{ inputs }:
let
  nlib = inputs.nixpkgs-edge.lib;

  ellipsis =
    maxlen: take: str:
    if builtins.stringLength str > maxlen then builtins.substring 0 take str + "..." else str;

  denix =
    str:
    builtins.concatStringsSep "/nix/store/..." (
      builtins.filter builtins.isString (builtins.split "(/nix/store/[^ /-]+.?)" str)
    );

  # make a pretty summary of a lib.nixosSystem
  mkNixosConfigSummary =
    nixosSystem:
    let
      cfg = nixosSystem.config;
      inherit (nixosSystem) pkgs;
      inherit (pkgs) lib;
    in
    {
      system =
        if pkgs.stdenv.hostPlatform.system == pkgs.stdenv.buildPlatform.system then
          pkgs.stdenv.hostPlatform.system
        else
          {
            # inherit (pkgs.stdenv) hostPlatform buildPlatform;
            hostPlatform = pkgs.stdenv.hostPlatform.system;
            buildPlatform = pkgs.stdenv.buildPlatform.system;
          };
      inherit (cfg.boot.binfmt) emulatedSystems;
      inherit (cfg.networking) hostName fqdn search;
      inherit (cfg.networking.firewall) allowedTCPPorts allowedUDPPorts;
      buildMachines = lib.pipe cfg.nix.buildMachines [
        (map (buildMachine: "${buildMachine.protocol}:${buildMachine.sshUser}@${buildMachine.hostName}"))
        (lib.sort (a: b: a < b))
      ];
      users = lib.pipe cfg.users.users [
        (lib.filterAttrs (uname: user: user.isNormalUser || user.openssh.authorizedKeys.keys != [ ]))
        (lib.mapAttrs (
          uname: user: {
            inherit (user) home;
            authorizedKeys = lib.sort (a: b: a < b) (
              lib.forEach user.openssh.authorizedKeys.keys (
                key:
                lib.pipe key [
                  (lib.splitString " ")
                  (map denix)
                  (map (ellipsis 60 12))
                  (lib.concatStringsSep " ")
                ]
              )
            );
          }
        ))
      ];
      nix-system-features = cfg.nix.settings.system-features;
      bootloader =
        if cfg.boot.loader.grub.enable then
          "grub"
        else if cfg.boot.loader.systemd-boot.enable then
          "systemd-boot"
        else if cfg.boot.isContainer then
          "container"
        else
          null;
      mounts =
        lib.pipe cfg.fileSystems [
          (lib.filterAttrs (mount: fs: fs.fsType != "nfs")) # spammy
          (lib.mapAttrs (mount: fs: "${fs.fsType}://${fs.device}"))
        ]
        // lib.pipe cfg.swapDevices [
          (lib.map (s: s.device or s.label))
          (
            sx:
            lib.optionalAttrs (sx != [ ]) {
              swap = if lib.length sx == 1 then lib.head sx else sx;
            }
          )
        ];
    }
    // lib.optionalAttrs cfg.services.nginx.enable {
      nginx-vhosts = lib.pipe cfg.services.nginx.virtualHosts [
        (lib.filterAttrs (domain: vhost: vhost == "_"))
        (lib.mapAttrs (domain: vhost: vhost.serverAliases or [ ]))
      ];
    };

in
{
  inherit mkNixosConfigSummary;
}