diff --git a/images/base-config.nix b/images/base-config.nix
index d286122..e9b9a60 100644
--- a/images/base-config.nix
+++ b/images/base-config.nix
@@ -1,3 +1,4 @@
+# based on: https://github.com/Mic92/dotfiles/blob/main/nixos/images/base-config.nix
 { lib
 , pkgs
 , config
@@ -5,57 +6,61 @@
 }: {
   system.stateVersion = config.system.nixos.version;
 
-  networking.firewall.enable = false;
+  networking = {
+    firewall.enable = false;
 
-  services.resolved.enable = false;
-  networking.nameservers = [
-    # digital courage
-    "46.182.19.48"
-    "2a02:2970:1002::18"
-  ];
+    nameservers = [
+      # digital courage
+      "46.182.19.48"
+      "2a02:2970:1002::18"
+    ];
 
-  networking.usePredictableInterfaceNames = false;
-  systemd.network.enable = true;
-  systemd.network.networks =
-    lib.mapAttrs'
-      (num: _:
-        lib.nameValuePair "eth${num}" {
-          extraConfig = ''
-            [Match]
-            Name = eth${num}
+    usePredictableInterfaceNames = false;
+    useNetworkd = true;
+  };
 
-            [Network]
-            DHCP = both
-            LLMNR = true
-            IPv4LL = true
-            LLDP = true
-            IPv6AcceptRA = true
-            IPv6Token = ::521a:c5ff:fefe:65d9
-            # used to have a stable address for zfs send
-            Address = fd42:4492:6a6d:43:1::${num}/64
-
-            [DHCP]
-            UseHostname = false
-            RouteMetric = 512
-          '';
-        })
-      {
-        "0" = { };
-        "1" = { };
-        "2" = { };
-        "3" = { };
-      };
+  systemd = {
+    network.enable = true;
+    network.networks =
+      lib.mapAttrs'
+        (num: _:
+          lib.nameValuePair "eth${num}" {
+            matchConfig.Name = "eth${num}";
+            networkConfig = {
+              DHCP = "yes";
+              LLMNR = true;
+              IPv4LLRoute = true;
+              LLDP = true;
+              IPv6AcceptRA = true;
+              # used to have a stable address for zfs send
+              Address = "fd42:4492:6a6d:43:1::${num}/64";
+            };
+            dhcpConfig = {
+              UseHostname = false;
+              RouteMetric = 512;
+            };
+            ipv6AcceptRAConfig.Token = "::521a:c5ff:fefe:65d9";
+          })
+        {
+          "0" = { };
+          "1" = { };
+          "2" = { };
+          "3" = { };
+        };
+  };
 
   imports = [
     ../machines/core/core.nix
     ../machines/core/nix.nix
   ];
 
-  documentation.enable = lib.mkDefault false;
-  documentation.doc.enable = lib.mkDefault false;
-  documentation.info.enable = lib.mkDefault false;
-  documentation.nixos.enable = lib.mkDefault false;
-  documentation.nixos.options.warningsAreErrors = false;
+  documentation = {
+    enable = lib.mkDefault false;
+    doc.enable = lib.mkDefault false;
+    info.enable = lib.mkDefault false;
+    nixos.enable = lib.mkDefault false;
+    nixos.options.warningsAreErrors = false;
+  };
 
   # no auto-updates
   systemd.services.update-prefetch.enable = false;