{
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
    flake-parts.url = "github:hercules-ci/flake-parts";
    nixinate.url = "github:maxaudron/nixinate";

    secrets = {
      url = "git+ssh://git@gitlab.com/cocainefarm/k8s/secrets";
      flake = false;
    };
  };

  outputs = inputs@{ self, nixpkgs, flake-parts, nixinate, ... }:
    flake-parts.lib.mkFlake { inherit inputs; } {
      imports = [ nixinate.flakeModule ];
      flake =
        let
          system = "x86_64-linux";
          specialArgs = inputs // {
            nodes = self.nixosConfigurations;
          };
          mkSystem = modules: nixpkgs.lib.nixosSystem {
            inherit specialArgs system;
            modules = modules;
          };
        in
        {
          nixosModules = import ./modules;
          nixosConfigurations = with self.nixosModules; {
            test1 = mkSystem [ (import ./machines/test) common users vultr wireguard crypto kubernetes ];
            test2 = mkSystem [ (import ./machines/test2) common users vultr wireguard crypto kubernetes ];
            # vultr-image = mkSystem [ common users image vultr ];
            # nixbuilder = mkSystem [ (import ./machines/nixbuilder) common users gitlab {
            #   users.users = {
            #     nixbuilder = {
            #       isNormalUser = true;
            #       extraGroups = [ "wheel" "docker" ];
            #       openssh.authorizedKeys.keys = [
            #         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGfuzswSmySvmTIiZpCKCEUpOXvETr8sTs49wX7US7yX nixbuilder"
            #       ];
            #     };
            #   };
            # } ];
          };
        };
      systems = [ "x86_64-linux" "x86_64-darwin" "aarch64-linux" "aarch64-darwin" ];
    };
}