{
  description = "C3D2 NixOS configurations";

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/release-20.09";
    secrets = {
      url = "git+ssh://git@gitea.c3d2.de:2222/c3d2-admins/secrets.git";
      flake = false;
    };
  };

  outputs = { self, nixpkgs, secrets }:
    let
      forAllSystems = f:
        nixpkgs.lib.genAttrs [ "aarch64-linux" "x86_64-linux" ]
        (system: f system);
    in {

      overlay = import ./nixpkgs-overlay;

      legacyPackages = forAllSystems (system:
        import nixpkgs {
          inherit system;
          overlays = [ self.overlay ];
        });

      packages = forAllSystems (system:
        let
          pkgs = self.legacyPackages.${system};

          mkDeploy =
            # Generate a small script for copying this flake to the
            # remote machine and bulding and switching there.
            # Can be run with nix run c3d2#deploy-…
            name: host:
            let target = "root@${host}";
            in pkgs.writeScriptBin "deploy-${name}" ''
              #!${pkgs.runtimeShell}
              set -ev
              nix-copy-closure --to ${target} ${self}
              exec ssh -t ${target} \
                nix shell \
                  ${self}#nixosConfigurations.${name}.config.system.build.toplevel \
                  --command switch-to-configuration $@
            '';
        in {
          inherit (pkgs) bmxd;
          inherit (pkgs.pile) ledball;

          deploy-freifunk = mkDeploy "freifunk" "172.20.72.40";
          deploy-glotzbert = mkDeploy "glotzbert" "glotzbert.hq.c3d2.de";
          deploy-kibana = mkDeploy "kibana" "172.20.73.44";
          deploy-ledstripes = mkDeploy "ledstripes" "172.22.99.168";
          deploy-scrape = mkDeploy "scrape" "172.20.73.32";
        });

      nixosConfigurations = let

        nixosSystem' =
          # Our custom NixOS builder
          { modules, system ? "x86_64-linux", ... }@args:
          nixpkgs.lib.nixosSystem (args // {
            inherit system;
            modules = modules ++ [
              self.nixosModules.c3d2
              ({ pkgs, ... }: {
                nix = {
                  package = pkgs.nixFlakes;
                  extraOptions = "experimental-features = nix-command flakes";
                };
                nixpkgs.overlays = [ self.overlay ];
              })
            ];
          });

      in {

        freifunk = nixosSystem' {
          modules = [
            (import ./hosts/containers/freifunk/configuration.nix {
              inherit secrets;
            })
          ];
        };

        glotzbert =
          nixosSystem' { modules = [ ./hosts/glotzbert/configuration.nix ]; };

        kibana = nixosSystem' {
          modules = [ ./hosts/containers/kibana/configuration.nix ];
        };

        ledstripes = nixosSystem' {
          modules = [ ./hosts/containers/ledstripes/configuration.nix ];
        };

        pulsebert =
          nixosSystem' { modules = [ ./hosts/pulsebert/configuration.nix ]; };

        scrape = nixosSystem' {
          modules = [
            (import ./hosts/containers/scrape/configuration.nix {
              inherit secrets;
            })
          ];
        };

      };

      nixosModules.c3d2 = import ./lib;

    };
}