# TODO: Create a nixos module system for this. (mkMerge)
# That way, we don't have to specify isRaspberryPi on every machine... etc.
{
  warwick = {
    type = "physical";
    arch = "aarch64-linux";
    isRaspberryPi = true;
    isHypervisor = false;
    isVirtualMachine = false;

    nixosModule.lab = {
      storage = {
        osDisk = "/dev/sda";
      };
    };
  };

  atlas = {
    type = "physical";
    arch = "x86_64-linux";
    isRaspberryPi = false;
    isHypervisor = true;
    isVirtualMachine = false;

    nixosModule.lab = {
      storage = {
        osDisk = "/dev/sda";
        dataPartition = "/dev/nvme0n1p1";
      };

      ssh = {
        useCertificates = true;
        hostCert = builtins.readFile ./certificates/atlas/host_ed25519.crt;
        userCert = builtins.readFile ./certificates/atlas/user_ed25519.crt;
      };
    };
  };

  jefke = {
    type = "physical";
    arch = "x86_64-linux";
    isRaspberryPi = false;
    isHypervisor = true;
    isVirtualMachine = false;

    nixosModule.lab = {
      storage = {
        osDisk = "/dev/sda";
        dataPartition = "/dev/nvme0n1p1";
      };

      ssh = {
        useCertificates = true;
        hostCert = builtins.readFile ./certificates/jefke/host_ed25519.crt;
        userCert = builtins.readFile ./certificates/jefke/user_ed25519.crt;
      };
    };
  };

  lewis = {
    type = "physical";
    arch = "x86_64-linux";
    isRaspberryPi = false;
    isHypervisor = true;
    isVirtualMachine = false;

    nixosModule.lab = {
      backups.enable = true;
      data-sharing.enable = true;
      networking.dmz.allowConnectivity = true;

      storage = {
        osDisk = "/dev/sda";
        dataPartition = "/dev/nvme0n1p1";
      };

      ssh = {
        useCertificates = true;
        hostCert = builtins.readFile ./certificates/lewis/host_ed25519.crt;
        userCert = builtins.readFile ./certificates/lewis/user_ed25519.crt;
      };
    };
  };

  hermes = {
    type = "virtual";
    hypervisorName = "lewis";
    isRaspberryPi = false;
    isVirtualMachine = true;
    isHypervisor = false;

    nixosModule = { config, ... }: {
      lab = {
        networking = {
          dmz.services.enable = true;
          staticNetworking = true;
          staticIPv4 = config.lab.networking.dmz.ipv4.services;
          staticIPv6 = config.lab.networking.dmz.ipv6.services;
        };

        vm = {
          # TODO: would be cool to create a check that a mac address is only ever assigned to one VM.
          # TODO: idea: what if we generated these IDs by hashing the host name and reducing that to the amount of hosts possible?
          id = 7;

          shares = [{
            name = "dnsmasq";
            mountPoint = "/var/lib/dnsmasq";
          }];
        };
      };
    };
  };

  maestro = {
    type = "virtual";
    hypervisorName = "atlas";
    isRaspberryPi = false;
    isVirtualMachine = false;
    isHypervisor = false;

    nixosModule = { config, ... }: {
      microvm.balloonMem = 7680;

      lab = {
        dockerSwarm.enable = true;

        vm = {
          id = 1;
        };
      };
    };
  };

  bancomart = {
    type = "virtual";
    hypervisorName = "jefke";
    isRaspberryPi = false;
    isVirtualMachine = false;
    isHypervisor = false;

    nixosModule = {
      microvm.balloonMem = 7680;

      lab = {
        dockerSwarm.enable = true;
        vm.id = 2;
      };
    };
  };

  vpay = {
    type = "virtual";
    hypervisorName = "lewis";
    isRaspberryPi = false;
    isVirtualMachine = false;
    isHypervisor = false;

    nixosModule = {
      microvm.balloonMem = 5120;

      lab = {
        dockerSwarm.enable = true;
        vm.id = 3;
      };
    };
  };
}