{ pkgs
, nixpkgs
, nixos-unstable
, unstablePkgs
, home-manager
, system
, mkHomeRole
, mkSysRole
, mkUser
, ...
}:

{
  mkHost = { name, users, roles ? [ ], imports ? [ ] }:
    let
      users_mod = (map
        (u:
          mkUser {
            name = u.user;
            roles = u.roles;
          })
        users);
      roles_mod = (map (r: mkSysRole r) roles);
      add_imports = imports;
    in
    nixpkgs.lib.nixosSystem {
      inherit system;

      modules = [
        {
          imports = users_mod ++ roles_mod ++ add_imports ++ [
            (mkSysRole "common")
            (mkSysRole "acme")
          ];

          nixpkgs = { inherit pkgs; };

          nix = {
            nixPath = [
              "nixpkgs=${nixpkgs}"
              "unstable=${nixos-unstable}"
            ];
            registry = {
              nixpkgs.flake = nixpkgs;
              unstable.flake = nixos-unstable;
            };
          };

          users.users.root = { shell = pkgs.zsh; };

          home-manager = {
            users.root.imports = pkgs.lib.singleton (mkHomeRole "common");
            extraSpecialArgs.unstablePkgs = unstablePkgs;
            useGlobalPkgs = true;
          };

          system.stateVersion = "22.11";
        }

        home-manager.nixosModules.home-manager
        ../hosts/${name}/default.nix
      ];
    };
}