{
  nixpkgs,
  nixpkgs-unstable,
  nixos-hardware,
  agenix,
  home-manager,
  lix-module,
  authentik-nix,
  self,
  ...
}:
let
  agenixOverlay = final: prev: { agenix = agenix.packages.${prev.system}.default; };

  customOverlays = (
    final: prev: {
    }
  );

  mkPkgs =
    nixpkgsSrc: system:
    import nixpkgsSrc {
      inherit system;
      overlays = [
        agenixOverlay
        customOverlays
      ];
      config.allowUnfree = true;
    };

  # Helper function to create a Proxmox LXC host
  mkLXC =
    {
      hostModule,
      unstable ? false,
      system ? "x86_64-linux",
      extraModules ? [ ],
      specialArgs ? { },
    }:
    let
      nixpkgsSrc = if unstable then nixpkgs-unstable else nixpkgs;
    in
    nixpkgsSrc.lib.nixosSystem {
      pkgs = mkPkgs nixpkgsSrc system;
      modules = [
        # Base modules for all hosts
        authentik-nix.nixosModules.default
        ../modules

        # Proxmox LXC support
        "${nixpkgs}/nixos/modules/virtualisation/proxmox-lxc.nix"
        ../modules/virtualisation/proxmox.nix

        # Agenix for secrets
        agenix.nixosModules.default

        # Host-specific module
        hostModule
      ]
      ++ extraModules;
      inherit specialArgs;
    };

in
{
  # deadbeef = nixpkgs.lib.nixosSystem {
  #   pkgs = mkPkgs nixpkgs "x86_64-linux";
  #   modules = [
  #     ./deadbeef
  #     nixos-hardware.nixosModules.dell-xps-15-9560
  #     home-manager.nixosModules.home-manager
  #     agenix.nixosModules.default
  #   ];
  # };

  baseLXC = mkLXC {
    hostModule = ./base-lxc.nix;
    specialArgs = { inherit self; };
  };

  arr = mkLXC { hostModule = ./arr; };
  caddy = mkLXC { hostModule = ./caddy; };
  colmena = mkLXC { hostModule = ./colmena; };
  dns01 = mkLXC { hostModule = ./dns/dns-01.nix; };
  dns02 = mkLXC { hostModule = ./dns/dns-02.nix; };
  firefly-iii = mkLXC { hostModule = ./firefly-iii; };
  forgejo = mkLXC { hostModule = ./forgejo; };
  immich = mkLXC { hostModule = ./immich; };
  metrics = mkLXC { hostModule = ./metrics; };
  n8n = mkLXC { hostModule = ./n8n; };
  nextcloud = mkLXC { hostModule = ./nextcloud; };
  plex = mkLXC { hostModule = ./plex; };
  portainer = mkLXC { hostModule = ./portainer; };
  shadowsocks = mkLXC { hostModule = ./shadowsocks; };
  vaultwarden = mkLXC { hostModule = ./vaultwarden; };

  # Hosts requiring nixpkgs-unstable
  authentik = mkLXC {
    hostModule = ./authentik;
    unstable = true;
  };

  paperless = mkLXC {
    hostModule = ./paperless;
    unstable = true;
  };
  
  zigbee2mqtt = mkLXC {
    hostModule = ./zigbee2mqtt;
    unstable = true;
  };
}