151 changed files with 1257 additions and 1816 deletions
--- a/README.md
+++ b/README.md
@ -4,12 +4,14 @@ Personal NixOS configuration for my machines, using Nix Flakes for reproducible
 ## Repository Structure
- **flake.nix**: Main entry point for the Nix Flake, defining NixOS and home-manager configurations.
+- **flake.nix**: Main entry point for the Nix Flake, defining NixOS and home-manager configurations
- **hosts/**: Contains the host-specific NixOS configurations.
+- **hosts/**: Host-specific NixOS configurations
- **system/**: Holds system-wide configuration modules that can be shared across different hosts. This includes things like boot settings, desktop environments, hardware configurations, networking, packages, security, and system services.
+- **modules/**: Custom NixOS modules reusable across different hosts
- **users/**: Manages user-specific configurations. It's split into `modules` for reusable home-manager configurations and `phundrak` for my personal configuration.
+- **programs/**: System-level programs shared across hosts
- **keys/**: Public keys for various machines.
+- **secrets/**: Encrypted secrets managed with sops-nix
- **secrets/**: Encrypted secrets managed with `sops-nix`.
+- **system/**: Common system-level configurations shared across hosts
 - **users/phundrak/**: Home-manager configuration for my user
 - **users/modules/**: Custom user modules reusable across configurations
 ## Usage
@ -49,9 +51,24 @@ nh home switch
 Format Nix files (using Alejandra):
 ```bash
-nix fmt .
+nix fmt
 ```
 ## Development
 For development, a devShell is provided with linting tools and git hooks:
 ```bash
 nix develop
 ```
 This will set up an environment with:
 - alejandra (formatting)
 - commitizen (commit messages)
 - deadnix (dead code detection)
 - statix (linting)
 - Other useful git hooks
 ## Contributing
-Feel free to fork this repository and make your own changes. If you have any improvements or suggestions, please open an issue or submit a pull request.
+Feel free to fork this repository and make your own changes. If you have any improvements or suggestions, please open an issue or submit a pull request.
--- a/flake.lock
+++ b/flake.lock
@ -9,20 +9,16 @@
          "devenv"
        ],
        "git-hooks": [
-          "devenv",
+          "devenv"
          "git-hooks"
        ],
-        "nixpkgs": [
+        "nixpkgs": "nixpkgs"
          "devenv",
          "nixpkgs"
        ]
      },
      "locked": {
-        "lastModified": 1748883665,
+        "lastModified": 1744206633,
-        "narHash": "sha256-R0W7uAg+BLoHjMRMQ8+oiSbTq8nkGz5RDpQ+ZfxxP3A=",
+        "narHash": "sha256-pb5aYkE8FOoa4n123slgHiOf1UbNSnKe5pEZC+xXD5g=",
        "owner": "cachix",
        "repo": "cachix",
-        "rev": "f707778d902af4d62d8dd92c269f8e70de09acbe",
+        "rev": "8a60090640b96f9df95d1ab99e5763a586be1404",
        "type": "github"
      },
      "original": {
@ -38,16 +34,14 @@
        "flake-compat": "flake-compat",
        "git-hooks": "git-hooks",
        "nix": "nix",
-        "nixpkgs": [
+        "nixpkgs": "nixpkgs_3"
          "nixpkgs"
        ]
      },
      "locked": {
-        "lastModified": 1755961020,
+        "lastModified": 1747717470,
-        "narHash": "sha256-Fs0CWiUA78Qgbc9zVk+zUN7pEkMPffnd//JsDtUUWBM=",
+        "narHash": "sha256-tk2mRZAf8C5uOkMVJHemJ3ld09CYVp/z94/lHqsQ8ZA=",
        "owner": "cachix",
        "repo": "devenv",
-        "rev": "abb198476023189fc45a01bd6502f5ca6ea62bd0",
+        "rev": "c7f2256ee4a4a4ee9cbf1e82a6e49b253c374995",
        "type": "github"
      },
      "original": {
@ -59,11 +53,11 @@
    "flake-compat": {
      "flake": false,
      "locked": {
-        "lastModified": 1747046372,
+        "lastModified": 1733328505,
-        "narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
+        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
+        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
        "type": "github"
      },
      "original": {
@ -81,11 +75,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1733312601,
+        "lastModified": 1712014858,
-        "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
+        "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
        "owner": "hercules-ci",
        "repo": "flake-parts",
-        "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
+        "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
        "type": "github"
      },
      "original": {
@ -94,29 +88,10 @@
        "type": "github"
      }
    },
    "flake-utils": {
      "inputs": {
        "systems": "systems"
      },
      "locked": {
        "lastModified": 1731533236,
        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
        "owner": "numtide",
        "repo": "flake-utils",
        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
        "type": "github"
      },
      "original": {
        "owner": "numtide",
        "repo": "flake-utils",
        "type": "github"
      }
    },
    "git-hooks": {
      "inputs": {
        "flake-compat": [
-          "devenv",
+          "devenv"
          "flake-compat"
        ],
        "gitignore": "gitignore",
        "nixpkgs": [
@ -125,11 +100,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1750779888,
+        "lastModified": 1746537231,
-        "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=",
+        "narHash": "sha256-Wb2xeSyOsCoTCTj7LOoD6cdKLEROyFAArnYoS+noCWo=",
        "owner": "cachix",
        "repo": "git-hooks.nix",
-        "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d",
+        "rev": "fa466640195d38ec97cf0493d6d6882bc4d14969",
        "type": "github"
      },
      "original": {
@ -167,11 +142,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755914636,
+        "lastModified": 1748134483,
-        "narHash": "sha256-VJ+Gm6YsHlPfUCpmRQxvdiZW7H3YPSrdVOewQHAhZN8=",
+        "narHash": "sha256-5PBK1nV8X39K3qUj8B477Aa2RdbLq3m7wRxUKRtggX4=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "8b55a6ac58b678199e5bba701aaff69e2b3281c0",
+        "rev": "c1e671036224089937e111e32ea899f59181c383",
        "type": "github"
      },
      "original": {
@ -180,39 +155,51 @@
        "type": "github"
      }
    },
    "libgit2": {
      "flake": false,
      "locked": {
        "lastModified": 1697646580,
        "narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
        "owner": "libgit2",
        "repo": "libgit2",
        "rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
        "type": "github"
      },
      "original": {
        "owner": "libgit2",
        "repo": "libgit2",
        "type": "github"
      }
    },
    "nix": {
      "inputs": {
        "flake-compat": [
-          "devenv",
+          "devenv"
          "flake-compat"
        ],
        "flake-parts": "flake-parts",
-        "git-hooks-nix": [
+        "libgit2": "libgit2",
-          "devenv",
+        "nixpkgs": "nixpkgs_2",
          "git-hooks"
        ],
        "nixpkgs": [
          "devenv",
          "nixpkgs"
        ],
        "nixpkgs-23-11": [
          "devenv"
        ],
        "nixpkgs-regression": [
          "devenv"
        ],
        "pre-commit-hooks": [
          "devenv"
        ]
      },
      "locked": {
-        "lastModified": 1755029779,
+        "lastModified": 1745930071,
-        "narHash": "sha256-3+GHIYGg4U9XKUN4rg473frIVNn8YD06bjwxKS1IPrU=",
+        "narHash": "sha256-bYyjarS3qSNqxfgc89IoVz8cAFDkF9yPE63EJr+h50s=",
-        "owner": "cachix",
+        "owner": "domenkozar",
        "repo": "nix",
-        "rev": "b0972b0eee6726081d10b1199f54de6d2917f861",
+        "rev": "b455edf3505f1bf0172b39a735caef94687d0d9c",
        "type": "github"
      },
      "original": {
-        "owner": "cachix",
+        "owner": "domenkozar",
-        "ref": "devenv-2.30",
+        "ref": "devenv-2.24",
        "repo": "nix",
        "type": "github"
      }
@ -224,11 +211,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755404379,
+        "lastModified": 1748145500,
-        "narHash": "sha256-Q6ZxZDBmD/B988Jjbx7/NchxOKIpOKBBrx9Yb0zMzpQ=",
+        "narHash": "sha256-t9fx0l61WOxtWxXCqlXPWSuG/0XMF9DtE2T7KXgMqJw=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "ebbc1c05f786ae39bb5e04e57bf2c10c44a649e3",
+        "rev": "a98adbf54d663395df0b9929f6481d4d80fc8927",
        "type": "github"
      },
      "original": {
@ -239,11 +226,59 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1755615617,
+        "lastModified": 1733212471,
-        "narHash": "sha256-HMwfAJBdrr8wXAkbGhtcby1zGFvs+StOp19xNsbqdOg=",
+        "narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixos-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_2": {
      "locked": {
        "lastModified": 1717432640,
        "narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "release-24.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_3": {
      "locked": {
        "lastModified": 1746807397,
        "narHash": "sha256-zU2z0jlkJGWLhdNr/8AJSxqK8XD0IlQgHp3VZcP56Aw=",
        "owner": "cachix",
        "repo": "devenv-nixpkgs",
        "rev": "c5208b594838ea8e6cca5997fbf784b7cca1ca90",
        "type": "github"
      },
      "original": {
        "owner": "cachix",
        "ref": "rolling",
        "repo": "devenv-nixpkgs",
        "type": "github"
      }
    },
    "nixpkgs_4": {
      "locked": {
        "lastModified": 1748026106,
        "narHash": "sha256-6m1Y3/4pVw1RWTsrkAK2VMYSzG4MMIj7sqUy7o8th1o=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "20075955deac2583bb12f07151c2df830ef346b4",
+        "rev": "063f43f2dbdef86376cc29ad646c45c46e93234c",
        "type": "github"
      },
      "original": {
@ -255,18 +290,17 @@
    },
    "pumo-system-info": {
      "inputs": {
        "flake-utils": "flake-utils",
        "nixpkgs": [
          "nixpkgs"
        ],
        "rust-overlay": "rust-overlay"
      },
      "locked": {
-        "lastModified": 1748984111,
+        "lastModified": 1748127405,
-        "narHash": "sha256-SP1/+cCHnPg0UqylHCzeKNx61wGapLrYRn5UKiiDicc=",
+        "narHash": "sha256-5Xh7VXmjeK5m8Dxt2bti8A2HdkpmPftHc2+WXH3tQH8=",
        "ref": "refs/heads/develop",
-        "rev": "f9fe233b6cb669a718a0ddb529793159d39ba32e",
+        "rev": "06fa652f9626590a9727f3ec8b48330ad3fcb78f",
-        "revCount": 9,
+        "revCount": 6,
        "type": "git",
        "url": "https://labs.phundrak.com/phundrak/pumo-system-info"
      },
@ -275,34 +309,13 @@
        "url": "https://labs.phundrak.com/phundrak/pumo-system-info"
      }
    },
    "quickshell": {
      "inputs": {
        "nixpkgs": [
          "nixpkgs"
        ]
      },
      "locked": {
        "lastModified": 1753595452,
        "narHash": "sha256-vqkSDvh7hWhPvNjMjEDV4KbSCv2jyl2Arh73ZXe274k=",
        "ref": "refs/heads/master",
        "rev": "a5431dd02dc23d9ef1680e67777fed00fe5f7cda",
        "revCount": 665,
        "type": "git",
        "url": "https://git.outfoxxed.me/quickshell/quickshell"
      },
      "original": {
        "type": "git",
        "url": "https://git.outfoxxed.me/quickshell/quickshell"
      }
    },
    "root": {
      "inputs": {
        "devenv": "devenv",
        "home-manager": "home-manager",
        "nix-index-database": "nix-index-database",
-        "nixpkgs": "nixpkgs",
+        "nixpkgs": "nixpkgs_4",
        "pumo-system-info": "pumo-system-info",
        "quickshell": "quickshell",
        "sops-nix": "sops-nix",
        "zen-browser": "zen-browser"
      }
@ -315,11 +328,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1748918260,
+        "lastModified": 1748054080,
-        "narHash": "sha256-KhXNXQ5IDLvwwYfJ0pXDjwIuisZ2qM6F7fcXjIGZy/4=",
+        "narHash": "sha256-rwFiLLNCwkj9bqePtH1sMqzs1xmohE0Ojq249piMzF4=",
        "owner": "oxalica",
        "repo": "rust-overlay",
-        "rev": "c9736155bc1eb7c7cf3a925920850e61c07ab22a",
+        "rev": "2221d8d53c128beb69346fa3ab36da3f19bb1691",
        "type": "github"
      },
      "original": {
@ -335,11 +348,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1754988908,
+        "lastModified": 1747603214,
-        "narHash": "sha256-t+voe2961vCgrzPFtZxha0/kmFSHFobzF00sT8p9h0U=",
+        "narHash": "sha256-lAblXm0VwifYCJ/ILPXJwlz0qNY07DDYdLD+9H+Wc8o=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "3223c7a92724b5d804e9988c6b447a0d09017d48",
+        "rev": "8d215e1c981be3aa37e47aeabd4e61bb069548fd",
        "type": "github"
      },
      "original": {
@ -348,21 +361,6 @@
        "type": "github"
      }
    },
    "systems": {
      "locked": {
        "lastModified": 1681028828,
        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
        "owner": "nix-systems",
        "repo": "default",
        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
        "type": "github"
      },
      "original": {
        "owner": "nix-systems",
        "repo": "default",
        "type": "github"
      }
    },
    "zen-browser": {
      "inputs": {
        "nixpkgs": [
@ -370,11 +368,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1754886070,
+        "lastModified": 1748059546,
-        "narHash": "sha256-MZDmxOkVKL1HY72bliN8Gxh0SYkHUa3W/1fTU2ke36I=",
+        "narHash": "sha256-e0jy8RU8ofOdeS5gF9Hir+M5Wn0q7D8MkpeQXsOJdu4=",
        "owner": "youwen5",
        "repo": "zen-browser-flake",
-        "rev": "e37d2b326311320c8571111b3ef89b29d26d4b64",
+        "rev": "716a5af28d686d67146d01b14112c919b6133a84",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -2,33 +2,24 @@
  description = "Home Manager configuration of phundrak";
  inputs = {
    # Specify the source of Home Manager and Nixpkgs.
    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
    devenv = {
      url = "github:cachix/devenv";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    home-manager = {
      url = "github:nix-community/home-manager";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    nix-index-database = {
      url = "github:nix-community/nix-index-database";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    devenv.url = "github:cachix/devenv";
    pumo-system-info = {
      url = "git+https://labs.phundrak.com/phundrak/pumo-system-info";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    quickshell = {
      url = "git+https://git.outfoxxed.me/quickshell/quickshell";
      inputs.nixpkgs.follows = "nixpkgs";
    };
    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs";
@ -84,23 +75,14 @@
    };
    homeConfigurations = {
      "phundrak@alys" = home-manager.lib.homeManagerConfiguration {
        pkgs = nixpkgs.legacyPackages.x86_64-linux;
        extraSpecialArgs = {
          inherit inputs outputs;
        };
        modules = [
          ./users/phundrak/host/alys.nix
          inputs.sops-nix.homeManagerModules.sops
        ];
      };
      "phundrak@marpa" = home-manager.lib.homeManagerConfiguration {
        pkgs = nixpkgs.legacyPackages.x86_64-linux;
        extraSpecialArgs = {
          inherit inputs outputs;
          home-conf = "fullHome";
        };
        modules = [
-          ./users/phundrak/host/marpa.nix
+          ./users/phundrak/marpa.nix
          inputs.sops-nix.homeManagerModules.sops
        ];
      };
@ -108,9 +90,10 @@
        pkgs = nixpkgs.legacyPackages.x86_64-linux;
        extraSpecialArgs = {
          inherit inputs outputs;
          home-conf = "fullHome";
        };
        modules = [
-          ./users/phundrak/host/gampo.nix
+          ./users/phundrak/gampo.nix
          inputs.sops-nix.homeManagerModules.sops
        ];
      };
@ -118,22 +101,16 @@
        pkgs = nixpkgs.legacyPackages.x86_64-linux;
        extraSpecialArgs = {
          inherit inputs outputs;
          home-conf = "minimal";
        };
        modules = [
-          ./users/phundrak/host/tilo.nix
+          ./users/phundrak/tilo.nix
          inputs.sops-nix.homeManagerModules.sops
        ];
      };
    };
    nixosConfigurations = {
      alys = nixpkgs.lib.nixosSystem {
        specialArgs = {inherit inputs outputs;};
        modules = [
          ./hosts/alys/configuration.nix
          inputs.sops-nix.nixosModules.sops
        ];
      };
      gampo = nixpkgs.lib.nixosSystem {
        specialArgs = {inherit inputs outputs;};
        modules = [
--- a/hosts/alys/configuration.nix
+++ b/hosts/alys/configuration.nix
@ -1,41 +0,0 @@
 {inputs, ...}: {
  imports = [
    ./hardware-configuration.nix
    inputs.home-manager.nixosModules.default
    ../../system
  ];
  mySystem = {
    boot = {
      kernel.hardened = true;
      systemd-boot = false;
      zram = {
        enable = true;
        memoryMax = 512;
      };
    };
    dev.docker.enable = true;
    networking = {
      hostname = "alys";
      domain = "phundrak.com";
      id = "41157110";
    };
    packages.nix = {
      gc.automatic = true;
      trusted-users = ["root" "phundrak"];
    };
    services = {
      endlessh.enable = true;
      ssh = {
        enable = true;
        allowedUsers = ["phundrak"];
        passwordAuthentication = false;
      };
    };
    users = {
      root.disablePassword = true;
      phundrak.enable = true;
    };
  };
  system.stateVersion = "23.11";
 }
--- a/hosts/alys/hardware-configuration.nix
+++ b/hosts/alys/hardware-configuration.nix
@ -1,28 +0,0 @@
 {
  modulesPath,
  lib,
  ...
 }: {
  imports = [(modulesPath + "/profiles/qemu-guest.nix")];
  boot = {
    loader.grub = {
      efiSupport = true;
      efiInstallAsRemovable = true;
      device = "nodev";
    };
    initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
    initrd.kernelModules = ["nvme"];
  };
  fileSystems = {
    "/" = {
      device = "/dev/vda1";
      fsType = "ext4";
    };
    "/boot" = {
      device = "/dev/disk/by-uuid/F137-8D01";
      fsType = "vfat";
    };
  };
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
 }
--- a/hosts/gampo/configuration.nix
+++ b/hosts/gampo/configuration.nix
@ -7,71 +7,52 @@
  imports = [
    inputs.sops-nix.nixosModules.sops
    ./hardware-configuration.nix
-    ../../system
+    ./services
    ../../modules/opentablet.nix
    ../../modules/sops.nix
    ../../modules/system.nix
    ../../programs/flatpak.nix
    ../../programs/hyprland.nix
    ../../programs/steam.nix
  ];
  mySystem = {
    boot = {
      plymouth.enable = true;
      kernel = {
        cpuVendor = "intel";
        package = pkgs.linuxPackages;
        modules = ["i915"];
      };
      systemd-boot = true;
    };
    desktop = {
      hyprland.enable = true;
      xserver = {
        enable = true;
        de = "gnome";
      };
    };
    dev.docker = {
      enable = true;
      podman.enable = true;
      autoprune.enable = true;
    };
    hardware = {
      bluetooth.enable = true;
      corne.allowHidAccess = true;
      ibmTrackpoint.disable = true;
      opentablet.enable = true;
      sound.enable = true;
    };
    misc.keymap = "fr-bepo";
    networking = {
      hostname = "gampo";
      id = "0630b33f";
      hostFiles = [config.sops.secrets.extraHosts.path];
    };
    packages = {
      appimage.enable = true;
      flatpak.enable = true;
      nix = {
        nix-ld.enable = true;
        trusted-users = ["root" "phundrak"];
      };
    };
    programs.steam.enable = true;
    services = {
      fwupd.enable = true;
      ssh.enable = true;
    };
    users = {
      root.disablePassword = true;
      phundrak.enable = true;
    };
  };
  sops.secrets.extraHosts = {
    inherit (config.users.users.root) group;
    owner = config.users.users.phundrak.name;
    mode = "0440";
  };
  boot.initrd.kernelModules = ["i915"];
  system = {
    boot.plymouth.enable = true;
    docker = {
      enable = true;
      autoprune.enable = true;
      podman.enable = true;
    };
    networking = {
      hostname = "gampo";
      id = "0630b33f";
      hostFiles = [config.sops.secrets.extraHosts.path];
    };
    sound.enable = true;
  };
  modules.hyprland.enable = true;
  security.rtkit.enable = true;
  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
    curl
    openssl
    wget
  ];
  nix.settings.trusted-users = ["root" "phundrak"];
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database
  # versions on your system were taken. It‘s perfectly fine and
--- a/hosts/gampo/services/default.nix
+++ b/hosts/gampo/services/default.nix
@ -0,0 +1,15 @@
 {
  imports = [
    ./gnome.nix
  ];
  services = {
    # Enable CUPS to print documents.
    printing.enable = true;
    openssh.enable = true;
    fwupd.enable = true;
    udev.extraRules = ''
      ATTRS{name}=="*TPPS/2 IBM TrackPoint", ENV{ID_INPUT}="", ENV{ID_INPUT_MOUSE}="", ENV{ID_INPUT_POINTINGSTICK}=""
    '';
  };
 }
--- a/hosts/gampo/services/gnome.nix
+++ b/hosts/gampo/services/gnome.nix
@ -0,0 +1,11 @@
 {
  services.xserver = {
    enable = true;
    displayManager.gdm.enable = true;
    desktopManager.gnome.enable = true;
    xkb = {
      layout = "fr";
      variant = "bepo";
    };
  };
 }
--- a/hosts/marpa/configuration.nix
+++ b/hosts/marpa/configuration.nix
@ -1,48 +1,42 @@
 {
  config,
  pkgs,
  inputs,
  ...
 }: {
  imports = [
    inputs.sops-nix.nixosModules.sops
-    ./hardware-configuration.nix
+    ./system/hardware-configuration.nix
-    ../../system
+    ./services
    ../../modules/opentablet.nix
    ../../modules/sops.nix
    ../../modules/system.nix
    ../../programs/flatpak.nix
    ../../programs/hyprland.nix
    ../../programs/steam.nix
  ];
-  mySystem = {
+  sops.secrets.extraHosts = {
-    boot = {
+    inherit (config.users.users.root) group;
-      extraModprobeConfig = ''
+    owner = config.users.users.phundrak.name;
-        options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
+    mode = "0440";
-      '';
+  };
-      plymouth.enable = true;
+
-      kernel.cpuVendor = "amd";
+  security.polkit.enable = true;
-      systemd-boot = true;
+
-    };
+  fileSystems."/games" = {
-    desktop = {
+    device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
-      hyprland.enable = true;
+    fsType = "ext4";
-      niri.enable = true;
+  };
-      xserver = {
+
-        enable = true;
+  system = {
-        de = "gnome";
+    amdgpu.enable = true;
-      };
+    boot.plymouth.enable = true;
-    };
+    docker = {
    dev.docker = {
      enable = true;
      podman.enable = true;
      autoprune.enable = true;
    };
    hardware = {
      amdgpu.enable = true;
      bluetooth.enable = true;
      corne.allowHidAccess = true;
      opentablet.enable = true;
      sound = {
        enable = true;
        jack = true;
        scarlett.enable = true;
      };
    };
    misc.keymap = "fr-bepo";
    networking = {
      hostname = "marpa";
      id = "7EA4A111";
@ -55,45 +49,31 @@
        }
      ];
    };
-    packages = {
+    sound = {
-      appimage.enable = true;
+      enable = true;
-      flatpak.enable = true;
+      jack = true;
      nix = {
        nix-ld.enable = true;
        trusted-users = ["root" "phundrak"];
      };
    };
    programs.steam.enable = true;
    services = {
      fwupd.enable = true;
      printing.enable = true;
      ssh.enable = true;
      sunshine = {
        enable = true;
        autostart = true;
      };
    };
    users = {
      root.disablePassword = true;
      phundrak.enable = true;
    };
  };
-  sops.secrets.extraHosts = {
+  modules.hyprland.enable = true;
    inherit (config.users.users.root) group;
    owner = config.users.users.phundrak.name;
    mode = "0440";
  };
-  security = {
+  security.rtkit.enable = true;
    polkit.enable = true;
    rtkit.enable = true;
  };
-  fileSystems."/games" = {
+  nix.settings.trusted-users = ["root" "phundrak"];
-    device = "/dev/disk/by-uuid/77d32db8-2e85-4593-b6b8-55d4f9d14e1a";
+
-    fsType = "ext4";
+  environment.systemPackages = with pkgs; [
-  };
+    clinfo # AMD
    curl
    openssl
    wget
    alsa-scarlett-gui
  ];
  boot.extraModprobeConfig = ''
    options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
  '';
  programs.nix-ld.enable = true;
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
--- a/hosts/marpa/services/default.nix
+++ b/hosts/marpa/services/default.nix
@ -1,24 +1,24 @@
 {
-  # imports = [
+  imports = [
-  #   ./logind.nix
+    ../../../modules/ssh.nix
-  #   ../../../system
+    ../../../modules/sunshine.nix
-  # ];
+    ../../../modules/xserver.nix
-  # imports = [
+  ];
  #   ./logind.nix
  #   ../../../modules/ssh.nix
  #   ../../../modules/sunshine.nix
  # ];
-  # modules = {
+  modules = {
-  #   sunshine = {
+    sunshine = {
-  #     enable = true;
+      enable = true;
-  #     autostart = true;
+      autostart = true;
-  #   };
+    };
-  # };
+    xserver = {
-  # services = {
+      amdgpu.enable = true;
-  #   blueman.enable = true;
+      de = "gnome";
-  #   fwupd.enable = true;
+    };
-  #   printing.enable = true;
+  };
-  #   openssh.enable = true;
+  services = {
-  # };
+    blueman.enable = true;
    fwupd.enable = true;
    printing.enable = true;
    openssh.enable = true;
  };
 }
--- a/hosts/marpa/services/logind.nix
+++ b/hosts/marpa/services/logind.nix
@ -1,6 +0,0 @@
 {
  services.logind = {
    powerKey = "ignore";
    powerKeyLongPress = "ignore";
  };
 }
--- a/hosts/marpa/system/hardware-configuration.nix
+++ b/hosts/marpa/system/hardware-configuration.nix
--- a/hosts/tilo/configuration.nix
+++ b/hosts/tilo/configuration.nix
@ -1,15 +1,23 @@
 # Edit this configuration file to define what should be installed on your
 # system.  Help is available in the configuration.nix(5) man page and in
 # the NixOS manual (accessible by running ‘nixos-help’).
-{inputs, ...}: {
+{
  pkgs,
  inputs,
  ...
 }: {
  imports = [
    ./hardware-configuration.nix
    inputs.home-manager.nixosModules.default
-    ../../system
+    ../../modules/locale.nix
-    ./services
+    ../../modules/system.nix
    ../../modules/ssh.nix
    ../../modules/endlessh.nix
    ../../programs/nano.nix
  ];
-  mySystem = {
+  system = {
    amdgpu.enable = false;
    boot = {
      kernel = {
        hardened = true;
@ -20,43 +28,51 @@
        pools = ["tank"];
      };
    };
-    dev.docker.enable = true;
+    docker.enable = true;
    misc.keymap = "fr-bepo";
    networking = {
      hostname = "tilo";
      id = "7110b33f";
      firewall = {
        openPorts = [
          22 # SSH
          80 # HTTP
          443 # HTTPS
          2222 # endlessh
          25565 # Minecraft
        ];
        extraCommands = ''
          iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
          iptables -I INPUT 1 -i 172.16.0.0/12 -p tcp -d 172.17.0.1 -j ACCEPT
        '';
      };
    };
-    packages.nix = {
+    nix.gc.automatic = true;
-      gc.automatic = true;
+    sound.enable = false;
      trusted-users = ["root" "phundrak"];
    };
    services = {
      calibre.enable = true;
      endlessh.enable = true;
      jellyfin.enable = true;
      plex = {
        enable = true;
        dataDir = "/tank/web/stacks/plex/plex-config";
      };
      ssh = {
        enable = true;
        allowedUsers = ["phundrak"];
        passwordAuthentication = false;
      };
    };
    users = {
      root.disablePassword = true;
-      phundrak.enable = true;
+      phundrak = true;
    };
    console.keyMap = "fr-bepo";
  };
  modules = {
    ssh = {
      enable = true;
      allowedUsers = ["phundrak"];
      passwordAuthentication = false;
    };
    endlessh.enable = true;
  };
  nixpkgs.config.allowUnfree = true;
  environment.systemPackages = [pkgs.openssl];
  # imports = [
  #   # Include the results of the hardware scan.
  #   ./services.nix
  # ];
  # This value determines the NixOS release from which the default
  # settings for stateful data, like file locations and database versions
  # on your system were taken. It‘s perfectly fine and recommended to leave
--- a/hosts/tilo/services/default.nix
+++ b/hosts/tilo/services/default.nix
@ -1,3 +0,0 @@
 {
  imports = [./nextcloud-cron.nix];
 }
--- a/hosts/tilo/services/nextcloud-cron.nix
+++ b/hosts/tilo/services/nextcloud-cron.nix
@ -1,33 +0,0 @@
 {pkgs, ...}: {
  systemd = {
    timers."nextcloud-cron" = {
      wantedBy = ["timers.target"];
      timerConfig = {
        OnBootSec = "20m";
        OnUnitActiveSec = "20m";
        Unit = "nextcloud-cron.service";
      };
    };
    services."nextcloud-cron" = {
      script = ''
        CONTAINER_NAME="nextcloud-nextcloud-1"
        is_container_running() {
          ${pkgs.docker}/bin/docker inspect -f '{{.State.Running}}' "$CONTAINER_NAME" 2>/dev/null | grep -q "true"
        }
        while ! is_container_running; do
            echo "Waiting for $CONTAINER_NAME to start..."
            sleep 10
        done
        echo "$CONTAINER_NAME is running. Executing CRON job..."
        ${pkgs.docker}/bin/docker exec -u www-data -it nextcloud-nextcloud-1 php /var/www/html/cron.php
      '';
      serviceConfig = {
        Type = "oneshot";
        User = "root";
      };
    };
  };
 }
--- a/keys/id_alys.pub
+++ b/keys/id_alys.pub
@ -1 +0,0 @@
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTv1lb6d99O84jeh6GdjPm8Gnt/HncSRhGhmoTq7BMK lucien@phundrak.com
--- a/system/hardware/amdgpu.nix
+++ b/system/hardware/amdgpu.nix
@ -5,18 +5,13 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.hardware.amdgpu;
+  cfg = config.modules.amdgpu;
 in {
-  options.mySystem.hardware.amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
+  options.modules.amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
  config = mkIf cfg.enable {
    systemd.tmpfiles.rules = [
      "L+    /opt/rocm/hip   -    -    -     -    ${pkgs.rocmPackages.clr}"
    ];
    hardware.graphics.extraPackages = with pkgs; [rocmPackages.clr.icd];
    environment.systemPackages = with pkgs; [
      clinfo
      amdgpu_top
      nvtopPackages.amd
    ];
  };
 }
--- a/system/boot/boot.nix
+++ b/system/boot/boot.nix
@ -5,16 +5,10 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.boot;
+  cfg = config.modules.boot;
 in {
-  options.mySystem.boot = {
+  options.modules.boot = {
-    extraModprobeConfig = mkOption {
+    amdgpu.enable = mkEnableOption "Enables an AMD GPU configuration";
      type = types.lines;
      default = "";
      example = ''
        options snd_usb_audio vid=0x1235 pid=0x8212 device_setup=1
      '';
    };
    kernel = {
      package = mkOption {
        type = types.raw;
@ -36,11 +30,6 @@ in {
      };
      hardened = mkEnableOption "Enables hardened Linux kernel";
    };
    systemd-boot = mkOption {
      type = types.bool;
      default = true;
      description = "Does the system use systemd-boot?";
    };
    zfs = {
      enable = mkEnableOption "Enables ZFS";
      pools = mkOption {
@ -51,10 +40,10 @@ in {
  };
  config.boot = {
-    initrd.kernelModules = lists.optional config.mySystem.hardware.amdgpu.enable "amdgpu";
+    initrd.kernelModules = lists.optional cfg.amdgpu.enable "amdgpu";
    loader = {
-      systemd-boot.enable = cfg.systemd-boot;
+      systemd-boot.enable = true;
-      efi.canTouchEfiVariables = cfg.systemd-boot;
+      efi.canTouchEfiVariables = true;
    };
    supportedFilesystems = mkIf cfg.zfs.enable ["zfs"];
    zfs.extraPools = mkIf cfg.zfs.enable cfg.zfs.pools;
--- a/modules/dev/docker.nix
+++ b/modules/dev/docker.nix
@ -4,9 +4,9 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.dev.docker;
+  cfg = config.modules.docker;
 in {
-  options.mySystem.dev.docker = {
+  options.modules.docker = {
    enable = mkEnableOption "Enable Docker";
    podman.enable = mkEnableOption "Enable Podman rather than Docker";
    nvidia.enable = mkEnableOption "Activate Nvidia support";
--- a/system/services/endlessh.nix
+++ b/system/services/endlessh.nix
@ -4,9 +4,9 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.services.endlessh;
+  cfg = config.modules.endlessh;
 in {
-  options.mySystem.services.endlessh = {
+  options.modules.endlessh = {
    enable = mkEnableOption "Enables endlessh.";
    port = mkOption {
      type = types.port;
--- a/modules/keys/id_gampo.pub
+++ b/modules/keys/id_gampo.pub
--- a/modules/keys/id_marpa.pub
+++ b/modules/keys/id_marpa.pub
--- a/modules/keys/id_opn4.pub
+++ b/modules/keys/id_opn4.pub
--- a/modules/keys/id_tilo.pub
+++ b/modules/keys/id_tilo.pub
--- a/system/i18n/locale.nix
+++ b/system/i18n/locale.nix
--- a/system/network/networking.nix
+++ b/system/network/networking.nix
@ -4,35 +4,30 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.networking;
+  cfg = config.modules.networking;
 in {
-  options.mySystem.networking = with types; {
+  options.modules.networking = {
    hostname = mkOption {
-      type = str;
+      type = types.str;
      example = "gampo";
    };
    id = mkOption {
-      type = str;
+      type = types.str;
      example = "deadb33f";
    };
    domain = mkOption {
      type = nullOr str;
      example = "phundrak.com";
      default = null;
    };
    hostFiles = mkOption {
-      type = listOf path;
+      type = types.listOf types.path;
      example = [/path/to/hostFile];
      default = [];
    };
    firewall = {
      openPorts = mkOption {
-        type = listOf int;
+        type = types.listOf types.int;
        example = [22 80 443];
        default = [];
      };
      openPortRanges = mkOption {
-        type = listOf (attrsOf port);
+        type = types.listOf (types.attrsOf types.port);
        default = [];
        example = [
          {
@ -46,7 +41,7 @@ in {
        '';
      };
      extraCommands = mkOption {
-        type = nullOr lines;
+        type = types.nullOr types.lines;
        example = "iptables -A INPUTS -p icmp -j ACCEPT";
        default = null;
      };
@ -57,7 +52,7 @@ in {
    hostName = cfg.hostname; # Define your hostname.
    hostId = cfg.id;
    networkmanager.enable = true;
-    inherit (cfg) hostFiles domain;
+    inherit (cfg) hostFiles;
    firewall = {
      enable = true;
      allowedTCPPorts = cfg.firewall.openPorts;
--- a/system/packages/nix.nix
+++ b/system/packages/nix.nix
@ -4,11 +4,10 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.packages.nix;
+  cfg = config.modules.nix;
 in {
-  options.mySystem.packages.nix = {
+  options.modules.nix = {
-    allowUnfree = mkEnableOption "Enable unfree packages";
+    disableSandbox = mkEnableOption "Disables Nix sandbox";
    disableSandbox = mkEnableOption "Disable Nix sandbox";
    gc = {
      automatic = mkOption {
        type = types.bool;
@ -23,27 +22,17 @@ in {
        default = "--delete-older-than 30d";
      };
    };
    nix-ld.enable = mkEnableOption "Enable unpatched binaries support";
    trusted-users = mkOption {
      type = types.listOf types.str;
      example = ["alice" "bob"];
      default = [];
    };
  };
  config = {
    nix = {
      inherit (cfg) gc;
      settings = {
        inherit (cfg) trusted-users;
        sandbox = cfg.disableSandbox;
        experimental-features = ["nix-command" "flakes"];
        auto-optimise-store = true;
      };
      inherit (cfg) gc;
    };
    nixpkgs.config.allowUnfree = true;
    programs = {
      inherit (cfg) nix-ld;
    };
  };
 }
--- a/modules/opentablet.nix
+++ b/modules/opentablet.nix
@ -0,0 +1,6 @@
 {
  hardware.opentabletdriver = {
    enable = true;
    daemon.enable = true;
  };
 }
--- a/system/boot/plymouth.nix
+++ b/system/boot/plymouth.nix
@ -5,9 +5,9 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.boot.plymouth;
+  cfg = config.modules.boot.plymouth;
 in {
-  options.mySystem.boot.plymouth.enable = mkEnableOption "Enables Plymouth at system boot";
+  options.modules.boot.plymouth.enable = mkEnableOption "Enables Plymouth at system boot";
  config.boot = mkIf cfg.enable {
    plymouth = {
      inherit (cfg) enable;
--- a/system/security/sops.nix
+++ b/system/security/sops.nix
@ -1,6 +1,6 @@
 {
  sops = {
-    defaultSopsFile = ../../secrets/secrets.yaml;
+    defaultSopsFile = ../secrets/secrets.yaml;
    defaultSopsFormat = "yaml";
    age = {
      # automatically import user SSH keys as age keys
--- a/system/hardware/sound.nix
+++ b/system/hardware/sound.nix
@ -5,11 +5,10 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.hardware.sound;
+  cfg = config.modules.sound;
 in {
-  options.mySystem.hardware.sound = {
+  options.modules.sound = {
    enable = mkEnableOption "Whether to enable sounds with Pipewire";
    scarlett.enable = mkEnableOption "Activate support for Scarlett sound card";
    alsa = mkOption {
      type = types.bool;
      example = true;
@ -30,18 +29,12 @@ in {
    };
  };
-  config = {
+  config.services.pipewire = mkIf cfg.enable {
-    environment.systemPackages = mkIf cfg.scarlett.enable [pkgs.alsa-scarlett-gui];
+    enable = true;
-    services.pipewire = mkIf cfg.enable {
+    alsa = mkIf cfg.alsa {
-      enable = true;
+      enable = mkDefault true;
-      alsa = mkIf cfg.alsa {
+      support32Bit = mkDefault true;
        enable = mkDefault true;
        support32Bit = mkDefault true;
      };
      jack.enable = mkDefault cfg.jack;
    };
    programs.noisetorch = mkIf cfg.enable {
      inherit (cfg) enable;
    };
    jack.enable = mkDefault cfg.jack;
  };
 }
--- a/system/services/ssh.nix
+++ b/system/services/ssh.nix
@ -4,9 +4,9 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.services.ssh;
+  cfg = config.modules.ssh;
 in {
-  options.mySystem.services.ssh = {
+  options.modules.ssh = {
    enable = mkEnableOption "Enables OpenSSH";
    allowedUsers = mkOption {
      type = types.listOf types.str;
@ -20,7 +20,7 @@ in {
    };
  };
  config.services.openssh = mkIf cfg.enable {
-    inherit (cfg) enable;
+    enable = true;
    settings = {
      AllowUsers = cfg.allowedUsers;
      PermitRootLogin = "no";
--- a/system/services/sunshine.nix
+++ b/system/services/sunshine.nix
@ -4,17 +4,19 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.services.sunshine;
+  cfg = config.modules.sunshine;
 in {
-  options.mySystem.services.sunshine = {
+  options.modules.sunshine = {
-    enable = mkEnableOption "Enables Sunshine";
+    enable = mkEnableOption "Enables moonlight";
    autostart = mkEnableOption "Enables autostart";
  };
  config.services.sunshine = mkIf cfg.enable {
-    inherit (cfg) enable;
+    enable = true;
    autoStart = cfg.autostart;
    capSysAdmin = true;
    openFirewall = true;
-    settings.sunshine_name = config.mySystem.networking.hostname;
+    settings = {
      sunshine_name = "marpa";
    };
  };
 }
--- a/modules/system.nix
+++ b/modules/system.nix
@ -0,0 +1,171 @@
 {
  pkgs,
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.system;
 in {
  imports = [
    ./amdgpu.nix
    ./boot.nix
    ./locale.nix
    ./networking.nix
    ./nix.nix
    ./plymouth.nix
    ./sound.nix
    ./users.nix
    ./dev/docker.nix
  ];
  options.system = {
    amdgpu.enable = mkEnableOption "Enables AMD GPU support";
    boot = {
      kernel = {
        package = mkOption {
          type = types.raw;
          default = pkgs.linuxPackages_zen;
        };
        modules = mkOption {
          type = types.listOf types.str;
          default = [];
        };
        cpuVendor = mkOption {
          description = "Intel or AMD?";
          type = types.enum ["intel" "amd"];
          default = "amd";
        };
        v4l2loopback = mkOption {
          description = "Enables v4l2loopback";
          type = types.bool;
          default = true;
        };
        hardened = mkEnableOption "Enables hardened Linux kernel";
      };
      plymouth.enable = mkEnableOption "Enables Plymouth";
      zfs = {
        enable = mkEnableOption "Enables ZFS";
        pools = mkOption {
          type = types.listOf types.str;
          default = [];
        };
      };
    };
    docker = {
      enable = mkEnableOption "Enable Docker";
      podman.enable = mkEnableOption "Enable Podman rather than Docker";
      nvidia.enable = mkEnableOption "Activate Nvidia support";
      autoprune.enable = mkEnableOption "Enable autoprune";
    };
    networking = {
      hostname = mkOption {
        type = types.str;
        example = "gampo";
      };
      id = mkOption {
        type = types.str;
        example = "deadb33f";
      };
      hostFiles = mkOption {
        type = types.listOf types.path;
        example = [/path/to/hostFile];
        default = [];
      };
      firewall = {
        openPorts = mkOption {
          type = types.listOf types.int;
          example = [22 80 443];
          default = [];
        };
        openPortRanges = mkOption {
          type = types.listOf (types.attrsOf types.port);
          default = [];
          example = [
            {
              from = 8080;
              to = 8082;
            }
          ];
          description = ''
            A range of TCP and UDP ports on which incoming connections are
            accepted.
          '';
        };
        extraCommands = mkOption {
          type = types.nullOr types.lines;
          example = "iptables -A INPUTS -p icmp -j ACCEPT";
          default = null;
        };
      };
    };
    nix = {
      disableSandbox = mkOption {
        type = types.bool;
        default = false;
      };
      gc = {
        automatic = mkOption {
          type = types.bool;
          default = true;
        };
        dates = mkOption {
          type = types.str;
          default = "Monday 01:00 UTC";
        };
        options = mkOption {
          type = types.str;
          default = "--delete-older-than 30d";
        };
      };
    };
    sound = {
      enable = mkEnableOption "Whether to enable sounds with Pipewire";
      alsa = mkOption {
        type = types.bool;
        example = true;
        default = true;
        description = "Whether to enable ALSA support with Pipewire";
      };
      jack = mkOption {
        type = types.bool;
        example = true;
        default = false;
        description = "Whether to enable JACK support with Pipewire";
      };
      package = mkOption {
        type = types.package;
        example = pkgs.pulseaudio;
        default = pkgs.pulseaudioFull;
        description = "Which base package to use for PulseAudio";
      };
    };
    users = {
      root.disablePassword = mkEnableOption "Disables root password";
      phundrak = mkOption {
        type = types.bool;
        default = true;
      };
    };
    timezone = mkOption {
      type = types.str;
      default = "Europe/Paris";
    };
    console.keyMap = mkOption {
      type = types.str;
      default = "fr";
    };
  };
  config = {
    time.timeZone = cfg.timezone;
    console.keyMap = cfg.console.keyMap;
    modules = {
      boot = {
        inherit (cfg) amdgpu;
        inherit (cfg.boot) kernel plymouth zfs;
      };
      inherit (cfg) sound users networking docker amdgpu;
    };
  };
 }
--- a/system/users/phundrak.nix
+++ b/system/users/phundrak.nix
@ -5,11 +5,14 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.users;
+  cfg = config.modules.users;
 in {
-  options.mySystem.users = {
+  options.modules.users = {
    root.disablePassword = mkEnableOption "Disables root password";
-    phundrak.enable = mkEnableOption "Enables users phundrak";
+    phundrak = mkOption {
      type = types.bool;
      default = true;
    };
  };
  config = {
@ -18,12 +21,17 @@ in {
        hashedPassword = mkIf cfg.root.disablePassword "*";
        shell = pkgs.zsh;
      };
-      phundrak = mkIf cfg.phundrak.enable {
+      phundrak = {
        isNormalUser = true;
        description = "Lucien Cartier-Tilet";
        extraGroups = ["networkmanager" "wheel" "docker" "dialout" "podman"];
        shell = pkgs.zsh;
-        openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../keys;
+        openssh.authorizedKeys.keyFiles = [
          ./keys/id_gampo.pub
          ./keys/id_marpa.pub
          ./keys/id_tilo.pub
          ./keys/id_opn4.pub
        ];
      };
    };
    programs.zsh.enable = true;
--- a/system/desktop/xserver.nix
+++ b/system/desktop/xserver.nix
@ -4,10 +4,10 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.desktop.xserver;
+  cfg = config.modules.xserver;
 in {
-  options.mySystem.desktop.xserver = {
+  options.modules.xserver = {
-    enable = mkEnableOption "Enables xserver";
+    amdgpu.enable = mkEnableOption "Enables AMD GPU support";
    de = mkOption {
      type = types.enum ["gnome" "kde"];
      default = "gnome";
@ -15,15 +15,9 @@ in {
      description = "Which DE to enable";
    };
  };
-  config.services = mkIf cfg.enable {
+  config.services = {
-    displayManager = {
+    displayManager.sddm.enable = mkIf (cfg.de == "kde") true;
-      sddm.enable = mkIf (cfg.de == "kde") true;
+    desktopManager.plasma6.enable = mkIf (cfg.de == "kde") true;
      gdm.enable = mkIf (cfg.de == "gnome") true;
    };
    desktopManager = {
      plasma6.enable = mkIf (cfg.de == "kde") true;
      gnome.enable = mkIf (cfg.de == "gnome") true;
    };
    gnome = mkIf (cfg.de == "gnome") {
      gnome-browser-connector.enable = true;
@ -34,8 +28,10 @@ in {
    };
    xserver = {
-      inherit (cfg) enable;
+      enable = true;
-      videoDrivers = lists.optional config.mySystem.hardware.amdgpu.enable "amdgpu";
+      displayManager.gdm.enable = mkIf (cfg.de == "gnome") true;
      desktopManager.gnome.enable = mkIf (cfg.de == "gnome") true;
      videoDrivers = lists.optional cfg.amdgpu.enable "amdgpu";
      xkb = {
        layout = "fr";
        variant = "bepo_afnor";
--- a/programs/flatpak.nix
+++ b/programs/flatpak.nix
@ -0,0 +1,3 @@
 {
  services.flatpak.enable = true;
 }
--- a/system/desktop/hyprland.nix
+++ b/system/desktop/hyprland.nix
@ -4,9 +4,9 @@
  ...
 }:
 with lib; let
-  cfg = config.mySystem.desktop.hyprland;
+  cfg = config.modules.hyprland;
 in {
-  options.mySystem.desktop.hyprland.enable = mkEnableOption "Enables Hyprland";
+  options.modules.hyprland.enable = mkEnableOption "Enables Hyprland";
  config.programs.hyprland = mkIf cfg.enable {
    inherit (cfg) enable;
    withUWSM = true;
--- a/system/packages/nano.nix
+++ b/system/packages/nano.nix
--- a/programs/steam.nix
+++ b/programs/steam.nix
@ -0,0 +1,21 @@
 {pkgs, ...}: {
  programs = {
    steam = {
      enable = true;
      protontricks.enable = true;
      remotePlay.openFirewall = true;
      localNetworkGameTransfers.openFirewall = true;
      gamescopeSession.enable = true;
      extraCompatPackages = [pkgs.proton-ge-bin];
    };
    gamescope = {
      enable = true;
      capSysNice = true;
      args = [
        "--rt"
        "--expose-wayland"
      ];
    };
  };
  hardware.steam-hardware.enable = true;
 }
--- a/secrets/secrets.yaml
+++ b/secrets/secrets.yaml
@ -1,10 +1,10 @@
-extraHosts: ENC[AES256_GCM,data:YRHvHINgAQv4z+8awMzHY1uZS/K9qSaFsk8G5J2zF5P5YOt4x62eefXgmhWeKZzJI5AIi0312iMQl5qGv+lAkP+VC7j/h1rh7peBDEBU6LvcMgFU2XqxidM/CoKfMkJF8+/4bb+3r1LC/rEeXITTUQsOmoacdyCeKe5yxLaHyic/FaZIJq13wCg/QQSLfenc2Db0Pbxv5/cbRILhKT+ssElVipA40aZpgL7QmD542vObSEa6K4fZd0rawF/nOyibfpPN7Ak8DrYvfygNMw/QAGKY2XosxC86tjxhrIBHRakqmWpV+smoUO6XBFjU2sbwalafYVFdrvYL9BVAPtMZ25Sc5QMm87RCHqzqYdQHKs8C3JpVBHWnyL+0e5DNQrFrml0/FD5nFYsT6zDKVb/rN3YmxvTvKl7FpPKpv3Kke9WG+HnPs90hPy8Jpmg52vLMhaybx6dpJxzcF+ctBSI3J78hfweOCGvNGshCKpME1dujMPctH/kfYcm2j/ixKLjl0ZSbYeI9+l9oURBDwKzmKjAqhwnjuo3sL++ZsRU5Ue1zz9gsxS40R9eYevbq7JiQPX331pY2du1SRoKOxvPpXsDqe+CY5pW2RgPszjEIuDxyoveZolXg/zjlk0Ic/cOxrbflp7bTfQCQqEC7YJ5tRmtctk2lRGQkOFIg9Tn8ReifFxfhDrPFzc8X5vZgH73aqZSd/OkVybI3vEILV5uas0fPL7AHAKnBmeDV3mBNvF8aoZhD5CG8iRd1otta/3AQ660QV8IDoauq8fySC8Kee5B3kG75sqHvwF4Gu6CpSChXkjpiIqVmW0PntJueVHifuGJYkvhkX/CTHK7xm1HhtANnGrk6cr2APjWk1vpOaCmjFNqKTOV9d1HjaNWYTz4AZ+Uq2Za3UzN3oZCtZb96,iv:Z64+4oR/AfSgA7oZ/NPDLOtcmcXO5B4OQIGjOEK1Pf4=,tag:0I/1gXnBH7u6HTbQUz5Fpw==,type:str]
+extraHosts: ENC[AES256_GCM,data:nuEU+Tlj9BBEO/459B7u74WEdlDmvn3coWkk3JG5uqWXR1G4tk6H8EvQAY/xAuqcM01T4psaeqQTxZA+U626zMQ++vOsYwI8cch8m0xIkKKJ3Ztyqeip8egK2xPywdJp69Z5XhweF3RlxPBTroMcCoqHG0rFQmPuwaWrM/DJ6HQBGqKA3wmaYXAC4OLFVGNzLNLfWD85PAxK1YTJnClaerFdwsxm9tq+HNg7zEnOUVyQjm2l16MKkV1kybddNFc6SKHmm2e/XYNQ85eRm1ALq1v1WRPLaa87MsPLM6svwNy5hEMX+AQKfGBL4hLUKOw+yPktfSnGhj8uDO6IUTjySzkgdYIu37E8ozN8CZ2m+5wYDjf1NU34/yUo2p3RZISuy52qEhGE0jsIeDiC6KMPs6/dHKpxbkRVhe7ZWpZvee7dhWyAkW4lk+MA1p3OklCBdTn8JcrAlVcKf0n1+XyK5ua0q5ja6UKg1Q5Y1LGFPInt+styJ65HdvqBcdLiG7DCQYHGpWGIeSNglbAKPMCeBCablN/2gLLYOK08RXwwSAj1V5lCXAKoc3FfnX73ELRelzLwE2MNJZCn0DqnqP0vOnzXM9ftWVODCjcIEmLUX+CL7hBNLrWcp+Q3ALQcSZsAVejpP8Iajo85R/Hc+2OtqfXijoJNacaMgKCX/5ZWOFEwNUdto3xSRQXu2Ck//F4F/0Ez6yqOFux1byjdyHDbGGdFz02DTZUkOtsPVssyqz1nEHepDQM0EmAAxAR6D8hHOnZGesfqbS+5Xd3+KlfxyFC2mHDxK4WZPCHTAEsenWEiQTGfaOT+1bpbimRfUcqiRXukSUeHY2cKf/reNw0MT7t5n1mvidihP3sJuc573ViUlG+Ts8ctyZ/+tKU2aCMz3wevPzZNiIVqXsB2lC8c,iv:MnbM30XhdQFOPmc4x/a7YaDmnCDCFHS2Nm8plh+raSo=,tag:SpHUqyeSVdtf8uk4SyjmOA==,type:str]
 mopidy:
    spotify: ENC[AES256_GCM,data:SaDT0iSWhsgVOi1s+Nzbr0Mur3t2Zd9z/KIUshGWtbPfkXXIoiJeJFtoZIz5NL/t5FooYsNfU1mGYgDeVYSD4BPibW8hiCYrX6L6OX+Q6ZEWXXx/1eBEs2/q0BrWGvy7frcurq/Px4R3ax0dXJe/YKbpAtU7+bQl,iv:F2zT+uMVBMnSEZqgcRmV8/fc3G/g2fKDuHuBzkyBRN0=,tag:CD8fuOQfe6QCrj4BUh0/xw==,type:str]
    bandcamp: ENC[AES256_GCM,data:diEx2fbkOR1oUav81jU5bNt/KNmbOaVzLV+G3zBUVXE7nEQpZNqVom0rgNrEVDGzH3u/IaA5eqG5ce9lE0BomeY8Z4MWI1xujhX5KsXdv21aw4UwsNgyLPuWhkN2POUMfCJlvekc/TFfFvJHyysx8aKxeI4dsg==,iv:cxx0cVkjOPG+hMD8JctJHdcICJt7ozpfRBVSCDBo6Ro=,tag:JRjwwvieGaGZJ+k56HWFaw==,type:str]
 emailPassword: ENC[AES256_GCM,data:LALAvyuNN9bfa8D6ZK1YiFXRfxLOBi9kXA0N0Kr7h18eAI4hWQ==,iv:WtidILFfWCMKylax52JP+X57GfZyYlxJtiwrC6SADik=,tag:NvOrsL3fbmxQZp06GZhUZA==,type:str]
 ssh:
-    hosts: ENC[AES256_GCM,data:j7+Ua5G8dePL5GO+Tf8+hnoJsSfKo2z4I0OcVfSyJ3dc6yyYZVho8iG9bqPAqVR5d7SJr391zCLMJp/jRDpDFLkzQB54udVKI8ob0C2w2xBznPZJsC7qZMptQ+n4IHO1ZROSi/vBadCUfEWKNO9e8gsroBYmliy/31M5IlA85Vx6q4Zx0qIFylfIhBDto3jD2DRcbjWP8NvjJcY7YLrN2sv8RR7QqX1q+0ZxpgFhg+W+a5Dz8JBVsPEdjNJqFAKAmUGKXf4bpEIS5lLUxxZweizEiWgo4nYJgA0kqVYEOiErOPgtpnBKiJlR+fLGuVwdGxVOUMvttZtyIgHc4CWgOJ0h67h4eVii+zeLn0GPJl3i2g5bjOArHKLfkKGduqii4n/1p9VvVTAOn5dj0/NtD2JNJF9kUDr1nMyMa1xA35gzv1vp/U55L6ZU/BRpBPzka6i8nGnCkDVdoUG0DKhN9ooXRpUS9L+W1iz480fzb6i/tfmlhx7Ms1T9VybYFkGLNkxnsrt5Oc24o0XD5/A1j8bJgNWo6aWSA748ZWtN0mXDzB5sH4TVtaZAGlyU9r/x5oCuWPN2qhZ8d2i7g5rceZW5ang/uyXNt8Le5cKvLw3Rhf4BTFhQ6+VJ4/SpdfnLZ17djjbwZO1DT5Nb0RUObcilcwbmUwqvmLbcrdmsfQMOcetRwFpIdoX6MjkRiC1WZ4cz8bMU7ArnK/n15dsIdaiiUfuOJAiBYut1PaJBoZDe8pXzOE6U1s57sejUf1T7NHp2epyevCAYuVG71dAFLn1oLM+FWXuBm6ogFLujoFh7XCVVqdf6j348/ekzBxDIemzS4G1+zflG3AteLWcslGVTNmx0rb3GlSHGNVNZoeHvYAHIIEyWpY4Yd01R8RhjrFXQo9comnpoQXSlFDvuUGTxuUpsariAof4wKLdpqj8Dc4ZaDvd1pAGVh7RBqR4rn4kClbWUVcSFy7QWs9T5Sw0fU/bLL76N6x9Y44P5NQLAJvZ0z8rhIPl0u8OwIhhEwkhWdFLSulk/N7+DVqrRpj7bB5hB8jZWspsl44IdiZWY3UPs7zs=,iv:3q4FYxDWPGyMqeKoSTRxSPvqZXzwg/NeHZh70d38HYM=,tag:jA8/5yi74/mOuu/b83WEeg==,type:str]
+    hosts: ENC[AES256_GCM,data:jLLehzuBuBh22ZukRlqjQJNBg0ri8go58SJfs4GjNqNdvI/H0NWRS0apqLPzERkbpPipex3kUiFIc6BH+usSSpfh/MWico8qZDKVD7Ekx6F8k45I2Pq+mbLsMEo3XfjcnfYgDWn2I7/jyidBsvA+m9VnjU8/Cnk5O/YeIZQRvfOZ4xc8zw7C/vqmxsNi2KZr+2N23L+eetoKM4J6AigmINH41wAL3/RlB0oCpjSHSkbp7Glu2LlyJygS52p9m5pq4QBXtoiu5AJ6qG17LrypmDjfxE2zU2R3Zu6VLbs4zWQY2+W36j33Fm5nMkMMPJAEdRR27HPxM2EAEuH4OI1Jbup669sln9nJxnO2zYveplNPsAb3a16D4L9rwSzUd1s2W+NlqBSYdyAktuvtPWf1vAg9+Fob9jUgUFGTQpNF8Xj1n+DqvXlLQknsB/7EhNSSnYyQS36wHF9KBHJwexpYbhnGiMuLjN6KXbr/YYawocSA/5o8s6X/tRXKMkXtZjoEsyr1aNMj+4gSHaSUOG78r3VwAHLOXNez67xFpKMa/IQfQhj2Zng8142hhL4hPyNtuTOK3oVvPjZtAfbfxesUi+Zx2VhaJsnmj6J4gAOWU9nVpol67V0hNSD4LMUOZwwPst11IyJsXjkKKY0iy7ykFMTk6KalkVUqlYOmQRIXtBE9sD4esC+FGH1ONi3n0tbG7YivmV3YSmxk0RvQ/YlKGOchKpPH/bzN/X+NZh6A3Uk5uDsqU+GOjfDY2yIgetw4FAQ42YMxNmTJjq6MpcaETb5eQm8wee4QaVODocXHyknfWs6FYGNUjQpYp3+zxKJovHuKQcFgug3t8Si5hKnQz6KDZNaoDE0UMBR2ABbAX1Bcvu0lLHzaPXpGfXyoAe+B3MwF9/TTVkCNNYhNKm63P7qUuIbKLLCDXH6e4y5YiIF8Sl9jF/kR8v8MbLgrAROx8NlTm5CqNhQWOPQQyQXvXEl5hwHyF9ptrXUB9wIe,iv:6Lzbf+DBTfaZj7NhTJ07dVPuaViP61V4N2QHPTEFzMQ=,tag:8t4c0DJmAwg/0qRLBW4vCQ==,type:str]
 sops:
    age:
        - recipient: age1ajemtm502nn2n4q7v4j8meyd5mxtcqngkkedxq2pqzuwu78zp93qnw8q48
@ -61,7 +61,7 @@ sops:
            QmJKNDJUY0RSakhwNWlkOVpib0trc1kK0tQxD9I82pjfs54eruu+IjzVUmcVBCPw
            9mp1xKiYRRMXt3YQn6MPiyuuX3l3UB5MH0RJMNtRq0D961rs+iiS5A==
            -----END AGE ENCRYPTED FILE-----
-    lastmodified: "2025-08-07T09:16:46Z"
+    lastmodified: "2025-05-04T01:05:13Z"
-    mac: ENC[AES256_GCM,data:3PIJps2hoavPJ6ig+943FE73lBhCfxv8vuzmgTtooH386V12/PQN+Opt/ZoIbXU9w21XelZ/C5xPr8rcuw5ADx9K/KjdMm8jyLCO6/+iBf6SjnbC3E0DyiDit50UtWxKc32ryiJ8m5hYfX6O2H8WIGFa+6wp5KISV9pkc09CNZA=,iv:xzwEhhBJQOlde8Ib+tZpv+2CHfR83dFevdwERkYTsTE=,tag:SzdcZH19kSTnNs16754IMw==,type:str]
+    mac: ENC[AES256_GCM,data:/wuo0bg48xlbP074JJ0rtmclWMG9vjlJnWjJnUaz45m+Gqj4IzA5ctSZdNnFTb7/CXkynJdFHme4/Nz8I/6+zzTFBeo/nVw43s1n0XmMqVYb2U/FTikvCMowHNnfMTY5Q83jD1MtE3XsRSCzxe649D4Zbcja8XG42v5rOt3geMA=,iv:n/yFp5f+LK8JaikifjRuieNtmcazl2VNz8rIzbvgBO8=,tag:Fs4+St1lxMn+VdEoP+Eo8g==,type:str]
    unencrypted_suffix: _unencrypted
    version: 3.10.2
--- a/system/boot/default.nix
+++ b/system/boot/default.nix
@ -1,7 +0,0 @@
 {
  imports = [
    ./boot.nix
    ./plymouth.nix
    ./zram.nix
  ];
 }
--- a/system/boot/zram.nix
+++ b/system/boot/zram.nix
@ -1,21 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.boot.zram;
 in {
  options.mySystem.boot.zram = {
    enable = mkEnableOption "Enable ZRAM";
    memoryMax = mkOption {
      type = types.int;
      example = "512";
      description = "Maximum size allocated to ZRAM in MiB";
    };
  };
  config.zramSwap = mkIf cfg.enable {
    inherit (cfg) enable;
    memoryMax = cfg.memoryMax * 1024 * 1024;
  };
 }
--- a/system/default.nix
+++ b/system/default.nix
@ -1,40 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.misc;
 in {
  imports = [
    ./boot
    ./desktop
    ./dev
    ./hardware
    ./i18n
    ./network
    ./packages
    ./security
    ./services
    ./users
  ];
  options.mySystem.misc = {
    timezone = mkOption {
      type = types.str;
      default = "Europe/Paris";
    };
    keymap = mkOption {
      type = types.str;
      default = "fr";
      example = "fr-bepo";
      description = "Keymap to use in the TTY console";
    };
  };
  config = {
    boot.tmp.cleanOnBoot = true;
    time.timeZone = cfg.timezone;
    console.keyMap = cfg.keymap;
  };
 }
--- a/system/desktop/default.nix
+++ b/system/desktop/default.nix
@ -1,3 +0,0 @@
 {
  imports = [./hyprland.nix ./niri.nix ./xserver.nix];
 }
--- a/system/desktop/niri.nix
+++ b/system/desktop/niri.nix
@ -1,13 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.mySystem.desktop.niri;
 in {
  options.mySystem.desktop.niri.enable = mkEnableOption "Enables Niri";
  config.programs.niri = mkIf cfg.enable {
    inherit (cfg) enable;
  };
 }
--- a/system/dev/default.nix
+++ b/system/dev/default.nix
@ -1,3 +0,0 @@
 {
  imports = [./docker.nix];
 }
--- a/system/hardware/bluetooth.nix
+++ b/system/hardware/bluetooth.nix
@ -1,14 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.hardware.bluetooth;
 in {
  options.mySystem.hardware.bluetooth.enable = mkEnableOption "Enable bluetooth";
  config = mkIf cfg.enable {
    hardware.bluetooth.enable = cfg.enable;
    services.blueman.enable = cfg.enable;
  };
 }
--- a/system/hardware/corne.nix
+++ b/system/hardware/corne.nix
@ -1,15 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.hardware.corne;
 in {
  options.mySystem.hardware.corne.allowHidAccess = mkEnableOption "Enable HID access to the corne keyboard";
  config.services.udev = mkIf cfg.allowHidAccess {
    extraRules = ''
      KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{serial}=="*vial:f64c2b3c*", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
    '';
  };
 }
--- a/system/hardware/default.nix
+++ b/system/hardware/default.nix
@ -1,10 +0,0 @@
 {
  imports = [
    ./amdgpu.nix
    ./bluetooth.nix
    ./corne.nix
    ./ibm-trackpoint.nix
    ./opentablet.nix
    ./sound.nix
  ];
 }
--- a/system/hardware/ibm-trackpoint.nix
+++ b/system/hardware/ibm-trackpoint.nix
@ -1,15 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.hardware.ibmTrackpoint;
 in {
  options.mySystem.hardware.ibmTrackpoint.disable = mkEnableOption "Disable IBM’s trackpoint on ThinkPad";
  config.services.udev = mkIf cfg.disable {
    extraRules = ''
      ATTRS{name}=="*TPPS/2 IBM TrackPoint", ENV{ID_INPUT}="", ENV{ID_INPUT_MOUSE}="", ENV{ID_INPUT_POINTINGSTICK}=""
    '';
  };
 }
--- a/system/hardware/opentablet.nix
+++ b/system/hardware/opentablet.nix
@ -1,14 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.hardware.opentablet;
 in {
  options.mySystem.hardware.opentablet.enable = mkEnableOption "Enables OpenTablet drivers";
  config.hardware.opentabletdriver = mkIf cfg.enable {
    inherit (cfg) enable;
    daemon.enable = true;
  };
 }
--- a/system/i18n/default.nix
+++ b/system/i18n/default.nix
@ -1,5 +0,0 @@
 {
  imports = [
    ./locale.nix
  ];
 }
--- a/system/network/default.nix
+++ b/system/network/default.nix
@ -1,5 +0,0 @@
 {
  imports = [
    ./networking.nix
  ];
 }
--- a/system/packages/appimage.nix
+++ b/system/packages/appimage.nix
@ -1,14 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.packages.appimage;
 in {
  options.mySystem.packages.appimage.enable = mkEnableOption "Enables AppImage support";
  config.programs.appimage = mkIf cfg.enable {
    inherit (cfg) enable;
    binfmt = true;
  };
 }
--- a/system/packages/default.nix
+++ b/system/packages/default.nix
@ -1,15 +0,0 @@
 {pkgs, ...}: {
  imports = [
    ./appimage.nix
    ./flatpak.nix
    ./nano.nix
    ./nix.nix
    ./steam.nix
  ];
  environment.systemPackages = with pkgs; [
    curl
    openssl
    wget
  ];
 }
--- a/system/packages/flatpak.nix
+++ b/system/packages/flatpak.nix
@ -1,22 +0,0 @@
 {
  pkgs,
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.packages.flatpak;
 in {
  options.mySystem.packages.flatpak = {
    enable = mkEnableOption "Enable Flatpak support";
    builder.enable = mkEnableOption "Enable Flatpak builder";
  };
  config = {
    services.flatpak = mkIf cfg.enable {
      inherit (cfg) enable;
    };
    environment.systemPackages = mkIf cfg.builder.enable [
      pkgs.flatpak-buildR
    ];
  };
 }
--- a/system/packages/steam.nix
+++ b/system/packages/steam.nix
@ -1,34 +0,0 @@
 {
  pkgs,
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.programs.steam;
 in {
  options.mySystem.programs.steam.enable = mkEnableOption "Enables Steam and Steam hardware";
  config = mkIf cfg.enable {
    programs = {
      steam = {
        inherit (cfg) enable;
        protontricks.enable = true;
        remotePlay.openFirewall = true;
        localNetworkGameTransfers.openFirewall = true;
        gamescopeSession.enable = true;
        extraCompatPackages = [pkgs.proton-ge-bin];
      };
      gamescope = {
        enable = true;
        capSysNice = true;
        args = [
          "--rt"
          "--expose-wayland"
        ];
      };
    };
    hardware.steam-hardware = {
      inherit (cfg) enable;
    };
  };
 }
--- a/system/security/default.nix
+++ b/system/security/default.nix
@ -1,5 +0,0 @@
 {
  imports = [
    ./sops.nix
  ];
 }
--- a/system/services/calibre.nix
+++ b/system/services/calibre.nix
@ -1,38 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.mySystem.services.calibre;
 in {
  options.mySystem.services.calibre = {
    enable = mkEnableOption "Enable Calibre Web";
    user = mkOption {
      type = types.string;
      default = "phundrak";
    };
    group = mkOption {
      type = types.string;
      default = "users";
    };
    dataDir = mkOption {
      type = types.string;
      example = "/tank/calibre/conf";
      default = "/tank/calibre/conf";
    };
    library = mkOption {
      type = types.string;
      example = "/tank/calibre/library";
      default = "/tank/calibre/library";
    };
  };
  config.services.calibre-web = mkIf cfg.enable {
    inherit (cfg) enable user group dataDir;
    options = {
      calibreLibrary = cfg.library;
      enableBookConversion = true;
      enableBookUploading = true;
    };
  };
 }
--- a/system/services/default.nix
+++ b/system/services/default.nix
@ -1,12 +0,0 @@
 {
  imports = [
    ./calibre.nix
    ./endlessh.nix
    ./fwupd.nix
    ./jellyfin.nix
    ./plex.nix
    ./printing.nix
    ./ssh.nix
    ./sunshine.nix
  ];
 }
--- a/system/services/fwupd.nix
+++ b/system/services/fwupd.nix
@ -1,13 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.services.fwupd;
 in {
  options.mySystem.services.fwupd.enable = mkEnableOption "Enable fwupd";
  config.services.fwupd = mkIf cfg.enable {
    inherit (cfg) enable;
  };
 }
--- a/system/services/jellyfin.nix
+++ b/system/services/jellyfin.nix
@ -1,28 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.mySystem.services.jellyfin;
 in {
  options.mySystem.services.jellyfin = {
    enable = mkEnableOption "Enable Jellyfin";
    dataDir = mkOption {
      type = types.string;
      default = "/tank/jellyfin/data";
      example = "/tank/jellyfin/data";
    };
    user = mkOption {
      type = types.string;
      default = "phundrak";
    };
    group = mkOption {
      type = types.string;
      default = "users";
    };
  };
  config.services.jellyfin = mkIf cfg.enable {
    inherit (cfg) enable group user dataDir;
  };
 }
--- a/system/services/plex.nix
+++ b/system/services/plex.nix
@ -1,35 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.services.plex;
 in {
  options.mySystem.services.plex = {
    enable = mkEnableOption "Enable Plex";
    group = mkOption {
      type = types.string;
      default = "users";
      example = "users";
      description = "Group under which Plex runs";
    };
    dataDir = mkOption {
      type = types.string;
      example = "/tank/plex-config";
    };
    user = mkOption {
      type = types.string;
      default = "phundrak";
    };
  };
  config = {
    services.plex = mkIf cfg.enable {
      inherit (cfg) enable user group dataDir;
      openFirewall = cfg.enable;
    };
    boot.kernel.sysctl = {
      "kernel.unprivileged_userns_clone" = 1;
    };
  };
 }
--- a/system/services/printing.nix
+++ b/system/services/printing.nix
@ -1,13 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.mySystem.services.printing;
 in {
  options.mySystem.services.printing.enable = mkEnableOption "Enable printing with CUPS";
  config.services.printing = mkIf cfg.enable {
    inherit (cfg) enable;
  };
 }
--- a/system/users/default.nix
+++ b/system/users/default.nix
@ -1,5 +0,0 @@
 {
  imports = [
    ./phundrak.nix
  ];
 }
--- a/users/modules/cli/bat.nix
+++ b/users/modules/cli/bat.nix
@ -5,9 +5,9 @@
  ...
 }:
 with lib; let
-  cfg = config.home.cli.bat;
+  cfg = config.modules.bat;
 in {
-  options.home.cli.bat.extras = mkEnableOption "Enables extra packages for bat.";
+  options.modules.bat.extras = mkEnableOption "Enables extra packages for bat.";
  config.programs.bat = {
    enable = true;
    config = {
--- a/users/modules/cli/btop.nix
+++ b/users/modules/cli/btop.nix
--- a/users/modules/cli/default.nix
+++ b/users/modules/cli/default.nix
@ -1,29 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.cli;
 in {
  imports = [
    ./bat.nix
    ./btop.nix
    ./direnv.nix
    ./eza.nix
    ./mu.nix
    ./nh.nix
    ./nix-index.nix
    ./scripts
    ./tealdeer.nix
    ./yt-dlp.nix
  ];
  options.home.cli.fullDesktop = mkEnableOption "Enable all optional modules and options";
  config.home.cli = {
    bat.extras = mkDefault cfg.fullDesktop;
    mu.enable = mkDefault cfg.fullDesktop;
    scripts.enable = mkDefault cfg.fullDesktop;
    yt-dlp.enable = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/cli/mu.nix
+++ b/users/modules/cli/mu.nix
@ -1,11 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.cli.mu;
 in {
  options.home.cli.mu.enable = mkEnableOption "Enable mu";
  config.programs.mu.enable = cfg.enable;
 }
--- a/users/modules/cli/nix-index.nix
+++ b/users/modules/cli/nix-index.nix
@ -1,10 +0,0 @@
 {inputs, ...}: {
  imports = [
    inputs.nix-index-database.homeModules.nix-index
  ];
  programs = {
    nix-index.enable = true;
    nix-index-database.comma.enable = true;
  };
 }
--- a/users/modules/cli/scripts/default.nix
+++ b/users/modules/cli/scripts/default.nix
@ -1,15 +0,0 @@
 {
  pkgs,
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.cli.scripts;
  files = filesystem.listFilesRecursive ./.;
  scriptFiles = builtins.filter (path: baseNameOf path != "default.nix") files;
  scripts = map (file: (import file {inherit pkgs config;})) scriptFiles;
 in {
  options.home.cli.scripts.enable = mkEnableOption "Add custom scripts to PATH";
  config.home.packages = mkIf cfg.enable scripts;
 }
--- a/users/modules/cli/yt-dlp.nix
+++ b/users/modules/cli/yt-dlp.nix
@ -1,18 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.cli.yt-dlp;
 in {
  options.home.cli.yt-dlp.enable = mkEnableOption "Enable yt-dlp";
  config.programs.yt-dlp = mkIf cfg.enable {
    inherit (cfg) enable;
    settings = {
      embed-thumbnail = true;
      embed-subs = true;
      sub-langs = "all";
    };
  };
 }
--- a/users/modules/default.nix
+++ b/users/modules/default.nix
@ -1,29 +1,17 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home;
 in {
  imports = [
    ./basics.nix
-    ./cli
+    ./bat.nix
-    ./desktop
+    ./btop.nix
-    ./dev
+    ./direnv.nix
-    ./media
+    ./eza.nix
-    ./services
+    ./gpg.nix
-    ./security
+    ./mopidy.nix
    ./nh.nix
    ./nix-index.nix
    ./shell
    ./ssh.nix
    ./tealdeer.nix
    ./vcs
  ];
  options.home.fullDesktop = mkEnableOption "Enable most modules";
  config.home = {
    cli.fullDesktop = mkDefault cfg.fullDesktop;
    desktop.fullDesktop = mkDefault cfg.fullDesktop;
    dev.fullDesktop = mkDefault cfg.fullDesktop;
    media.fullDesktop = mkDefault cfg.fullDesktop;
    security.fullDesktop = mkDefault cfg.fullDesktop;
    services.fullDesktop = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/desktop/default.nix
+++ b/users/modules/desktop/default.nix
@ -1,32 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.desktop;
 in {
  imports = [
    ./emoji.nix
    ./eww.nix
    ./hyprland.nix
    ./kdeconnect.nix
    ./kitty.nix
    ./obs.nix
    ./qt.nix
    ./swaync.nix
    ./waybar.nix
    ./wlsunset.nix
    ./wofi.nix
  ];
  options.home.desktop.fullDesktop = mkEnableOption "Enable options for graphical environments";
  config.home.desktop = {
    eww.enable = mkDefault cfg.fullDesktop;
    hyprland.enable = mkDefault cfg.fullDesktop;
    kdeconnect.enable = mkDefault cfg.fullDesktop;
    kitty.enable = mkDefault cfg.fullDesktop;
    obs.enable = mkDefault cfg.fullDesktop;
    qt.enable = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/desktop/eww.nix
+++ b/users/modules/desktop/eww.nix
@ -1,14 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.desktop.eww;
 in {
  options.home.desktop.eww.enable = mkEnableOption "Enable eww support";
  config.programs.eww = mkIf cfg.enable {
    inherit (cfg) enable;
    configDir = ./eww-config;
  };
 }
--- a/users/modules/desktop/kdeconnect.nix
+++ b/users/modules/desktop/kdeconnect.nix
@ -1,14 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.desktop.kdeconnect;
 in {
  options.home.desktop.kdeconnect.enable = mkEnableOption "Enable KDE Connect";
  config.services.kdeconnect = mkIf cfg.enable {
    enable = true;
    indicator = true;
  };
 }
--- a/users/modules/desktop/obs.nix
+++ b/users/modules/desktop/obs.nix
@ -1,23 +0,0 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.home.desktop.obs;
 in {
  options.home.desktop.obs.enable = mkEnableOption "Enables OBS Studio";
  config.programs.obs-studio = mkIf cfg.enable {
    inherit (cfg) enable;
    plugins = with pkgs.obs-studio-plugins; [
      input-overlay
      obs-backgroundremoval
      obs-mute-filter
      obs-pipewire-audio-capture
      obs-source-clone
      obs-source-record
      obs-tuna
    ];
  };
 }
--- a/users/modules/desktop/qt.nix
+++ b/users/modules/desktop/qt.nix
@ -1,11 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.desktop.qt;
 in {
  options.home.desktop.qt.enable = mkEnableOption "Enable Qt support";
  config.qt.enable = cfg.enable;
 }
--- a/users/modules/dev/default.nix
+++ b/users/modules/dev/default.nix
@ -1,20 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.dev;
 in {
  imports = [
    ./editors
    ./ollama.nix
    ./vcs
  ];
  options.home.dev.fullDesktop = mkEnableOption "Enables everything except AI";
  config.home.dev = {
    vcs.fullDesktop = mkDefault cfg.fullDesktop;
    editors.fullDesktop = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/dev/editors/default.nix
+++ b/users/modules/dev/editors/default.nix
@ -1,20 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.dev.editors;
 in {
  imports = [
    ./emacs.nix
  ];
  options.home.dev.editors.fullDesktop = mkEnableOption "Enable all editors";
  config.home.dev.editors.emacs = {
    enable = mkDefault cfg.fullDesktop;
    service = mkDefault cfg.fullDesktop;
    mu4eMime = mkDefault cfg.fullDesktop;
    org-protocol = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/dev/ollama.nix
+++ b/users/modules/dev/ollama.nix
@ -1,25 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.dev.ollama;
 in {
  options.home.dev.ollama = {
    enable = mkEnableOption "Enables Ollama";
    gpu = mkOption {
      type = types.nullOr types.enum ["none" "amd" "nvidia"];
      example = "amd";
      default = "none";
      description = "Which type of GPU should be used for hardware acceleration";
    };
  };
  config.services.ollama = mkIf cfg.enable {
    inherit (cfg) enable;
    environmentVariables = {
      OLLAMA_CONTEXT_LENGTH = "8192";
    };
  };
 }
--- a/users/modules/dev/vcs/default.nix
+++ b/users/modules/dev/vcs/default.nix
@ -1,53 +0,0 @@
 {
  config,
  lib,
  pkgs,
  ...
 }:
 with lib; let
  cfg = config.home.dev.vcs;
 in {
  imports = [./git.nix ./jujutsu.nix];
  options.home.dev.vcs = {
    fullDesktop = mkEnableOption "Enable all optional values";
    name = mkOption {
      type = types.str;
      default = "Lucien Cartier-Tilet";
    };
    email = mkOption {
      type = types.str;
      default = "lucien@phundrak.com";
    };
    editor = mkOption {
      type = types.str;
      default = "${pkgs.emacs}/bin/emacsclient -c -a ${pkgs.emacs}/bin/emacs";
    };
    publicKey = {
      content = mkOption {
        type = types.nullOr types.str;
        example = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGj+J6N6SO+4P8dOZqfR1oiay2yxhhHnagH52avUqw5h";
        default = null;
      };
      file = mkOption {
        type = with types; nullOr path;
        default = "/home/phundrak/.ssh/id_ed25519.pub";
      };
    };
  };
  config.home.dev.vcs = {
    git = {
      enable = mkDefault true;
      inherit (cfg) name email editor;
      publicKeyFile = cfg.publicKey.file;
      cliff = mkDefault cfg.fullDesktop;
      completeConfig = mkDefault cfg.fullDesktop;
    };
    jj = {
      enable = mkDefault true;
      inherit (cfg) name email editor;
      signing.sshKey = mkDefault (cfg.publicKey.file or cfg.publicKey.content);
    };
  };
 }
--- a/users/modules/cli/direnv.nix
+++ b/users/modules/cli/direnv.nix
--- a/users/modules/dev/editors/emacs.nix
+++ b/users/modules/dev/editors/emacs.nix
@ -11,9 +11,9 @@ with lib; let
      epkgs.pdf-tools
    ]
  ));
-  cfg = config.home.dev.editors.emacs;
+  cfg = config.modules.emacs;
 in {
-  options.home.dev.editors.emacs = {
+  options.modules.emacs = {
    enable = mkEnableOption "enables Emacs";
    package = mkOption {
      type = types.package;
@ -25,7 +25,6 @@ in {
  };
  config = {
    home.packages = [pkgs.emacs-all-the-icons-fonts];
    programs.emacs = mkIf cfg.enable {
      enable = true;
      inherit (cfg) package;
--- a/users/modules/desktop/emoji.nix
+++ b/users/modules/desktop/emoji.nix
--- a/users/modules/desktop/eww-config/eww.scss
+++ b/users/modules/desktop/eww-config/eww.scss
--- a/users/modules/desktop/eww-config/eww.yuck
+++ b/users/modules/desktop/eww-config/eww.yuck
--- a/users/modules/desktop/eww-config/test
+++ b/users/modules/desktop/eww-config/test
--- a/users/modules/eww.nix
+++ b/users/modules/eww.nix
@ -0,0 +1,6 @@
 {
  programs.eww = {
    enable = true;
    configDir = ./eww-config;
  };
 }
--- a/users/modules/cli/eza.nix
+++ b/users/modules/cli/eza.nix
--- a/users/modules/gpg.nix
+++ b/users/modules/gpg.nix
@ -0,0 +1,12 @@
 {pkgs, ...}: {
  programs.gpg = {
    enable = true;
    mutableKeys = true;
    mutableTrust = true;
  };
  services.gpg-agent = {
    enable = true;
    enableSshSupport = true;
    pinentry.package = pkgs.pinentry-emacs;
  };
 }
--- a/users/modules/desktop/hyprland.nix
+++ b/users/modules/desktop/hyprland.nix
@ -5,9 +5,8 @@
  ...
 }:
 with lib; let
-  cfg = config.home.desktop.hyprland;
+  cfg = config.modules.hyprland;
-  rofi-emoji = import ../cli/scripts/rofi-emoji.nix {inherit pkgs;};
+  rofi-emoji = import ../scripts/rofi-emoji.nix {inherit pkgs;};
  laptops = ["gampo"];
 in {
  imports = [
    ./swaync.nix
@ -15,34 +14,33 @@ in {
    ./wlsunset.nix
  ];
-  options.home.desktop.hyprland = {
+  options.modules.hyprland = {
    enable = mkEnableOption "Enables Hyprland";
    swaync = mkEnableOption "Enables swaync";
    emacsPkg = mkOption {
      type = types.package;
-      default = config.home.dev.editors.emacs.package or pkgs.emacs;
+      default = pkgs.emacs;
      # default = pkgs.emacs;
      example = pkgs.emacs;
    };
    host = mkOption {
-      type = types.enum ["gampo" "marpa"];
+      type = types.enum ["tilo" "gampo"];
      default = "tilo";
      description = ''
        Which host is Hyprland running on.
-        This helps determine the monitors layout and enable battery support in waybar.
+        This helps determine the monitors layout.
      '';
    };
    waybar = {
      enable = mkEnableOption "Enables waybar.";
      battery = mkEnableOption "Enables battery support.";
      style = mkOption {
        type = types.path;
        example = ./style.css;
      };
    };
  };
  config = mkIf cfg.enable {
    home.desktop = {
      swaync.enable = mkDefault true;
      waybar = {
        enable = mkDefault true;
        battery = mkDefault (builtins.elem cfg.host laptops);
      };
      wlsunset.enable = mkDefault true;
      wofi.enable = mkDefault true;
    };
    wayland.windowManager.hyprland = {
      enable = true;
      xwayland.enable = true;
@ -52,7 +50,7 @@ in {
        input = {
          kb_layout = "fr";
          kb_variant = "bepo_afnor";
-          # kb_options = "caps:ctrl_modifier";
+          kb_options = "caps:ctrl_modifier";
          numlock_by_default = true;
          follow_mouse = 1;
          touchpad.natural_scroll = false;
@ -60,9 +58,9 @@ in {
        };
        monitor =
          {
-            "marpa" = [
+            "tilo" = [
-              "DP-1, 3440x1440@144, 1080x550, 1"
+              "DP-1, 3440x1440@144, 0x725, 1"
-              "DP-2, 2560x1080@60, 0x0, 1, transform, 1"
+              "DP-3, 2560x1080@60, 3440x0, 1, transform, 3"
            ];
            "gampo" = [];
          }."${cfg.host}";
@ -79,11 +77,21 @@ in {
          new_status = "inherit";
        };
        workspace = [
-          "4, layoutopt:orientation:bottom"
+          "2, layoutopt:orientation:bottom"
          "1, layoutopt:orientation:bottom"
        ];
        decoration = {
          rounding = 5;
          # blur = {
          #   enable = true;
          #   size = 9;
          #   passes = 1;
          # };
          # shadow = {
          #   enable = true;
          #   color = "rgba(2e3440aa)";
          #   range = 4;
          #   render_power = 3;
          # };
        };
        animations = {
          enabled = true;
@ -288,5 +296,12 @@ in {
        };
      };
    };
    modules = {
      swaync.enable = cfg.swaync;
      waybar = mkIf cfg.waybar.enable {
        inherit (cfg.waybar) enable battery style;
      };
      wlsunset.enable = true;
    };
  };
 }
--- a/users/modules/kdeconnect.nix
+++ b/users/modules/kdeconnect.nix
@ -0,0 +1,6 @@
 {
  services.kdeconnect = {
    enable = true;
    indicator = true;
  };
 }
--- a/users/modules/desktop/kitty.nix
+++ b/users/modules/desktop/kitty.nix
@ -1,15 +1,6 @@
-{
+{pkgs, ...}: {
-  pkgs,
+  programs.kitty = {
-  config,
+    enable = true;
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.desktop.kitty;
 in {
  options.home.desktop.kitty.enable = mkEnableOption "Enable kitty terminal";
  config.programs.kitty = mkIf cfg.enable {
    inherit (cfg) enable;
    themeFile = "Nord";
    font = {
      package = pkgs.cascadia-code;
--- a/users/modules/services/mbsync.nix
+++ b/users/modules/services/mbsync.nix
@ -4,14 +4,26 @@
  ...
 }:
 with lib; let
-  cfg = config.home.services.mbsync;
+  cfg = config.modules.mbsync;
 in {
-  options.home.services.mbsync = {
+  options.modules.mbsync = {
    enable = mkEnableOption "Enables mbsync";
    passwordFile = mkOption {
      type = types.str;
      example = "/var/email/password";
    };
    service.enable = mkOption {
      type = types.bool;
      default = true;
    };
    host = mkOption {
      type = types.str;
      default = "mail.phundrak.com";
    };
    user = mkOption {
      type = types.str;
      default = "lucien@phundrak.com";
    };
  };
  config = mkIf cfg.enable {
--- a/users/modules/media/default.nix
+++ b/users/modules/media/default.nix
@ -1,22 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.media;
 in {
  imports = [
    ./mopidy.nix
    ./mpd.nix
    ./mpd-mpris.nix
    ./mpv.nix
  ];
  options.home.media.fullDesktop = mkEnableOption "Enables everything";
  config.home.media = {
    mopidy.enable = mkDefault cfg.fullDesktop;
    mpd.enable = mkDefault (cfg.fullDesktop or cfg.mpd-mpris.enable);
    mpv.enable = mkDefault cfg.fullDesktop;
  };
 }
--- a/users/modules/media/mpd-mpris.nix
+++ b/users/modules/media/mpd-mpris.nix
@ -1,16 +0,0 @@
 {
  config,
  lib,
  ...
 }:
 with lib; let
  cfg = config.home.media.mpd-mpris;
  cfgMpd = config.home.media.mpd;
 in {
  options.home.media.mpd-mpris.enable = mkOption {
    type = types.bool;
    default = cfgMpd.enable;
    example = false;
  };
  config.services.mpd-mpris.enable = cfg.enable;
 }
--- a/users/modules/media/mpd.nix
+++ b/users/modules/media/mpd.nix
@ -1,30 +0,0 @@
 {
  lib,
  config,
  ...
 }:
 with lib; let
  cfg = config.home.media.mpd;
 in {
  options.home.media.mpd.enable = mkEnableOption "Enables MPD";
  config.services.mpd = mkIf cfg.enable {
    inherit (cfg) enable;
    musicDirectory = "${config.home.homeDirectory}/Music";
    playlistDirectory = "${config.home.homeDirectory}/Music/playlists";
    network.startWhenNeeded = true;
    extraConfig = ''
      follow_outside_symlinks "yes"
      follow_inside_symlinks "yes"
      bind_to_address "localhost"
      auto_update "yes"
      audio_output {
        type "fifo"
        name "my_fifo"
        path "/tmp/mpd.fifo"
        format "44100:16:2"
      }
    '';
  };
 }
--- a/users/modules/media/mopidy.nix
+++ b/users/modules/media/mopidy.nix
@ -5,9 +5,9 @@
  ...
 }:
 with lib; let
-  cfg = config.home.media.mopidy;
+  cfg = config.modules.mopidy;
 in {
-  options.home.media.mopidy = {
+  options.modules.mopidy = {
    enable = mkEnableOption "Enables Mopidy.";
  };
--- a/Show More
+++ b/Show More
		`@ -1 +0,0 @@`
			`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHTv1lb6d99O84jeh6GdjPm8Gnt/HncSRhGhmoTq7BMK lucien@phundrak.com`