{
  inputs = {
    flake-utils.url = "github:numtide/flake-utils";
    naersk.url = "github:nix-community/naersk";
    mozillapkgs = {
      url = "github:mozilla/nixpkgs-mozilla";
      flake = false;
    };
  };

  outputs = { self, nixpkgs, flake-utils, naersk, mozillapkgs }:
    flake-utils.lib.eachDefaultSystem (
      system: let
        pkgs = nixpkgs.legacyPackages."${system}";
        mozilla = pkgs.callPackage (mozillapkgs + "/package-set.nix") {};
        rust = (mozilla.rustChannelOf {
          date = "2022-03-31";
          channel = "nightly";
          sha256 = "k6wD6/2qNQ7rmIvGi1ddtKSTUXjXFbIr0Sg2mqF2nYg=";
        }).rust;

        naersk-lib = naersk.lib."${system}".override {
          cargo = rust;
          rustc = rust;
        };
      in
        rec {
          # `nix build`
          packages.carasite = naersk-lib.buildPackage {
            pname = "carasite";
            root = ./.;
            remapPathPrefix = true;
            buildInputs = with pkgs; [
              git
            ];
            overrideMain = attrs: {
              preBuild = '' 
                cp -r templates /build/dummy-src/
                cp -r statics /build/dummy-src/
              '';

              postInstall = ''
                mv $out/bin/site $out/bin/carasite

                cp -rf $src/blog $out/blog
                cp -rf $src/statics $out/statics
                cp -rf $src/projects $out/projects
              '';

              };
          };
          defaultPackage = packages.carasite;

          # `nix run`
          apps.carasite = flake-utils.lib.mkApp {
            drv = packages.carasite;
          };
          defaultApp = apps.carasite;

          nixosModules.site = { config, lib, ... }: {
            options = {
              cara.services.carasite.enable = lib.mkEnableOption "enable cara's site";
              cara.services.carasite.domain = lib.mkOption {
                type = lib.types.str;
                default = "devcara.com";
                description = "The domain to use";
              };

              cara.services.carasite.port = lib.mkOption {
                type = lib.types.port;
                default = 3000;
                description = "The port to bind to";
              };
            };

            config = lib.mkIf config.cara.services.carasite.enable {
              users.groups.cara-site = {
                members = [ "cara-site" ];
              };
              users.users.cara-site = {
                createHome = true;
                isSystemUser = true;
                home = "/var/lib/cara-site";
                group = "cara-site";
              };

              systemd.services.cara-site = {
                wantedBy = [ "multi-user.target" ];
                environment = {
                  PORT = "${toString (config.cara.services.carasite.port)}";
                };
                serviceConfig = { 
                  User = "cara-site";
                  Group = "cara-site";
                  Restart = "always";
                  WorkingDirectory = "${defaultPackage}";
                  ExecStart = "${defaultPackage}/bin/carasite";
                };
              };

              networking.firewall.allowedTCPPorts = [ 443 80 ];

              services.nginx = {
                enable = true;
                recommendedProxySettings = true;
                recommendedTlsSettings = true; 
                virtualHosts."${config.cara.services.carasite.domain}" = { 
                  forceSSL = true;
                  enableACME = true;

                  locations."/" = {
                    proxyPass = "http://127.0.0.1:${toString (config.cara.services.carasite.port)}";
                  };
                };
              };
            };
          };


          # `nix develop`
          devShell = pkgs.mkShell {
            nativeBuildInputs = with pkgs; [ rustc cargo ];
          };
        }
    );
}