{
  description = "GKleen's flakey nixos configuration";

  nixConfig = {
    extra-substituters = [
      "https://nix-community.cachix.org"
    ];
    extra-trusted-public-keys = [
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
    ];
  };

  inputs = {
    nixpkgs = {
      type = "github";
      # owner = "NixOS";
      owner = "gkleen";
      repo = "nixpkgs";
      # ref = "nixos-unstable";
      ref = "ppp-systemd";
    };
    nixpkgs-stable = {
      type = "github";
      owner = "NixOS";
      repo = "nixpkgs";
      ref = "23.05";
    };
    home-manager = {
      type = "github";
      # owner = "nix-community";
      # repo = "home-manager";
      # ref = "master";
      owner = "gkleen";
      repo = "home-manager";
      ref = "nixos-late-start";
      inputs = {
        nixpkgs.follows = "nixpkgs";
      };
    };
    sops-nix = {
      type = "github";
      owner = "Mic92";
      repo = "sops-nix";
      ref = "master";
      inputs = {
        nixpkgs.follows = "nixpkgs";
        nixpkgs-stable.follows = "nixpkgs-stable";
      };
    };
    deploy-rs = {
      type = "github";
      owner = "serokell";
      repo = "deploy-rs";
      ref = "master";
      inputs = {
        nixpkgs.follows = "nixpkgs";
        utils.follows = "flake-utils";
        flake-compat.follows = "flake-compat";
      };
    };
    nvfetcher = {
      type = "github";
      owner = "berberman";
      repo = "nvfetcher";
      ref = "master";
      inputs = {
        nixpkgs.follows = "nixpkgs";
        flake-utils.follows = "flake-utils";
        flake-compat.follows = "flake-compat";
      };
    };
    flake-compat = {
      type = "github";
      owner = "edolstra";
      repo = "flake-compat";
      ref = "master";
      flake = false;
    };
    flake-utils = {
      type = "github";
      owner = "numtide";
      repo = "flake-utils";
      ref = "main";
    };
    flake-registry = {
      type = "github";
      owner = "NixOS";
      repo = "flake-registry";
      flake = false;
    };
    nix-index-database = {
      type = "github";
      owner = "Mic92";
      repo = "nix-index-database";
      ref = "main";
      inputs = {
        nixpkgs.follows = "nixpkgs";
      };
    };

    ca-util = {
      type = "gitlab";
      owner = "gkleen";
      repo = "ca";
      ref = "v2.1.0";
      inputs = {
        nixpkgs.follows = "nixpkgs";
      };
    };
    backup-utils = {
      type = "gitlab";
      owner = "gkleen";
      repo = "backup-utils";
      ref = "v0.1.0";
      inputs = {
        nixpkgs.follows = "nixpkgs";
      };
    };
    prometheus-borg-exporter = {
      type = "gitlab";
      owner = "gkleen";
      repo = "prometheus-borg-exporter";
      ref = "main";
      inputs = {
        nixpkgs.follows = "nixpkgs";
      };
    };
  };

  outputs = { self, nixpkgs, home-manager, sops-nix, deploy-rs, nvfetcher, ... }@inputs:
    let
      inherit (builtins) attrNames attrValues elemAt toJSON isNull pathExists;
      inherit (nixpkgs) lib;
      utils = import ./utils { inherit lib; };
      inherit (utils) nixImport overrideModule;
      inherit (lib) nixosSystem mkIf splitString filterAttrs listToAttrs mapAttrsToList nameValuePair concatMap composeManyExtensions mapAttrs mapAttrs' recursiveUpdate genAttrs unique elem optionalAttrs isDerivation concatLists concatStringsSep fix filter makeOverridable foldr;
      inherit (lib.strings) escapeNixString hasSuffix;

      accountUserName = accountName:
        let
          accountName' = splitString "@" accountName;
        in elemAt accountName' 0;
      accountHostName = accountName:
        let
          accountName' = splitString "@" accountName;
        in elemAt accountName' 1;

      mkSources = pkgs: optionalAttrs (pathExists _sources/generated.nix) { sources = pkgs.callPackage _sources/generated.nix {}; };

      mkOverlay = path: final: prev: import path ({ inherit final; inherit prev; flakeInputs = inputs; flake = self; } // mkSources prev);

      mkNixosConfiguration = addProfiles: dir: path: hostName: nixosSystem rec {
        specialArgs = {
          flake = self;
          flakeInputs = inputs;
          path = ./.;
        };
        modules =
          let
            defaultProfiles = with self.nixosModules.systemProfiles;
              [ core
              ];

            local = dir + "/${path}";
            argsModule = { pkgs, ... }: {
              _module.args = {
                customUtils = utils;
                inherit hostName;
              } // mkSources pkgs;
            };
            accountModules = attrValues (filterAttrs accountMatchesHost self.nixosModules.accounts);
            accountMatchesHost = n: _v: accountHostName n == hostName;
          in attrValues (filterAttrs (n: _v: !(elem n ["systemProfiles" "users" "userProfiles" "accounts"])) self.nixosModules) ++ [ argsModule ] ++ defaultProfiles ++ addProfiles ++ [ local ] ++ accountModules;
      };

      mkSystemProfile = dir: path: profileName: {
        imports = [ (dir + "/${path}") ];
        config = {
          system.profiles = [profileName];
        };
      };

      defaultUserProfiles = userName: with self.nixosModules.userProfiles.${userName};
        [ core
        ];

      mkUserModule = dir: path: userName:
        overrideModule (import (dir + "/${path}"))
                       (inputs: inputs // { inherit userName; })
                       (outputs: { _file = dir + "/${path}"; }
                              // outputs
                              // { imports = defaultUserProfiles userName ++ (outputs.imports or []); });

      mkUserProfile = userName: dir: path: profileName:
        let
          profileModule = overrideModule (import (dir + "/${path}"))
                                         (inputs: inputs // { inherit userName; })
                                         (outputs: { _file = dir + "/${path}"; }
                                                // outputs);
        in {
          imports = [profileModule];
          config = {
            users.users.${userName}.profiles = [profileName];
          };
        };

      mkAccountModule = dir: path: accountName:
        let
          userName = accountUserName accountName;
        in overrideModule
             (import (dir + "/${path}"))
             (inputs: inputs // { inherit userName; })
             (outputs: { _file = dir + "/${path}"; }
                      // outputs
                      // { imports = [self.nixosModules.users.${userName} or ({...}: { imports = defaultUserProfiles userName; })] ++ (outputs.imports or []); });

      # systemsSelector = "x86_64-linux";
      # systems = filter (system: !(isNull (builtins.match systemsSelector system))) nixpkgs.lib.systems.flakeExposed;
      systems =
        let
          disallowedSystems = ["armv5tel-linux" "armv6l-linux"];
        in filter (system: !(elem system disallowedSystems)) nixpkgs.lib.systems.flakeExposed;
      nixpkgsPackages = localSystem: (makeOverridable (import (nixpkgs.outPath + "/pkgs/top-level"))) { inherit localSystem; };
      forAllSystems = f: mapAttrs f (genAttrs systems nixpkgsPackages);
      forAllUsers = genAttrs (unique (map accountUserName (attrNames self.nixosModules.accounts)));

      activateNixosConfigurations = forAllSystems (system: _pkgs: filterAttrs (_n: v: v != null) (mapAttrs' (hostName: nixosConfig: nameValuePair "${hostName}-activate" (if system == nixosConfig.config.nixpkgs.system then { type = "app"; program = "${nixosConfig.config.system.build.toplevel}/bin/switch-to-configuration"; } else null)) self.nixosConfigurations));
      activateHomeManagerConfigurations = forAllSystems (system: _pkgs: filterAttrs (_n: v: v != null) (listToAttrs (concatLists (mapAttrsToList (hostName: nixosConfig: mapAttrsToList (userName: userCfg: nameValuePair "${userName}@${hostName}-activate" (if system == nixosConfig.config.nixpkgs.system then { type = "app"; program = "${userCfg.home.activationPackage}/activate"; } else null)) nixosConfig.config.home-manager.users) self.nixosConfigurations))));
      installerShells = system: pkgs: mapAttrs (installerName: config: pkgs.callPackage ./installer/shell.nix {
        inherit system installerName config;
      }) (filterAttrs (n: _v: hasSuffix "-netboot" n) installerNixosConfigurations);

      overlayPaths = nixImport rec { dir = ./overlays; _import = (path: _name: dir + "/${path}"); };

      installerProfiles = nixImport rec {
        dir = ./installer-profiles;
        _import = path: name: mkSystemProfile dir path "installer-${name}";
      };

      installerConfig = if pathExists ./installer.nix then "installer.nix" else (if pathExists ./installer then "installer" else null);
      mkInstallerForSystem = system: (lib.systems.elaborate system).isLinux;
      installers =
        let mkInstallers = system: mapAttrs (mkInstaller system) installerProfiles;
            mkInstaller = system: name: profile: mkNixosConfiguration [profile { config = { nixpkgs.system = system; }; }] ./. installerConfig "installer";
        in forAllSystems (system: _systemPkgs: optionalAttrs (!(isNull installerConfig) && mkInstallerForSystem system) (mkInstallers system));
      installerNixosConfigurations = listToAttrs (concatLists (mapAttrsToList (system: mapAttrsToList (profile: config: nameValuePair ("installer-${system}-${profile}") config)) installers));

      # packages = forAllSystems (system: systemPkgs: composeManyExtensions (attrValues self.overlays) self.legacyPackages.${system} systemPkgs);

      activateHomeManager = system: base: (deploy-rs.lib.${system}.activate.custom // { dryActivate = "DRY_RUN=1 $PROFILE/activate"; }) base.activationPackage "$PROFILE/activate";
    in
      {
        nixosModules =
          let modulesAttrs = nixImport { dir = ./modules; };
              systemProfiles = nixImport rec { dir = ./system-profiles; _import = mkSystemProfile dir; };
              users = nixImport rec { dir = ./users; _import = mkUserModule dir; };
              userProfiles = forAllUsers (userName: nixImport rec { dir = ./user-profiles; _import = mkUserProfile userName dir; });
              accounts = recursiveUpdate rootAccounts (nixImport rec { dir = ./accounts; _import = mkAccountModule dir; });
              rootAccounts = mapAttrs' (hostName: _value: nameValuePair "root@${hostName}" ({...}: { imports = [ self.nixosModules.users.root or ({...}: { imports = defaultUserProfiles "root"; }) ]; })) self.nixosConfigurations;
          in modulesAttrs // { inherit systemProfiles users userProfiles accounts; };
        nixosConfigurations = installerNixosConfigurations // nixImport rec { dir = ./hosts; _import = mkNixosConfiguration [] dir; };

        homeModules = nixImport rec { dir = ./home-modules; };
        homeConfigurations = listToAttrs (concatLists (mapAttrsToList (hostname: nixosConfig: mapAttrsToList (username: configuration: nameValuePair "${username}@${hostname}" { inherit (configuration.home) activationPackage; }) nixosConfig.config.home-manager.users) self.nixosConfigurations));

        overlays = mapAttrs (_name: path: mkOverlay path) overlayPaths;

        packages = forAllSystems (system: systemPkgs: nixImport rec { dir = ./tools; _import = _path: name: import "${toString dir}/${name}" ({ inherit system; } // inputs); });

        # packages = mapAttrs (_name: filterAttrs (_name: isDerivation)) packages;
        # packages' = mapAttrs (_name: filterAttrs (_name: value: !(isDerivation value))) packages;

        legacyPackages = forAllSystems (system: systemPkgs: systemPkgs.override { overlays = attrValues self.overlays; });

        apps = foldr recursiveUpdate {} [activateNixosConfigurations activateHomeManagerConfigurations];

        devShells = forAllSystems (system: systemPkgs: { default = import ./shell.nix ({ inherit system; } // inputs); } // installerShells system systemPkgs);

        templates.default = {
          path = ./.;
          description = "GKleen's flakey nixos configuration";
        };

        deploy.nodes = let
          defaults = mapAttrs (hostname: _: {
            inherit hostname;
            sshUser = "root";
            sshOpts = [ "-S" "none" ];

            profilesOrder = ["system"]; # system first
            profiles = {
              system = {
                path = deploy-rs.lib.${self.nixosConfigurations.${hostname}.config.nixpkgs.system}.activate.nixos self.nixosConfigurations.${hostname};
              };
            }; # // (mapAttrs (_user: usercfg: {
            #   user = usercfg.home.username;
            #   path = activateHomeManager (self.nixosConfigurations.${hostname}.config.nixpkgs.system) usercfg.home;
            # }) self.nixosConfigurations.${hostname}.config.home-manager.users);
          }) (nixImport { dir = ./hosts; _import = (_path: name: name); });
          overrides = if pathExists ./deploy then nixImport { dir = ./deploy; _import = path: _name: import (./deploy + "/${path}") inputs; } else {};
          filterEnabled = attrs: mapAttrs (_n: v: filterAttrs (n: _v: n != "enabled") v) (filterAttrs (_n: v: v.enabled or true) attrs);
        in mapAttrs (_n: v: if v ? "profiles" then v // { profiles = filterEnabled v.profiles; } else v) (filterEnabled (recursiveUpdate defaults overrides));

        checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
      };
}