{
  description = "NixOS Configuration for x86_64 Servers";

  # Binary Cache configuration
  nixConfig = {
    extra-substituters = [ "https://nix-community.cachix.org" ];
    extra-trusted-public-keys = [
      "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
    ];

    http-connections = 4;
    download-buffer-size = 268435456; # 256MB
  };

  # External Dependencies
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixpkgs-unstable";
    home-manager.url = "github:nix-community/home-manager/master";
    home-manager.inputs.nixpkgs.follows = "nixpkgs";
    nixvim.url = "github:nix-community/nixvim";
  };

  outputs =
    {
      self,
      nixpkgs,
      home-manager,
      nixvim,
      ...
    }@inputs:
    let
      primaryUser = "phil";
      system = "x86_64-linux";

      # Configure Home Manager
      homeManagerModule = {
        home-manager = {
          useGlobalPkgs = true;
          useUserPackages = true;
          users.${primaryUser} = import ./home/default.nix;
          extraSpecialArgs = { inherit inputs primaryUser; };
          backupFileExtension = "backup";
        };
      };

      # Modules needed regardless of config
      commonModules = hostName: [
        home-manager.nixosModules.home-manager
        homeManagerModule
        ./hosts/${hostName}/configuration.nix
      ];

      # Wrapper around nixpkgs.lib.nixosSystem; pins system and specialArgs
      mkSystem =
        modules:
        nixpkgs.lib.nixosSystem {
          inherit system;
          modules = modules;
          specialArgs = { inherit inputs self primaryUser; };
        };

      # Builds a full installed NixOS system for given Host
      mkNixosConfig =
        hostName:
        mkSystem (
          [
            ./nixos/default.nix
            ./nixos/hardware.nix
          ]
          ++ commonModules hostName
        );

      # Build a bootable installer ISO for given Host
      mkISOConfig =
        hostName:
        (mkSystem (
          [
            "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
            ./nixos/settings.nix
            ./nixos/packages.nix
            # Re-declare the user for the ISO context — default.nix is excluded
            # because it imports hardware.nix which conflicts with the ISO profile,
            # but Home Manager still needs a valid user to activate against.
            {
              nixpkgs.config.allowUnfree = true;
              programs.fish.enable = true;
              users.users.${primaryUser} = {
                isNormalUser = true;
                group = primaryUser;
                hashedPassword = "$6$TqAclAMz/DFP90Ve$HEN4t1pqK36rACeWctJOmLArkTWb/rIBYamu4sY8bPuDnqkVVyfOLqXKkgX8zBf9LKz02.mo4EKFRnYWIzcAX1";
                extraGroups = [ "wheel" ];
                shell = nixpkgs.legacyPackages.${system}.fish;
                openssh.authorizedKeys.keys = [
                  "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuYuGhqRC/QLoRBH91c3DG5JHlAdRLQsvde18k5ipY2 phil@cyperpunk.de"
                ];
              };
              users.groups.${primaryUser} = { };
            }
          ]
          ++ commonModules hostName
        )).config.system.build.isoImage;
    in
    {
      # Installed system configurations
      # nixos-rebuild switch --flake .#<hostname>
      nixosConfigurations = {
        "cyper-controller" = mkNixosConfig "cyper-controller";
        "cyper-node1" = mkNixosConfig "cyper-node1";
        "cyper-node2" = mkNixosConfig "cyper-node2";
        "cyper-cluster" = mkNixosConfig "cyper-cluster";
        "cyper-cloud" = mkNixosConfig "cyper-cloud";
      };

      # Create installer ISOs
      # nix build .#isoImages.<hostname>
      isoImages = {
        "cyper-controller" = mkISOConfig "cyper-controller";
        "cyper-node1" = mkISOConfig "cyper-node1";
        "cyper-node2" = mkISOConfig "cyper-node2";
        "cyper-cluster" = mkISOConfig "cyper-cluster";
        "cyper-cloud" = mkISOConfig "cyper-cloud";
      };
    };

}