config/utils.nix

{
  nixpkgs,
  inputs,
  outputs,
  ...
}:
{
  mkSystem =
    { hostConfig, hosts }:
    nixpkgs.lib.nixosSystem {
      system = "x86_64-linux";
      specialArgs = {
        inherit
          inputs
          outputs
          hostConfig
          hosts
          ;
      };
      modules = [
        inputs.impermanence.nixosModules.impermanence
        inputs.sops-nix.nixosModules.sops

        ./systems/base/configuration.nix
        (
          { ... }:
          {
            sops.defaultSopsFile = ./secrets + "/${hostConfig.hostname}.yaml";
            # Disable automatic pgp key generation based on ssh keys
            sops.gnupg.sshKeyPaths = [ ];

            networking.hostName = hostConfig.hostname;
            system.stateVersion = hostConfig.stateVersion;
          }
        )
        ({ ... }: hostConfig.config)
      ] ++ builtins.map (role: role.nixosModule) hostConfig.roles;
    };

  mkRole = cfg: {
    inherit (cfg) name description nixosModule;
    traefikRoutes = cfg.traefikRoutes or ({ ... }: [ ]);
  };
}