1  { inputs, lib, list, hosts, ... }: let
 2  
 3    allowed_repositories = [
 4      "nixos-keys"
 5      "nixos-secrets"
 6      "rekeyed-secrets"
 7    ];
 8    domains-host = import ./maps/domains-host.nix;
 9  
10  in {
11    provider = {
12      "gitea" = {
13        base_url = "http://git.cowboyai.local";
14        token = lib.tfRef "var.gitea_token";
15      };
16      "adguard" = {
17        host = "dns-master.home.cowboyai.local";
18        scheme = "http";
19        username = lib.tfRef "var.agh_user";
20        password = lib.tfRef "var.agh_password";
21      };
22    };
23  
24    variable = {
25      "gitea_token" = {
26        type = "string";
27      };
28      "agh_user" = {
29        type = "string";
30      };
31      "agh_password" = {
32        type = "string";
33      };
34    };
35  
36    resource = {
37      "gitea_repository" = builtins.listToAttrs (map (x: {
38        name = x;
39        value = {
40          name = x; private = true;
41          username = "cowboy";
42          default_branch= "master";
43        };
44      }) allowed_repositories);
45  
46      gitea_repository_key = builtins.listToAttrs (lib.flatten (map (repo: (map (host: {
47        name = "${repo}-${host.hostname}"; value = {
48          repository = lib.tfRef "gitea_repository.${repo}.id"; title = host.hostname; read_only = true; key = host.hostkey;
49        };
50      } )list)) allowed_repositories));
51  
52      "adguard_rewrite" = builtins.listToAttrs (lib.flatten (map (host: (map (domain: (map (addr: {
53        name = host.name + "_" + (builtins.replaceStrings [ "." ] [ "_" ] domain); value = {
54          domain = domain; answer = if (builtins.hasAttr "inet" addr) then (addr.inet) else (addr.inet6);
55        };
56      }) (builtins.filter (builtins.hasAttr "inet") (hosts.${host.name}.ip)))) (host.value))) (domains-host)));
57    };
58  }