, ... }: {
          nixpkgs.overlays = [
            (final: prev: {
              # satisfy mempool's dependency on nodejs_18_x by pointing it at the 24.11 channel's NodeJS 18
              nodejs_18 = deprecatedPkgs.nodejs_18;
            })
          ];
        })

        nix-bitcoin.nixosModules.default
        (nix-bitcoin + "/modules/presets/secure-node.nix")
        {
          nix-bitcoin = {
            generateSecrets = true;
            operator = {
              enable = true;
              name = "pleb";
            };
            onionServices.bitcoind.public = true;
          };

          services = {
            bitcoind = {
              enable = true;
              # https://github.com/bitcoinknots/bitcoin
            # package = config.nix-bitcoin.pkgs.bitcoind-knots;
              disablewallet = true;
              tor.enforce = false; # permit lan connections
              rpc = {
                address = "0.0.0.0";
                #port = 8332;
                #threads = 6;
                allowip = [ 
                  "192.168.0.0/16"
                  "172.16.0.0/12"
                  "10.0.0.0/8"
                ];
              };
          #   dbCache = 1024; # defined in presets/secure-node.nix, so cannot be changed here
              txindex = true;
              zmqpubrawblock = "tcp://0.0.0.0:28332";
              zmqpubrawtx = "tcp://0.0.0.0:28333";
              extraConfig = ''
                maxmempool=1024
                #zmqpubhashblock=tcp://0.0.0.0:28334 # dojo
                maxorphantx=110
                # temporary fix for lnd versions earlier than v0.18.4
                deprecatedrpc=warnings
              '';
            };
            electrs = {
              enable = true;
              address = "0.0.0.0";
              tor.enforce = false; # permit lan connections
            };
            mempool.enable = true;

          # lnd autostarts on boot, but we want to wait for the mountpoint to be available
          # moreover, we like using nix-bitcoin automatic secret generation for everything except lnd
          # so instead of trying to make it work here, we configure lnd in configuration.nix

          };
        }
      ];
    };
  };
}