{ ... }:

{
  services.dnsmasq = {
    enable = true;
    
    # Only using this for tailscale IPs, so better to let tailscale itself deal with it
    resolveLocalQueries = false;
    
    settings = {
      listen-address = [ "100.73.96.48" ];
      
      /*
      Dnsmasq tries to use the tailscale dns server, which is bad cause that points to dnsmasq
      From the little testing I have done it seems to not cause any issues, but better to be safe
      than sorry :P
      */
      dns-loop-detect = true;
      
      # If this isn't set a cname that targets a host might return the wrong ip
      localise-queries = true;
      ## IPv6 is not a thing in Spain so I'm guaranteed to not use it
      filter-AAAA = true;
      expand-hosts = true;
      domain = "sable-pancake.ts.net";
      domain-needed = true;
    };
  };

  # Add tailscale hosts
  networking.hosts = {
    "100.73.96.48" = [ "everest" ];
    "100.113.139.93" = [ "archie" ];
    "100.85.48.85" = [ "steamdeck" ];
    "100.96.92.13" = [ "surfecego" ];
  };

  # Dnsmasq conflicts with the resolved dns stub listener
  services.resolved.extraConfig = ''
    [Resolve]
    DNSStubListener=no
  '';
}