From 1c1c143b8de6b0c7af1a0c711355f5594371fb2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 3 Apr 2024 11:40:46 +0200
Subject: [PATCH 1/4] docs: replace hashedPassword with initialHashedPassword

---
 docs/admins/machines.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/admins/machines.md b/docs/admins/machines.md
index 09fd7671c..b0de192fb 100644
--- a/docs/admins/machines.md
+++ b/docs/admins/machines.md
@@ -21,7 +21,7 @@ In the example below, we demonstrate how to add a new user named `my-user` and s
 $ clan config --machine my-machine users.users.my-user.isNormalUser true
 
 # Set a password for the user
-$ clan config --machine my-machine users.users.my-user.hashedPassword $(mkpasswd)
+$ clan config --machine my-machine users.users.my-user.initialHashedPassword $(mkpasswd)
 ```
 
 _Note: The `$(mkpasswd)` command generates a hashed password. Ensure you have the `mkpasswd` utility installed or use an alternative method to generate a secure hashed password._

From f7077e35407e883b7b5b57a5a37357a721fa25f4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 3 Apr 2024 11:51:21 +0200
Subject: [PATCH 2/4] flash: improve prompt if no disk is specified

---
 pkgs/clan-cli/clan_cli/flash.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pkgs/clan-cli/clan_cli/flash.py b/pkgs/clan-cli/clan_cli/flash.py
index 94a913686..e59d21028 100644
--- a/pkgs/clan-cli/clan_cli/flash.py
+++ b/pkgs/clan-cli/clan_cli/flash.py
@@ -103,7 +103,11 @@ def flash_command(args: argparse.Namespace) -> None:
     machine = Machine(opts.machine, flake=opts.flake)
     if opts.confirm and not opts.dry_run:
         disk_str = ", ".join(f"{name}={device}" for name, device in opts.disks.items())
-        ask = input(f"Install {machine.name} to {disk_str}? [y/N] ")
+        msg = f"Install {machine.name}"
+        if disk_str != "":
+            msg += f" to {disk_str}"
+        msg += "? [y/N] "
+        ask = input(msg)
         if ask != "y":
             return
     flash_machine(machine, disks=opts.disks, dry_run=opts.dry_run, debug=opts.debug)

From 321241070480b3637997b8f806d30ad788594a64 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 3 Apr 2024 13:46:17 +0200
Subject: [PATCH 3/4] add flake-parts module for clan

---
 checks/backups/flake-module.nix      | 17 ++-----
 checks/installation/flake-module.nix | 29 ++++-------
 flake.nix                            | 17 ++-----
 flakeModules/clan.nix                | 73 ++++++++++++++++++++++++++++
 flakeModules/flake-module.nix        |  7 +++
 pkgs/installer/flake-module.nix      | 18 +++----
 6 files changed, 107 insertions(+), 54 deletions(-)
 create mode 100644 flakeModules/clan.nix
 create mode 100644 flakeModules/flake-module.nix

diff --git a/checks/backups/flake-module.nix b/checks/backups/flake-module.nix
index b25c232d0..78fabddf6 100644
--- a/checks/backups/flake-module.nix
+++ b/checks/backups/flake-module.nix
@@ -1,17 +1,11 @@
 { self, ... }:
 {
-  flake.clanInternals =
-    (self.lib.buildClan {
-      clanName = "testclan";
-      directory = ../..;
-      machines.test-backup = {
-        imports = [ self.nixosModules.test-backup ];
-        fileSystems."/".device = "/dev/null";
-        boot.loader.grub.device = "/dev/null";
-      };
-    }).clanInternals;
+  clan.machines.test-backup = {
+    imports = [ self.nixosModules.test-backup ];
+    fileSystems."/".device = "/dev/null";
+    boot.loader.grub.device = "/dev/null";
+  };
   flake.nixosModules = {
-
     test-backup =
       {
         pkgs,
@@ -75,7 +69,6 @@
           };
         };
         clanCore.facts.secretStore = "vm";
-        clanCore.clanDir = ../..;
 
         environment.systemPackages = [
           self.packages.${pkgs.system}.clan-cli
diff --git a/checks/installation/flake-module.nix b/checks/installation/flake-module.nix
index 522da5662..49e8ac302 100644
--- a/checks/installation/flake-module.nix
+++ b/checks/installation/flake-module.nix
@@ -1,21 +1,12 @@
-{ self, ... }:
-let
-  clan = self.lib.buildClan {
-    clanName = "testclan";
-    directory = ../..;
-    machines = {
-      test_install_machine = {
-        clan.networking.targetHost = "test_install_machine";
-        imports = [ self.nixosModules.test_install_machine ];
-      };
-    };
-  };
-in
+{ self, lib, ... }:
 {
-  flake.nixosConfigurations = {
-    inherit (clan.nixosConfigurations) test_install_machine;
+  clan.machines.test_install_machine = {
+    clan.networking.targetHost = "test_install_machine";
+    fileSystems."/".device = lib.mkDefault "/dev/null";
+    boot.loader.grub.device = lib.mkDefault "/dev/null";
+
+    imports = [ self.nixosModules.test_install_machine ];
   };
-  flake.clanInternals = clan.clanInternals;
   flake.nixosModules = {
     test_install_machine =
       { lib, modulesPath, ... }:
@@ -43,10 +34,10 @@ in
     let
       dependencies = [
         self
+        self.nixosConfigurations.test_install_machine.config.system.build.toplevel
+        self.nixosConfigurations.test_install_machine.config.system.build.diskoScript
+        self.nixosConfigurations.test_install_machine.config.system.clan.deployment.file
         pkgs.stdenv.drvPath
-        clan.clanInternals.machines.x86_64-linux.test_install_machine.config.system.build.toplevel
-        clan.clanInternals.machines.x86_64-linux.test_install_machine.config.system.build.diskoScript
-        clan.clanInternals.machines.x86_64-linux.test_install_machine.config.system.clan.deployment.file
         pkgs.nixos-anywhere
       ] ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
       closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
diff --git a/flake.nix b/flake.nix
index ef15f5cd6..9624f2415 100644
--- a/flake.nix
+++ b/flake.nix
@@ -25,7 +25,7 @@
   outputs =
     inputs@{ flake-parts, ... }:
     flake-parts.lib.mkFlake { inherit inputs; } (
-      { lib, ... }:
+      { ... }:
       {
         systems = [
           "x86_64-linux"
@@ -35,6 +35,8 @@
         imports = [
           ./checks/flake-module.nix
           ./clanModules/flake-module.nix
+          ./flakeModules/flake-module.nix
+          ./flakeModules/clan.nix
           ./devShell.nix
           ./docs/flake-module
           ./formatter.nix
@@ -42,19 +44,6 @@
           ./nixosModules/flake-module.nix
           ./pkgs/flake-module.nix
           ./templates/flake-module.nix
-          {
-            options.flake = flake-parts.lib.mkSubmoduleOptions {
-              clanInternals = lib.mkOption {
-                type = lib.types.submodule {
-                  options = {
-                    all-machines-json = lib.mkOption { type = lib.types.attrsOf lib.types.str; };
-                    machines = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified); };
-                    machinesFunc = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified); };
-                  };
-                };
-              };
-            };
-          }
         ];
       }
     );
diff --git a/flakeModules/clan.nix b/flakeModules/clan.nix
new file mode 100644
index 000000000..830679447
--- /dev/null
+++ b/flakeModules/clan.nix
@@ -0,0 +1,73 @@
+{
+  config,
+  lib,
+  flake-parts-lib,
+  inputs,
+  self,
+  ...
+}:
+let
+  inherit (lib) mkOption types;
+  buildClan = import ../lib/build-clan {
+    inherit lib;
+    clan-core = self;
+    inherit (inputs) nixpkgs;
+  };
+
+  cfg = config.clan;
+in
+{
+  options.clan = {
+    directory = mkOption {
+      type = types.path;
+      description = "The directory containing the clan subdirectory";
+    };
+    specialArgs = mkOption {
+      type = types.attrsOf types.str;
+      default = { };
+      description = "Extra arguments to pass to nixosSystem i.e. useful to make self available";
+    };
+    machines = mkOption {
+      type = types.attrsOf types.raw;
+      default = { };
+      description = "Allows to include machine-specific modules i.e. machines.\${name} = { ... }";
+    };
+    clanName = mkOption {
+      type = types.str;
+      description = "Needs to be (globally) unique, as this determines the folder name where the flake gets downloaded to.";
+    };
+    clanIcon = mkOption {
+      type = types.nullOr types.path;
+      default = null;
+      description = "A path to an icon to be used for the clan, should be the same for all machines";
+    };
+    pkgsForSystem = mkOption {
+      type = types.functionTo types.raw;
+      default = _system: null;
+      description = "A map from arch to pkgs, if specified this nixpkgs will be only imported once for each system.";
+    };
+  };
+  options.flake = flake-parts-lib.mkSubmoduleOptions {
+    clanInternals = lib.mkOption {
+      type = lib.types.submodule {
+        options = {
+          all-machines-json = lib.mkOption { type = lib.types.attrsOf lib.types.str; };
+          machines = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified); };
+          machinesFunc = lib.mkOption { type = lib.types.attrsOf (lib.types.attrsOf lib.types.unspecified); };
+        };
+      };
+    };
+  };
+  config = {
+    flake = buildClan {
+      inherit (cfg)
+        directory
+        specialArgs
+        machines
+        clanName
+        clanIcon
+        pkgsForSystem
+        ;
+    };
+  };
+}
diff --git a/flakeModules/flake-module.nix b/flakeModules/flake-module.nix
new file mode 100644
index 000000000..fc336da15
--- /dev/null
+++ b/flakeModules/flake-module.nix
@@ -0,0 +1,7 @@
+{ config, ... }:
+{
+  flake.flakeModules = {
+    clan = ./clan.nix;
+    default = config.flake.flakeModules.clan;
+  };
+}
diff --git a/pkgs/installer/flake-module.nix b/pkgs/installer/flake-module.nix
index fea1d77b5..6de665776 100644
--- a/pkgs/installer/flake-module.nix
+++ b/pkgs/installer/flake-module.nix
@@ -18,21 +18,21 @@ let
       { disko.memSize = 4096; } # FIXME: otherwise the image builder goes OOM
     ];
   };
-
-  clan = self.lib.buildClan {
-    clanName = "clan-core";
-    directory = self;
-    machines.installer = installerModule;
-  };
 in
 {
   flake.packages.x86_64-linux.install-iso = self.inputs.disko.lib.makeDiskImages {
     nixosConfig = installer;
   };
-  flake.nixosConfigurations = {
-    inherit (clan.nixosConfigurations) installer;
+
+  clan = {
+    clanName = "clan-core";
+    directory = self;
+    machines.installer = {
+      imports = [ installerModule ];
+      fileSystems."/".device = lib.mkDefault "/dev/null";
+      boot.loader.grub.device = lib.mkDefault "/dev/null";
+    };
   };
-  flake.clanInternals = clan.clanInternals;
   flake.apps.x86_64-linux.install-vm.program = installer.config.formats.vm.outPath;
   flake.apps.x86_64-linux.install-vm-nogui.program = installer.config.formats.vm-nogui.outPath;
 }

From 5ffae2070d659712463633a7cb6b1d7343093aa6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Thu, 4 Apr 2024 11:21:57 +0200
Subject: [PATCH 4/4] drop unused test_backup_client machine

---
 machines/test_backup_client/facts/borgbackup.ssh.pub | 1 -
 1 file changed, 1 deletion(-)
 delete mode 100644 machines/test_backup_client/facts/borgbackup.ssh.pub

diff --git a/machines/test_backup_client/facts/borgbackup.ssh.pub b/machines/test_backup_client/facts/borgbackup.ssh.pub
deleted file mode 100644
index c305404cd..000000000
--- a/machines/test_backup_client/facts/borgbackup.ssh.pub
+++ /dev/null
@@ -1 +0,0 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBIbwIVnLy+uoDZ6uK/OCc1QK46SIGeC3mVc85dqLYQw lass@ignavia