{
  description = "lillinfra - lillys infrastructure configuration";

  inputs = {
    # nixpkgs
    nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-24.11";

    # some helpers for writing flakes with less repitition
    systems.url = "github:nix-systems/default-linux";

    # dotfile (and user package) manager
    home-manager = {
      url = "github:nix-community/home-manager?ref=release-24.11";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # disk paritioning defined via nix
    disko = {
      url = "github:nix-community/disko?ref=latest";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # secret management
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # lix package manager
    # https://lix.systems
    lix = {
      url = "git+https://git.lix.systems/lix-project/nixos-module.git?ref=release-2.91";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # treeformat for specifying how to properly format files in this repo
    treefmt-nix = {
      url = "github:numtide/treefmt-nix";
      inputs.nixpkgs.follows = "nixpkgs";
    };

    # cookied
    cookied = {
      url = "git+https://codeberg.org/lilly/cookied.git";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

  outputs =
    {
      self,
      nixpkgs,
      systems,
      treefmt-nix,
      ...
    }:
    let
      # instantiate nixpkgs for the given system, configuring this flake's overlay (and therefor packages) too
      mkPkgs =
        system:
        import nixpkgs {
          inherit system;
          overlays = [ self.overlays.default ];
        };
      # helper to iterate over all supported systems, passing the corresponding instantiated nixpkgs
      eachSystem = f: nixpkgs.lib.genAttrs (import systems) (system: f (mkPkgs system));
      # evaluate the treefmt.nix module given an instantiated nixpkgs
      treefmtEval = pkgs: treefmt-nix.lib.evalModule pkgs ./treefmt.nix;
    in
    {
      nixosConfigurations = import ./systems { flake = self; };
      overlays.default =
        final: prev:
        import ./packages {
          flake = self;
          pkgs = prev;
        };
      packages = eachSystem (
        pkgs:
        import ./packages {
          inherit pkgs;
          flake = self;
        }
      );

      devShells = eachSystem (pkgs: {
        default = pkgs.mkShell {
          packages = with pkgs; [
            age
            ssh-to-age
            pre-commit
            sops
            python312
            python312Packages.pynetbox
            python312Packages.dnspython
            python312Packages.ipython
            # custom packages
            fetch-netbox-data
          ];
        };
      });

      # maintenance
      formatter = eachSystem (pkgs: (treefmtEval pkgs).config.build.wrapper);
      checks = eachSystem (pkgs: {
        formatting = (treefmtEval pkgs).config.build.check self;
      });
    };
}