self: super:

let 
  machines = (import ./defs-machines.nix);
  configurations = builtins.listToAttrs (map (machine: {
    name = machine.fqdn;
    value = super.nixos ({ config, pkgs, ... }: {
      networking.hostName = machine.name;
      imports = [
        ./modules/base.nix
        ./modules/kubernetes.nix
      ];
    });
  }) machines);

  scriptForMachine = machine: let
    configuration = configurations."${machine.fqdn}";
  in ''
   set -e
   remote=root@${machine.fqdn}
   echo "Configuration for ${machine.fqdn} is ${configuration.toplevel}"
   nix copy --no-check-sigs -s --to ssh://$remote ${configuration.toplevel}
   echo "/etc/systemd/system diff:"
   ssh $remote diff -ur /var/run/current-system/etc/systemd/system ${configuration.toplevel}/etc/systemd/system || true
   echo ""
   echo ""
   ssh $remote ${configuration.toplevel}/bin/switch-to-configuration dry-activate
   read -p "Do you want to switch to this configuration? " -n 1 -r
   echo
   if [[ $REPLY =~ ^[Yy]$ ]]; then
       ssh $remote ${configuration.toplevel}/bin/switch-to-configuration switch
   fi
  '';

  machineProvisioners = builtins.listToAttrs (map (machine: {
      name = "provision-${machine.name}";
      value = super.writeScriptBin "provision-${machine.name}" (scriptForMachine machine);
    }) machines);
in
{
  provision = ({
    provision = super.writeScriptBin "provision"
      (
        ''
          echo "Available provisioniers:"
        '' + (builtins.concatStringsSep "\n" (map (machine: "echo '  provision-${machine.name}'") machines))
      );
  }) // machineProvisioners;
}