diff --git a/.git-crypt/.gitattributes b/.git-crypt/.gitattributes
new file mode 100644
index 0000000..665b10e
--- /dev/null
+++ b/.git-crypt/.gitattributes
@@ -0,0 +1,4 @@
+# Do not edit this file.  To specify the files to encrypt, create your own
+# .gitattributes file in the directory where your files are.
+* !filter !diff
+*.gpg binary
diff --git a/.git-crypt/keys/default/0/059F098EBF0E9A13E10A46BF6500251E087653C9.gpg b/.git-crypt/keys/default/0/059F098EBF0E9A13E10A46BF6500251E087653C9.gpg
new file mode 100644
index 0000000..8164576
Binary files /dev/null and b/.git-crypt/keys/default/0/059F098EBF0E9A13E10A46BF6500251E087653C9.gpg differ
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..7e0e7cf
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1 @@
+secrets.gcrypt/** filter=git-crypt diff=git-crypt
diff --git a/.github/workflows/autoupdate.yml b/.github/workflows/autoupdate.yml
new file mode 100644
index 0000000..6ab9707
--- /dev/null
+++ b/.github/workflows/autoupdate.yml
@@ -0,0 +1,50 @@
+name: Auto update
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 0 * * *"
+
+jobs:
+  update:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          token: ${{ secrets.PAT_TOKEN }}
+
+      - name: Check for updates
+        id: check
+        run: |
+          local=$(cat flake.lock | jq ".nodes.nixpkgs.locked.rev")
+          remote=$(curl "https://api.github.com/repos/NixOS/nixpkgs/branches/nixos-unstable/commits?per_page=1" | jq ".commit.sha")
+          if [[ $local == $remote ]]; then
+            echo "skip=1" >> "$GITHUB_OUTPUT"
+          else
+            echo "skip=0" >> "$GITHUB_OUTPUT"
+            branch=$(TZ='Australia/Melbourne' date '+staging_auto/%Y%m%d')
+            echo "branch_name=${branch}" >> "$GITHUB_OUTPUT"
+          fi
+
+      - name: Install nix
+        if: steps.check.outputs.skip == 0
+        uses: cachix/install-nix-action@v31
+
+      - name: Configure git
+        if: steps.check.outputs.skip == 0
+        run: |
+          git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --local user.name "github-actions[bot]"
+
+      - name: Update
+        if: steps.check.outputs.skip == 0
+        run: ./update.sh
+
+      - name: Push
+        if: steps.check.outputs.skip == 0
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.PAT_TOKEN }}
+          branch: ${{ steps.check.outputs.branch_name }}
diff --git a/.github/workflows/cachix.yml b/.github/workflows/cachix.yml
index ed8dee2..06bed3e 100644
--- a/.github/workflows/cachix.yml
+++ b/.github/workflows/cachix.yml
@@ -1,38 +1,27 @@
 name: CI
 
 on:
+  push:
   workflow_dispatch:
 
 jobs:
-  check:
-    name: Check flake
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-      - uses: cachix/install-nix-action@v17
-        with:
-          install_url: https://github.com/numtide/nix-unstable-installer/releases/download/nix-2.12.0pre20220930_89ca75c/install
-          extra_nix_config: experimental-features = nix-command flakes
-      - uses: cachix/cachix-action@v10
-        with:
-          name: lava
-          authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
-      - run: nix flake check --keep-going --verbose
-
   build:
     name: Build linux-lava for x86_64-linux
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      # credits to https://github.com/easimon/maximize-build-space/issues/45
+      - name: Remove unneeded packages to maximise build space
+        shell: bash
+        run: |
+            df -h
+            sudo rm -rf /usr/share/dotnet
+            sudo rm -rf /usr/local/lib/android
+            df -h
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
-      - uses: cachix/install-nix-action@v17
-        with:
-          install_url: https://github.com/numtide/nix-unstable-installer/releases/download/nix-2.12.0pre20220930_89ca75c/install
-          extra_nix_config: experimental-features = nix-command flakes
-      - uses: cachix/cachix-action@v10
+      - uses: cachix/install-nix-action@v31
+      - uses: cachix/cachix-action@v16
         with:
           name: lava
           authToken: '${{ secrets.CACHIX_AUTH_TOKEN }}'
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b2be92b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+result
diff --git a/README.md b/README.md
index c932782..daec2a6 100644
--- a/README.md
+++ b/README.md
@@ -14,17 +14,18 @@ to your liking. Open up `flake.nix`, add your new host config at the bottom, and
 ## Hosts
 | Name      | Description |
 | -------   | ----------- |
-| blossom   | Laptop and main PC |
+| hyacinth  | Main Desktop PC |
+| anemone   | Main Laptop |
 | caramel   | Raspberry Pi 400, stateless |
-| sugarcane | OVHCloud VPS, stateless |
+| dandelion | ARM OCI VPS, stateless |
 
 ## Users
 | Name | Description |
 | ---- | ----------- |
-| rin  | Main user for usage |
+| rin  | Main user for general usage |
 | hana | Lightweight user intended for inspecting stateless hosts |
 
 ## License
-Licensed under CC0; basically you can fork, modify, redistribute, or do whatever you want I don't really care.
+Licensed under CC0
 
 Credit is appreciated but not necessary
diff --git a/containers/amethyst/configuration.nix b/containers/amethyst/configuration.nix
new file mode 100644
index 0000000..b9d496d
--- /dev/null
+++ b/containers/amethyst/configuration.nix
@@ -0,0 +1,47 @@
+{ lib, pkgs, ... }: {
+  system.stateVersion = "23.11";
+  systemd.tmpfiles.rules = [
+    "d /persist/transmission 755 transmission transmission"
+    "d /persist/transmission/.config/transmission-daemon 750 transmission transmission"
+    "d /persist/transmission/.incomplete 750 transmission transmission"
+    "d /persist/transmission/Downloads 755 transmission transmission"
+    "d /persist/transmission/watchdir 755 transmission transmission"
+  ];
+  networking.wg-quick.interfaces.wg0 = {
+    configFile = "/persist/vpn.conf";
+    preUp = ''
+          # Try to access the DNS for up to 300s
+          for i in {1..60}; do
+            ${pkgs.iputils}/bin/ping -c1 'google.com' && break
+            echo "Attempt $i: DNS still not available"
+            sleep 5s
+          done
+    '';
+  };
+
+  # https://github.com/NixOS/nixpkgs/issues/258793
+  systemd.services.transmission.serviceConfig = {
+    BindReadOnlyPaths = lib.mkForce [ builtins.storeDir "/etc" ];
+    RootDirectoryStartOnly = lib.mkForce false;
+    RootDirectory = lib.mkForce "";
+    PrivateMounts = lib.mkForce false;
+    PrivateUsers = lib.mkForce false;
+  };
+
+  networking.firewall.allowedTCPPorts = [ 9091 ];
+  services.transmission = {
+    enable = true;
+    package = pkgs.transmission_4;
+    downloadDirPermissions = "775";
+    openFirewall = true;
+    home = "/persist/transmission";
+    settings = {
+      ratio-limit-enabled = true;
+      rpc-bind-address = "0.0.0.0";
+      rpc-enabled = true;
+      rpc-port = 9091;
+      rpc-host-whitelist-enabled = false;
+      rpc-whitelist-enabled = false;
+    };
+  };
+}
diff --git a/containers/amethyst/flake.lock b/containers/amethyst/flake.lock
new file mode 100644
index 0000000..88ab73f
--- /dev/null
+++ b/containers/amethyst/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/amethyst/flake.nix b/containers/amethyst/flake.nix
new file mode 100644
index 0000000..739c3e5
--- /dev/null
+++ b/containers/amethyst/flake.nix
@@ -0,0 +1,51 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }: {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      modules = [ ./configuration.nix ];
+    };
+    nixosModule = { ... }:
+    let
+      name = "amethyst";
+      fqdn = "amethyst.lava.moe";
+      subnet = "1";
+    in {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        #locations."/".proxyPass = "http://[fd0d:1::${subnet}:2]:9091";
+        locations."/".proxyPass = "http://10.30.${subnet}.2:9091";
+        listenAddresses = [ "10.0.0.1" "[fd0d::1]" ];
+      };
+
+      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = "10.30.${subnet}.1";
+        localAddress = "10.30.${subnet}.2";
+        hostAddress6 = "fd0d:1::${subnet}:1";
+        localAddress6 = "fd0d:1::${subnet}:2";
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = [ ./configuration.nix ]; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        # flake = "path:" + ./.;
+      };
+    };
+  };
+}
diff --git a/containers/beryllium/configuration.nix b/containers/beryllium/configuration.nix
new file mode 100644
index 0000000..6629a31
--- /dev/null
+++ b/containers/beryllium/configuration.nix
@@ -0,0 +1,23 @@
+{ ... }: {
+  system.stateVersion = "25.11";
+  fileSystems."/var/lib/private" = {
+    device = "/persist";
+    fsType = "none";
+    options = [ "bind" ];
+  };
+  networking.firewall.allowedTCPPorts = [ 6167 ];
+  networking.firewall.allowedUDPPorts = [ 6167 ];
+  # TODO: this should be generically set
+  networking.useHostResolvConf = false;
+  networking.nameservers = [ "8.8.8.8" ];
+
+  services.matrix-continuwuity = {
+    enable = true;
+    settings.global = {
+      # TODO: link this with outer container's address
+      address = [ "10.30.2.2" ];
+      server_name = "lava.moe";
+      rocksdb_recovery_mode = 2;
+    };
+  };
+}
diff --git a/containers/beryllium/flake.lock b/containers/beryllium/flake.lock
new file mode 100644
index 0000000..88ab73f
--- /dev/null
+++ b/containers/beryllium/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/beryllium/flake.nix b/containers/beryllium/flake.nix
new file mode 100644
index 0000000..5805401
--- /dev/null
+++ b/containers/beryllium/flake.nix
@@ -0,0 +1,69 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }: {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      modules = [ ./configuration.nix ];
+    };
+    nixosModule = { ... }:
+    let
+      name = "beryllium";
+      fqdn = "beryllium.lava.moe";
+      subnet = "2";
+    in {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/".extraConfig = "return 302 'https://lava.moe';";
+        locations."/_matrix".proxyPass = "http://10.30.${subnet}.2:6167";
+        locations."/_conduwuit".proxyPass = "http://10.30.${subnet}.2:6167";
+        locations."/_continuwuity".proxyPass = "http://10.30.${subnet}.2:6167";
+      };
+
+      services.nginx.virtualHosts."lava.moe" = {
+        locations."= /.well-known/matrix/server".extraConfig =
+          let
+            server = { "m.server" = "${fqdn}:443"; };
+          in ''
+            add_header Content-Type application/json;
+            return 200 '${builtins.toJSON server}';
+          '';
+        locations."= /.well-known/matrix/client".extraConfig =
+          let
+            client = {
+              "m.homeserver" = { "base_url" = "https://${fqdn}"; };
+              # "m.identity_server" = { "base_url" = "https://vector.im"; };
+            };
+          in ''
+            add_header Content-Type application/json;
+            add_header Access-Control-Allow-Origin *;
+            return 200 '${builtins.toJSON client}';
+          '';
+      };
+
+      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = "10.30.${subnet}.1";
+        localAddress = "10.30.${subnet}.2";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = [ ./configuration.nix ]; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+      };
+    };
+  };
+}
diff --git a/containers/citrine/configuration.nix b/containers/citrine/configuration.nix
new file mode 100644
index 0000000..0f4242a
--- /dev/null
+++ b/containers/citrine/configuration.nix
@@ -0,0 +1,53 @@
+{ config, fqdn, lib, ... }: {
+  system.stateVersion = "25.11";
+  networking.firewall.allowedTCPPorts = [ 22 3000 ];
+  networking.firewall.allowedUDPPorts = [ 22 3000 ];
+
+  systemd.tmpfiles.rules = [
+    "L+ /persist/forgejo/custom/templates - - - - ${./templates}"
+  ];
+
+  services.forgejo = {
+    enable = true;
+    lfs.enable = true;
+    settings = {
+      DEFAULT.APP_NAME = "cilly's botanical laboratory";
+      server = {
+        DOMAIN = fqdn;
+        ROOT_URL = "https://${fqdn}/";
+        HTTP_PORT = 3000;
+        START_SSH_SERVER = true;
+        BUILTIN_SSH_SERVER_USER = "git";
+        SSH_DOMAIN = "git.lava.moe";
+        SSH_SERVER_KEY_EXCHANGES = "mlkem768x25519-sha256,sntrup761x25519-sha512,sntrup761x25519-sha512@openssh.com,curve25519-sha256,curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256";
+      };
+      ui = lib.mkForce {
+        DEFAULT_THEME = "catppuccin-maroon-auto";
+        THEMES = lib.strings.concatMapStringsSep "," (x: "${x}-auto") [
+          "catppuccin-pink"
+          "catppuccin-maroon"
+          "catppuccin-flamingo"
+          "catppuccin-rosewater"
+          "forgejo"
+          "gitea"
+        ];
+      };
+      api.ENABLE_SWAGGER = false;
+      other.SHOW_FOOTER_TEMPLATE_LOAD_TIME = false;
+      repository.ENABLE_PUSH_CREATE_USER = true;
+      repository.ENABLE_PUSH_CREATE_ORG = true;
+      service.DISABLE_REGISTRATION = true;
+    };
+    stateDir = "/persist/forgejo";
+  };
+
+  systemd.services.forgejo.serviceConfig = {
+    AmbientCapabilities = [ "CAP_NET_BIND_SERVICE" ];
+    CapabilityBoundingSet = [ "CAP_NET_BIND_SERVICE" ];
+    PrivateUsers = lib.mkForce false;
+  };
+
+  catppuccin.forgejo.enable = true;
+
+  environment.systemPackages = [ config.services.forgejo.package ];
+}
diff --git a/containers/citrine/flake.lock b/containers/citrine/flake.lock
new file mode 100644
index 0000000..d627614
--- /dev/null
+++ b/containers/citrine/flake.lock
@@ -0,0 +1,62 @@
+{
+  "nodes": {
+    "catppuccin": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1773403535,
+        "narHash": "sha256-47MZaFrHxNO8tVUAmtVnerXUw2WWVluBOiU9MulN/yM=",
+        "owner": "catppuccin",
+        "repo": "nix",
+        "rev": "d45b5665cc638bad1b794350de02f4dd41b0bb47",
+        "type": "github"
+      },
+      "original": {
+        "owner": "catppuccin",
+        "repo": "nix",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773122722,
+        "narHash": "sha256-FIqHByVqxCprNjor1NqF80F2QQoiiyqanNNefdlvOg4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "62dc67aa6a52b4364dd75994ec00b51fbf474e50",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "catppuccin": "catppuccin",
+        "nixpkgs": "nixpkgs_2"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/citrine/flake.nix b/containers/citrine/flake.nix
new file mode 100644
index 0000000..c2a81b7
--- /dev/null
+++ b/containers/citrine/flake.nix
@@ -0,0 +1,68 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+    catppuccin.url = "github:catppuccin/nix";
+  };
+  outputs = { nixpkgs, catppuccin, ... }:
+  let
+    name = "citrine";
+    fqdn = "lab.lava.moe";
+    subnetId = "3";
+
+    subnet = x: "fd0d:1::${subnetId}:${toString x}";
+    host = subnet 1;
+    client = subnet 2;
+
+    subnet4 = x: "10.30.${subnetId}.${toString x}";
+    host4 = subnet4 1;
+    client4 = subnet4 2;
+
+    modules = [
+      ./configuration.nix
+      catppuccin.nixosModules.catppuccin
+      {
+        networking.useHostResolvConf = false;
+        networking.nameservers = [ host ];
+      }
+    ];
+  in {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      inherit modules;
+    };
+    nixosModule = { ... }: {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/".proxyPass = "http://[${client}]:3000";
+      };
+
+      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = host4;
+        localAddress = client4;
+        hostAddress6 = host;
+        localAddress6 = client;
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = modules; };
+        specialArgs = { inherit fqdn; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        # flake = "path:" + ./.;
+      };
+    };
+  };
+}
diff --git a/containers/citrine/templates/base/footer_content.tmpl b/containers/citrine/templates/base/footer_content.tmpl
new file mode 100644
index 0000000..a9238c3
--- /dev/null
+++ b/containers/citrine/templates/base/footer_content.tmpl
@@ -0,0 +1,31 @@
+<footer class="page-footer" role="group" aria-label="{{ctx.Locale.Tr "aria.footer"}}">
+    <div class="left-links" role="contentinfo" aria-label="{{ctx.Locale.Tr "aria.footer.software"}}">
+        {{if ShowFooterPoweredBy}}
+            <a target="_blank" rel="noopener noreferrer" href="https://forgejo.org">Forgejo</a>
+        {{end}}
+        {{if (or .ShowFooterVersion .PageIsAdmin)}}
+            {{if .IsAdmin}}
+                <a href="{{AppSubUrl}}/admin/config">{{AppVerNoMetadata}}</a>
+            {{else}}
+                {{AppVerNoMetadata}}
+            {{end}}
+        {{end}}
+        {{if and .TemplateLoadTimes ShowFooterTemplateLoadTime}}
+            {{ctx.Locale.Tr "page"}}: <strong>{{LoadTimes .PageStartTime}}</strong>
+            {{ctx.Locale.Tr "template"}}{{if .TemplateName}} {{.TemplateName}}{{end}}: <strong>{{call .TemplateLoadTimes}}</strong>
+        {{end}}
+    </div>
+    <div class="right-links" role="group" aria-label="{{ctx.Locale.Tr "aria.footer.links"}}">
+        <div class="ui dropdown upward language">
+            <span class="flex-text-inline">{{svg "octicon-globe" 14}} {{ctx.Locale.LangName}}</span>
+            <div class="menu language-menu">
+                {{range .AllLangs}}
+                    <a lang="{{.Lang}}" data-url="{{AppSubUrl}}/?lang={{.Lang}}" class="item {{if eq ctx.Locale.Lang .Lang}}active selected{{end}}">{{.Name}}</a>
+                {{end}}
+            </div>
+        </div>
+        <a href="{{AssetUrlPrefix}}/licenses.txt">{{ctx.Locale.Tr "licenses"}}</a>
+        {{if .EnableSwagger}}<a href="{{AppSubUrl}}/api/swagger">API</a>{{end}}
+        {{template "custom/extra_links_footer" .}}
+    </div>
+</footer>
diff --git a/containers/citrine/templates/home.tmpl b/containers/citrine/templates/home.tmpl
new file mode 100644
index 0000000..d460caf
--- /dev/null
+++ b/containers/citrine/templates/home.tmpl
@@ -0,0 +1,19 @@
+{{template "base/head" .}}
+{{if not .IsSigned}}
+    <script>window.location.href = "/explore/repos";</script>
+{{end}}
+<div role="main" aria-label="{{if .IsSigned}}{{ctx.Locale.Tr "dashboard"}}{{else}}{{ctx.Locale.Tr "home"}}{{end}}" class="page-content home">
+    <div class="tw-mb-8 tw-px-8">
+        <div class="center">
+            <img class="logo" width="220" height="220" src="{{AssetUrlPrefix}}/img/logo.svg" alt="{{ctx.Locale.Tr "logo"}}">
+            <div class="hero">
+                <h1 class="ui icon header title">
+                    {{AppDisplayName}}
+                </h1>
+                <h2>{{ctx.Locale.Tr "startpage.app_desc"}}</h2>
+            </div>
+        </div>
+    </div>
+    {{template "home_forgejo" .}}
+</div>
+{{template "base/footer" .}}
diff --git a/containers/diamond/configuration.nix b/containers/diamond/configuration.nix
new file mode 100644
index 0000000..01b4311
--- /dev/null
+++ b/containers/diamond/configuration.nix
@@ -0,0 +1,22 @@
+{ fqdn, ... }: {
+  system.stateVersion = "25.11";
+  systemd.tmpfiles.rules = [
+    "d /persist/vaultwarden 755 vaultwarden vaultwarden"
+  ];
+  fileSystems."/var/lib/vaultwarden" = {
+    device = "/persist/vaultwarden";
+    fsType = "none";
+    options = [ "bind" ];
+  };
+  networking.firewall.allowedTCPPorts = [ 8000 ];
+  networking.firewall.allowedUDPPorts = [ 8000 ];
+
+  services.vaultwarden = {
+    enable = true;
+    domain = fqdn;
+    config = {
+      DOMAIN = "https://${fqdn}";
+      ROCKET_ADDRESS = "::";
+    };
+  };
+}
diff --git a/containers/diamond/flake.lock b/containers/diamond/flake.lock
new file mode 100644
index 0000000..88ab73f
--- /dev/null
+++ b/containers/diamond/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/diamond/flake.nix b/containers/diamond/flake.nix
new file mode 100644
index 0000000..71ab4fd
--- /dev/null
+++ b/containers/diamond/flake.nix
@@ -0,0 +1,51 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }:
+  let
+    name = "diamond";
+    fqdn = "astransia.lava.moe";
+    subnetId = "4";
+
+    subnet = x: "fd0d:1::${subnetId}:${toString x}";
+    host = subnet 1;
+    client = subnet 2;
+
+    modules = [
+      ./configuration.nix
+    ];
+  in {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      inherit modules;
+    };
+    nixosModule = { ... }: {
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/".proxyPass = "http://[${client}]:8000";
+        listenAddresses = [ "10.0.0.1" "[fd0d::1]" "100.67.1.1" ];
+      };
+
+      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress6 = host;
+        localAddress6 = client;
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = modules; };
+        specialArgs = { inherit fqdn; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        # flake = "path:" + ./.;
+      };
+    };
+  };
+}
diff --git a/containers/emerald/configuration.nix b/containers/emerald/configuration.nix
new file mode 100644
index 0000000..421ddb0
--- /dev/null
+++ b/containers/emerald/configuration.nix
@@ -0,0 +1,23 @@
+{ fqdn, shareFqdn, ... }: {
+  system.stateVersion = "25.11";
+  systemd.tmpfiles.rules = [
+    "d /persist/navidrome 755 navidrome navidrome"
+  ];
+  networking.firewall.allowedTCPPorts = [ 4533 ];
+  networking.firewall.allowedUDPPorts = [ 4533 ];
+
+  services.navidrome = {
+    enable = true;
+    environmentFile = "/binds/navidrome_env";
+    settings = {
+      Port = 4533;
+      Address = "[::]";
+      BaseUrl = "https://${fqdn}/";
+      ShareURL = "https://${shareFqdn}";
+      EnableSharing = true;
+      DataFolder = "/persist/navidrome";
+      MusicFolder = "/binds/music/main";
+    };
+  };
+  systemd.services.navidrome.serviceConfig.BindReadOnlyPaths = ["/binds/music"];
+}
diff --git a/containers/emerald/flake.lock b/containers/emerald/flake.lock
new file mode 100644
index 0000000..88ab73f
--- /dev/null
+++ b/containers/emerald/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/emerald/flake.nix b/containers/emerald/flake.nix
new file mode 100644
index 0000000..5ee69e4
--- /dev/null
+++ b/containers/emerald/flake.nix
@@ -0,0 +1,78 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }:
+  let
+    name = "emerald";
+    fqdn = "navia.lava.moe";
+    shareFqdn = "muse.lava.moe";
+    subnetId = "5";
+
+    subnet = x: "fd0d:2::${subnetId}:${toString x}";
+    host = subnet 1;
+    client = subnet 2;
+
+    subnet4 = x: "10.32.${subnetId}.${toString x}";
+    host4 = subnet4 1;
+    client4 = subnet4 2;
+
+    modules = [
+      ./configuration.nix
+      {
+        networking.useHostResolvConf = false;
+        networking.nameservers = [ host ];
+      }
+    ];
+  in {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      inherit modules;
+    };
+    nixosModule = { config, ... }: {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/".proxyPass = "http://[${client}]:4533";
+        listenAddresses = [ "100.67.2.1" ];
+      };
+
+      systemd.tmpfiles.rules = [ "d /persist/containers/${name} 755 root users" ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = host4;
+        localAddress = client4;
+        hostAddress6 = host;
+        localAddress6 = client;
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = modules; };
+        specialArgs = { inherit fqdn shareFqdn; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        bindMounts."music" = {
+          hostPath = "/flower/media/music";
+          mountPoint = "/binds/music";
+          isReadOnly = true;
+        };
+        bindMounts."navidrome_env" = {
+          hostPath = config.age.secrets.navidrome_env.path;
+          mountPoint = "/binds/navidrome_env";
+          isReadOnly = true;
+        };
+        # flake = "path:" + ./.;
+      };
+    };
+  };
+}
diff --git a/containers/fluorite/configuration.nix b/containers/fluorite/configuration.nix
new file mode 100644
index 0000000..9fcb5f5
--- /dev/null
+++ b/containers/fluorite/configuration.nix
@@ -0,0 +1,22 @@
+{ ... }: {
+  system.stateVersion = "25.11";
+  systemd.tmpfiles.rules = [
+    "d /persist/slskd/Downloads 755 slskd slskd"
+  ];
+  fileSystems."/var/lib/slskd" = {
+    device = "/persist/slskd";
+    fsType = "none";
+    options = [ "bind" ];
+  };
+  networking.firewall.allowedTCPPorts = [ 5030 50300 ];
+  networking.firewall.allowedUDPPorts = [ 5030 50300 ];
+
+  services.slskd = {
+    enable = true;
+    domain = null;
+    environmentFile = "/binds/slskd_env";
+    settings = {
+      shares.directories = [ "/binds/music/" ];
+    };
+  };
+}
diff --git a/containers/fluorite/flake.lock b/containers/fluorite/flake.lock
new file mode 100644
index 0000000..88ab73f
--- /dev/null
+++ b/containers/fluorite/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/fluorite/flake.nix b/containers/fluorite/flake.nix
new file mode 100644
index 0000000..33fcdb1
--- /dev/null
+++ b/containers/fluorite/flake.nix
@@ -0,0 +1,89 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }:
+  let
+    name = "fluorite";
+    fqdn = "fluorite.lava.moe";
+    subnetId = "6";
+
+    subnet = x: "fd0d:1::${subnetId}:${toString x}";
+    host = subnet 1;
+    client = subnet 2;
+
+    subnet4 = x: "10.30.${subnetId}.${toString x}";
+    host4 = subnet4 1;
+    client4 = subnet4 2;
+
+    modules = [
+      ./configuration.nix
+      {
+        networking.useHostResolvConf = false;
+        networking.nameservers = [ host ];
+      }
+    ];
+  in {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      inherit modules;
+    };
+    nixosModule = { config, ... }: {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+      networking.firewall.allowedTCPPorts = [ 50300 ];
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/".proxyPass = "http://[${client}]:5030";
+        listenAddresses = [ "10.0.0.1" "[fd0d::1]" "100.67.1.1" ];
+      };
+
+      systemd.tmpfiles.rules = [
+        "d /persist/containers/${name} 755 root users"
+        "d /persist/media/music 075 nobody users"
+      ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = host4;
+        localAddress = client4;
+        hostAddress6 = host;
+        localAddress6 = client;
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = modules; };
+        specialArgs = { inherit fqdn; };
+
+        forwardPorts = [
+          {
+            containerPort = 50300;
+            hostPort = 50300;
+            protocol = "tcp";
+          }
+        ];
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        bindMounts."music" = {
+          hostPath = "/persist/media/music";
+          mountPoint = "/binds/music";
+          isReadOnly = true;
+        };
+        bindMounts."slskd_env" = {
+          hostPath = config.age.secrets.slskd_env.path;
+          mountPoint = "/binds/slskd_env";
+          isReadOnly = true;
+        };
+        # flake = "path:" + ./.;
+      };
+    };
+  };
+}
diff --git a/containers/garnet/configuration.nix b/containers/garnet/configuration.nix
new file mode 100644
index 0000000..21400c5
--- /dev/null
+++ b/containers/garnet/configuration.nix
@@ -0,0 +1,36 @@
+{ ... }: {
+  system.stateVersion = "25.11";
+  fileSystems."/var/lib/opencloud" = {
+    device = "/flower/data";
+    fsType = "none";
+    options = [ "bind" ];
+  };
+  fileSystems."/etc/opencloud" = {
+    device = "/persist/cfg";
+    fsType = "none";
+    options = [ "bind" ];
+  };
+  # TODO: hardcoded address
+  networking.extraHosts = ''
+    100.67.2.1 cloud.lava.moe
+  '';
+
+  networking.firewall.allowedTCPPorts = [ 9200 ];
+  networking.firewall.allowedUDPPorts = [ 9200 ];
+
+  environment.etc."opencloud-admin-pass".text = ''
+    IDM_ADMIN_PASSWORD=supersillysecure
+  '';
+  services.opencloud = {
+    enable = true;
+    url = "https://cloud.lava.moe";
+    address = "10.30.7.2";
+    port = 9200;
+    environment = {
+      PROXY_TLS = "false";
+      IDP_ACCESS_TOKEN_EXPIRATION = "2592000";
+      IDP_ID_TOKEN_EXPIRATION = "2592000";
+    };
+    environmentFile = "/etc/opencloud-admin-pass";
+  };
+}
diff --git a/containers/garnet/flake.lock b/containers/garnet/flake.lock
new file mode 100644
index 0000000..4070242
--- /dev/null
+++ b/containers/garnet/flake.lock
@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1779560665,
+        "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/containers/garnet/flake.nix b/containers/garnet/flake.nix
new file mode 100644
index 0000000..df835a4
--- /dev/null
+++ b/containers/garnet/flake.nix
@@ -0,0 +1,84 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+  };
+  outputs = { nixpkgs, ... }:
+  let
+    name = "garnet";
+    fqdn = "cloud.lava.moe";
+    subnetId = "7";
+
+    subnet = x: "fd0d:1::${subnetId}:${toString x}";
+    host = subnet 1;
+    client = subnet 2;
+
+    subnet4 = x: "10.30.${subnetId}.${toString x}";
+    host4 = subnet4 1;
+    client4 = subnet4 2;
+
+    modules = [
+      ./configuration.nix
+      {
+        networking.useHostResolvConf = false;
+        networking.nameservers = [ host ];
+      }
+    ];
+  in {
+    nixosConfigurations.container = nixpkgs.lib.nixosSystem {
+      inherit modules;
+    };
+    nixosModule = { config, ... }: {
+      networking.nat = {
+        enable = true;
+        enableIPv6 = true;
+        internalInterfaces = [ "ve-${name}" ];
+      };
+
+      services.nginx.virtualHosts."${fqdn}" = {
+        useACMEHost = "lava.moe";
+        forceSSL = true;
+        locations."/" = {
+          proxyPass = "http://${client4}:9200";
+          proxyWebsockets = true;
+        };
+        extraConfig = ''
+          proxy_read_timeout 3600s;
+          proxy_send_timeout 3600s;
+          keepalive_requests 100000;
+          keepalive_timeout 5m;
+          http2_max_concurrent_streams 512;
+        '';
+        # TODO: hardcoded address
+        listenAddresses = [ "100.67.2.1" ];
+      };
+
+      systemd.tmpfiles.rules = [
+        "d /persist/containers/${name} 755 root users"
+      ];
+      containers.${name} = {
+        autoStart = true;
+        privateNetwork = true;
+        hostAddress = host4;
+        localAddress = client4;
+        hostAddress6 = host;
+        localAddress6 = client;
+        # privateUsers = "pick";
+        nixpkgs = nixpkgs;
+        ephemeral = true;
+        config = { imports = modules; };
+        specialArgs = { inherit fqdn; };
+
+        bindMounts."persist" = {
+          hostPath = "/persist/containers/${name}";
+          mountPoint = "/persist";
+          isReadOnly = false;
+        };
+        bindMounts."content" = {
+          hostPath = "/flower/opencloud";
+          mountPoint = "/flower";
+          isReadOnly = false;
+        };
+      };
+    };
+  };
+}
diff --git a/flake.lock b/flake.lock
index 84ae1c0..2578a7e 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,19 +1,40 @@
 {
   "nodes": {
+    "aagl": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs",
+        "rust-overlay": "rust-overlay"
+      },
+      "locked": {
+        "lastModified": 1779903856,
+        "narHash": "sha256-uRShMtD6xW3ZKZbCQ6sDzKWEnbBXUg3IGfOARYogKhg=",
+        "owner": "ezKEa",
+        "repo": "aagl-gtk-on-nix",
+        "rev": "50671fc7f29d686f63ef34b603320d44ad7f2d29",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ezKEa",
+        "repo": "aagl-gtk-on-nix",
+        "type": "github"
+      }
+    },
     "agenix": {
       "inputs": {
         "darwin": "darwin",
         "home-manager": "home-manager",
         "nixpkgs": [
           "nixpkgs"
-        ]
+        ],
+        "systems": "systems"
       },
       "locked": {
-        "lastModified": 1701216516,
-        "narHash": "sha256-jKSeJn+7hZ1dZdiH1L+NWUGT2i/BGomKAJ54B9kT06Q=",
+        "lastModified": 1770165109,
+        "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
         "owner": "ryantm",
         "repo": "agenix",
-        "rev": "13ac9ac6d68b9a0896e3d43a082947233189e247",
+        "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
         "type": "github"
       },
       "original": {
@@ -22,6 +43,194 @@
         "type": "github"
       }
     },
+    "c-amethyst": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "path": "./containers/amethyst",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/amethyst",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-beryllium": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_3"
+      },
+      "locked": {
+        "path": "./containers/beryllium",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/beryllium",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-citrine": {
+      "inputs": {
+        "catppuccin": "catppuccin",
+        "nixpkgs": "nixpkgs_5"
+      },
+      "locked": {
+        "path": "./containers/citrine",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/citrine",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-diamond": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_6"
+      },
+      "locked": {
+        "path": "./containers/diamond",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/diamond",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-emerald": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_7"
+      },
+      "locked": {
+        "path": "./containers/emerald",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/emerald",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-fluorite": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_8"
+      },
+      "locked": {
+        "path": "./containers/fluorite",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/fluorite",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "c-garnet": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_9"
+      },
+      "locked": {
+        "path": "./containers/garnet",
+        "type": "path"
+      },
+      "original": {
+        "path": "./containers/garnet",
+        "type": "path"
+      },
+      "parent": []
+    },
+    "catppuccin": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_4"
+      },
+      "locked": {
+        "lastModified": 1773403535,
+        "narHash": "sha256-47MZaFrHxNO8tVUAmtVnerXUw2WWVluBOiU9MulN/yM=",
+        "owner": "catppuccin",
+        "repo": "nix",
+        "rev": "d45b5665cc638bad1b794350de02f4dd41b0bb47",
+        "type": "github"
+      },
+      "original": {
+        "owner": "catppuccin",
+        "repo": "nix",
+        "type": "github"
+      }
+    },
+    "catppuccin-palette": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1774131488,
+        "narHash": "sha256-hsy+GhuM4MSjnwGq1YJSLBFIbVm67SSdPRgObP00mxw=",
+        "owner": "catppuccin",
+        "repo": "palette",
+        "rev": "07d02aa110ef9eb7e7427afca5c73ba9cf7f8ebd",
+        "type": "github"
+      },
+      "original": {
+        "owner": "catppuccin",
+        "repo": "palette",
+        "type": "github"
+      }
+    },
+    "catppuccin-v1_1": {
+      "locked": {
+        "lastModified": 1734055249,
+        "narHash": "sha256-pCWJgwo77KD7EJpwynwKrWPZ//dwypHq2TfdzZWqK68=",
+        "rev": "7221d6ca17ac36ed20588e1c3a80177ac5843fa7",
+        "revCount": 326,
+        "type": "tarball",
+        "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.1.1/0193bdc0-b045-7eed-bbec-95611a8ecdf5/source.tar.gz"
+      },
+      "original": {
+        "type": "tarball",
+        "url": "https://flakehub.com/f/catppuccin/nix/1.1.%2A.tar.gz"
+      }
+    },
+    "catppuccin-v1_2": {
+      "locked": {
+        "lastModified": 1734728407,
+        "narHash": "sha256-Let3uJo4YDyfqbqaw66dpZxhJB2TrDyZWSFd5rpPLJA=",
+        "rev": "23ee86dbf4ed347878115a78971d43025362fab1",
+        "revCount": 341,
+        "type": "tarball",
+        "url": "https://api.flakehub.com/f/pinned/catppuccin/nix/1.2.0/0193e5e0-33b7-7149-a362-bfe56b20f64e/source.tar.gz"
+      },
+      "original": {
+        "type": "tarball",
+        "url": "https://flakehub.com/f/catppuccin/nix/1.2.%2A.tar.gz"
+      }
+    },
+    "catppuccin_2": {
+      "inputs": {
+        "catppuccin-v1_1": "catppuccin-v1_1",
+        "catppuccin-v1_2": "catppuccin-v1_2",
+        "home-manager": "home-manager_2",
+        "home-manager-stable": "home-manager-stable",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-stable": "nixpkgs-stable",
+        "nuscht-search": "nuscht-search"
+      },
+      "locked": {
+        "lastModified": 1736069220,
+        "narHash": "sha256-76MaB3COao55nlhWmSmq9PKgu2iGIs54C1cAE0E5J6Y=",
+        "owner": "catppuccin",
+        "repo": "nix",
+        "rev": "8eada392fd6571a747e1c5fc358dd61c14c8704e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "catppuccin",
+        "repo": "nix",
+        "rev": "8eada392fd6571a747e1c5fc358dd61c14c8704e",
+        "type": "github"
+      }
+    },
     "darwin": {
       "inputs": {
         "nixpkgs": [
@@ -30,11 +239,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1673295039,
-        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
+        "lastModified": 1744478979,
+        "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
         "owner": "lnl7",
         "repo": "nix-darwin",
-        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
+        "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
         "type": "github"
       },
       "original": {
@@ -44,46 +253,14 @@
         "type": "github"
       }
     },
-    "discord-tokyonight": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1632310328,
-        "narHash": "sha256-LcxXTGdo6ZW5glECkH5vgLWAYMZ3ez/3USc059dR9cE=",
-        "owner": "DanisDGK",
-        "repo": "zelk-customizations",
-        "rev": "c5ed0be3f2dd4421c42a4c62d28fc52d18c68ef1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "DanisDGK",
-        "repo": "zelk-customizations",
-        "type": "github"
-      }
-    },
-    "discover": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1700057968,
-        "narHash": "sha256-k/20+NBEewELv0GWTFhL2+168lpKGFI8KLEgGhOmOa4=",
-        "owner": "trigg",
-        "repo": "Discover",
-        "rev": "14069fbd722156c3a3abce70e7a912941556d4ab",
-        "type": "github"
-      },
-      "original": {
-        "owner": "trigg",
-        "repo": "Discover",
-        "type": "github"
-      }
-    },
     "fast-syntax-highlighting": {
       "flake": false,
       "locked": {
-        "lastModified": 1688591419,
-        "narHash": "sha256-RVX9ZSzjBW3LpFs2W86lKI6vtcvDWP6EPxzeTcRZua4=",
+        "lastModified": 1752660993,
+        "narHash": "sha256-ZihUL4JAVk9V+IELSakytlb24BvEEJ161CQEHZYYoSA=",
         "owner": "zdharma-continuum",
         "repo": "fast-syntax-highlighting",
-        "rev": "cf318e06a9b7c9f2219d78f41b46fa6e06011fd9",
+        "rev": "3d574ccf48804b10dca52625df13da5edae7f553",
         "type": "github"
       },
       "original": {
@@ -95,11 +272,11 @@
     "flake-compat": {
       "flake": false,
       "locked": {
-        "lastModified": 1696426674,
-        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "lastModified": 1767039857,
+        "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
         "owner": "edolstra",
         "repo": "flake-compat",
-        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
         "type": "github"
       },
       "original": {
@@ -108,6 +285,22 @@
         "type": "github"
       }
     },
+    "flake-compat_2": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1767039857,
+        "narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
+        "owner": "NixOS",
+        "repo": "flake-compat",
+        "rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": [
@@ -116,11 +309,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1701473968,
-        "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
+        "lastModified": 1778716662,
+        "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
+        "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb",
         "type": "github"
       },
       "original": {
@@ -130,36 +323,15 @@
       }
     },
     "flake-parts_2": {
-      "inputs": {
-        "nixpkgs-lib": [
-          "neovim-nightly",
-          "hercules-ci-effects",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1696343447,
-        "narHash": "sha256-B2xAZKLkkeRFG5XcHHSXXcP7To9Xzr59KXeZiRf4vdQ=",
-        "owner": "hercules-ci",
-        "repo": "flake-parts",
-        "rev": "c9afaba3dfa4085dbd2ccb38dfade5141e33d9d4",
-        "type": "github"
-      },
-      "original": {
-        "id": "flake-parts",
-        "type": "indirect"
-      }
-    },
-    "flake-parts_3": {
       "inputs": {
         "nixpkgs-lib": "nixpkgs-lib"
       },
       "locked": {
-        "lastModified": 1701473968,
-        "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
+        "lastModified": 1778716662,
+        "narHash": "sha256-m1Yf0wZ8j1OHjTc2UwHwyQRSnNeSgLJOd7q5Y45hzi4=",
         "owner": "hercules-ci",
         "repo": "flake-parts",
-        "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
+        "rev": "f7c1a2d347e4c52d5fb8d10cb4d94b5884e546fb",
         "type": "github"
       },
       "original": {
@@ -170,14 +342,14 @@
     },
     "flake-utils": {
       "inputs": {
-        "systems": "systems"
+        "systems": "systems_2"
       },
       "locked": {
-        "lastModified": 1694529238,
-        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
         "type": "github"
       },
       "original": {
@@ -188,14 +360,14 @@
     },
     "flake-utils_2": {
       "inputs": {
-        "systems": "systems_2"
+        "systems": "systems_3"
       },
       "locked": {
-        "lastModified": 1681202837,
-        "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
         "type": "github"
       },
       "original": {
@@ -206,14 +378,14 @@
     },
     "flake-utils_3": {
       "inputs": {
-        "systems": "systems_3"
+        "systems": "systems_4"
       },
       "locked": {
-        "lastModified": 1685518550,
-        "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
+        "lastModified": 1701680307,
+        "narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "a1720a10a6cfe8234c0e93907ffe81be440f4cef",
+        "rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
         "type": "github"
       },
       "original": {
@@ -222,25 +394,48 @@
         "type": "github"
       }
     },
-    "hercules-ci-effects": {
+    "git-hooks": {
       "inputs": {
-        "flake-parts": "flake-parts_2",
+        "flake-compat": "flake-compat_2",
+        "gitignore": "gitignore",
         "nixpkgs": [
-          "neovim-nightly",
+          "nix-gaming",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1701009247,
-        "narHash": "sha256-GuX16rzRze2y7CsewJLTV6qXkXWyEwp6VCZXi8HLruU=",
+        "lastModified": 1778507602,
+        "narHash": "sha256-kTwur1wV+01SdqskVMSo6JMEpg71ps3HpbFY2GsflKs=",
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
+        "rev": "61ab0e80d9c7ab14c256b5b453d8b3fb0189ba0a",
+        "type": "github"
+      },
+      "original": {
+        "owner": "cachix",
+        "repo": "git-hooks.nix",
+        "type": "github"
+      }
+    },
+    "gitignore": {
+      "inputs": {
+        "nixpkgs": [
+          "nix-gaming",
+          "git-hooks",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1709087332,
+        "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
         "owner": "hercules-ci",
-        "repo": "hercules-ci-effects",
-        "rev": "31b6cd7569191bfcd0a548575b0e2ef953ed7d09",
+        "repo": "gitignore.nix",
+        "rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
         "type": "github"
       },
       "original": {
         "owner": "hercules-ci",
-        "repo": "hercules-ci-effects",
+        "repo": "gitignore.nix",
         "type": "github"
       }
     },
@@ -252,11 +447,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1682203081,
-        "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
+        "lastModified": 1745494811,
+        "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
+        "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
         "type": "github"
       },
       "original": {
@@ -265,45 +460,24 @@
         "type": "github"
       }
     },
-    "home-manager-raccoon": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs-raccoon"
-        ],
-        "utils": "utils"
-      },
-      "locked": {
-        "lastModified": 1685325875,
-        "narHash": "sha256-tevlLIMPeVNNYPd9UgjHApAUoFAnw9iohqUyj+LPp88=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "b372d7f8d5518aaba8a4058a453957460481afbc",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "release-22.11",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
     "home-manager-stable": {
       "inputs": {
         "nixpkgs": [
+          "catppuccin",
           "nixpkgs-stable"
         ]
       },
       "locked": {
-        "lastModified": 1706981411,
-        "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
+        "lastModified": 1734366194,
+        "narHash": "sha256-vykpJ1xsdkv0j8WOVXrRFHUAdp9NXHpxdnn1F4pYgSw=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "652fda4ca6dafeb090943422c34ae9145787af37",
+        "rev": "80b0fdf483c5d1cb75aaad909bd390d48673857f",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-23.11",
+        "ref": "release-24.11",
         "repo": "home-manager",
         "type": "github"
       }
@@ -311,15 +485,16 @@
     "home-manager_2": {
       "inputs": {
         "nixpkgs": [
+          "catppuccin",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1702538064,
-        "narHash": "sha256-At5GwJPu2tzvS9dllhBoZmqK6lkkh/sOp2YefWRlaL8=",
+        "lastModified": 1734622215,
+        "narHash": "sha256-OOfI0XhSJGHblfdNDhfnn8QnZxng63rWk9eeJ2tCbiI=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "0e2e443ff24f9d75925e91b89d1da44b863734af",
+        "rev": "1395379a7a36e40f2a76e7b9936cc52950baa1be",
         "type": "github"
       },
       "original": {
@@ -328,30 +503,62 @@
         "type": "github"
       }
     },
-    "hosts-blocklists": {
-      "flake": false,
+    "home-manager_3": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
       "locked": {
-        "lastModified": 1687788647,
-        "narHash": "sha256-nKNz9ux1FPxoL14VZtH/1tfnn67LeXmdVQJz7I9+Srk=",
-        "owner": "notracking",
-        "repo": "hosts-blocklists",
-        "rev": "2ab426e806985d0d3d1c3eb447d7e772a836e10d",
+        "lastModified": 1779969295,
+        "narHash": "sha256-HwIJ3tOcwSMiV75L7KqJXciXR9UfT+d7rwOZMX7cTnA=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "61e2c9659324181e0f0ed911958c536333b1d4f6",
         "type": "github"
       },
       "original": {
-        "owner": "notracking",
-        "repo": "hosts-blocklists",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "ixx": {
+      "inputs": {
+        "flake-utils": [
+          "catppuccin",
+          "nuscht-search",
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "catppuccin",
+          "nuscht-search",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1729958008,
+        "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=",
+        "owner": "NuschtOS",
+        "repo": "ixx",
+        "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NuschtOS",
+        "ref": "v0.0.6",
+        "repo": "ixx",
         "type": "github"
       }
     },
     "linux-tkg": {
       "flake": false,
       "locked": {
-        "lastModified": 1704890137,
-        "narHash": "sha256-uh1ielVK71BP/MYK85KA8B8DBltFPF4oEeHXyKcMqyY=",
+        "lastModified": 1779857514,
+        "narHash": "sha256-dCrVB3cFvv1d/9wuEejYN131b1phyf6SDy1bcEvtWGo=",
         "owner": "Frogging-Family",
         "repo": "linux-tkg",
-        "rev": "80fdc82a9a76b81d9fcc4a321566f285fb956e76",
+        "rev": "c9196dea7ee464f7792f94cd39c32431ad9e25ab",
         "type": "github"
       },
       "original": {
@@ -360,46 +567,20 @@
         "type": "github"
       }
     },
-    "neovim-flake": {
-      "inputs": {
-        "flake-utils": "flake-utils",
-        "nixpkgs": [
-          "neovim-nightly",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "dir": "contrib",
-        "lastModified": 1702595978,
-        "narHash": "sha256-PvcPk+f9ENeY5Jq1nvWpkL12KWeVQFhqQ2a8PLNfP/k=",
-        "owner": "neovim",
-        "repo": "neovim",
-        "rev": "f31f260f0c6449dba4c84071be6bfe91d3cb4993",
-        "type": "github"
-      },
-      "original": {
-        "dir": "contrib",
-        "owner": "neovim",
-        "repo": "neovim",
-        "type": "github"
-      }
-    },
     "neovim-nightly": {
       "inputs": {
-        "flake-compat": "flake-compat",
         "flake-parts": "flake-parts",
-        "hercules-ci-effects": "hercules-ci-effects",
-        "neovim-flake": "neovim-flake",
+        "neovim-src": "neovim-src",
         "nixpkgs": [
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1702598962,
-        "narHash": "sha256-uh0Tw7og6xswrrQ9PxEFOCLQXcwQHUynO4bL1fkUJO8=",
+        "lastModified": 1780013080,
+        "narHash": "sha256-m984DKbcIeNNuLYFjN3780rPEd55Xe9/cB4BNKkIDvg=",
         "owner": "nix-community",
         "repo": "neovim-nightly-overlay",
-        "rev": "21a2bc2a9f18c49d4c9ba811ab6c6746b8d62580",
+        "rev": "c6cc238427db8f61b786a66d7e02cf7724b30226",
         "type": "github"
       },
       "original": {
@@ -408,17 +589,34 @@
         "type": "github"
       }
     },
+    "neovim-src": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1779979065,
+        "narHash": "sha256-3uF/oP2D4Jka3DU2G8qqml75UOzPRrK+FIp+jghOq0s=",
+        "owner": "neovim",
+        "repo": "neovim",
+        "rev": "5d85669a33e10f1f156b086562458cbbc8054438",
+        "type": "github"
+      },
+      "original": {
+        "owner": "neovim",
+        "repo": "neovim",
+        "type": "github"
+      }
+    },
     "nix-gaming": {
       "inputs": {
-        "flake-parts": "flake-parts_3",
-        "nixpkgs": "nixpkgs"
+        "flake-parts": "flake-parts_2",
+        "git-hooks": "git-hooks",
+        "nixpkgs": "nixpkgs_10"
       },
       "locked": {
-        "lastModified": 1705434512,
-        "narHash": "sha256-bQJjtlHWU5aOnEtbZfMRuqXvHd5ufQEVATDY0gN4ZCA=",
+        "lastModified": 1779768228,
+        "narHash": "sha256-/dRavNAx/Mp67xcQQ3JBIMyf0cLoXqKedafB1+wksAE=",
         "owner": "fufexan",
         "repo": "nix-gaming",
-        "rev": "e2abe296c5fb4673207e0c2b45b12507629970e5",
+        "rev": "6e7a8414c0f547a86646eb0b56ebf89e7cc217a2",
         "type": "github"
       },
       "original": {
@@ -427,64 +625,80 @@
         "type": "github"
       }
     },
-    "nixlib": {
-      "locked": {
-        "lastModified": 1693701915,
-        "narHash": "sha256-waHPLdDYUOHSEtMKKabcKIMhlUOHPOOPQ9UyFeEoovs=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "f5af57d3ef9947a70ac86e42695231ac1ad00c25",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
-    "nixos-generators": {
+    "nix-index-database": {
       "inputs": {
-        "nixlib": "nixlib",
         "nixpkgs": [
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1701689616,
-        "narHash": "sha256-ewnfgvRy73HoP5KnYmy1Rcr4m4yShvsb6TCCaKoW8pc=",
+        "lastModified": 1779604987,
+        "narHash": "sha256-ZQ5z+fVhxYKtIFwtqGp5O0PD84BM1riASvqDaN5Xs+s=",
         "owner": "nix-community",
-        "repo": "nixos-generators",
-        "rev": "246219bc21b943c6f6812bb7744218ba0df08600",
+        "repo": "nix-index-database",
+        "rev": "8fba98c80b48fa013820e0163c5096922fea4ddd",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "repo": "nixos-generators",
-        "type": "github"
-      }
-    },
-    "nixos-hardware": {
-      "locked": {
-        "lastModified": 1702453208,
-        "narHash": "sha256-0wRi9SposfE2wHqjuKt8WO2izKB/ASDOV91URunIqgo=",
-        "owner": "NixOS",
-        "repo": "nixos-hardware",
-        "rev": "7763c6fd1f299cb9361ff2abf755ed9619ef01d6",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "repo": "nixos-hardware",
+        "repo": "nix-index-database",
         "type": "github"
       }
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1702029940,
-        "narHash": "sha256-qM3Du0perpLesh5hr87mVPZ79McMUKIWUH7EQMh2kWo=",
+        "lastModified": 1777268161,
+        "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-lib": {
+      "locked": {
+        "lastModified": 1777168982,
+        "narHash": "sha256-GOkGPcboWE9BmGCRMLX3worL4EMnsnG8MyKmXNeYuhQ=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "f5901329dade4a6ea039af1433fb087bd9c1fe14",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
+    "nixpkgs-stable": {
+      "locked": {
+        "lastModified": 1734600368,
+        "narHash": "sha256-nbG9TijTMcfr+au7ZVbKpAhMJzzE2nQBYmRvSdXUD8g=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "e9ef8a102c555da4f8f417fe5cf5bd539d8a38b7",
+        "rev": "b47fd6fa00c6afca88b8ee46cfdb00e104f50bca",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-24.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_10": {
+      "locked": {
+        "lastModified": 1779536132,
+        "narHash": "sha256-q+fF42iv/geEbHfgSzy3tS0FF/EyD6XTZ98E6yxiBO8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "3d8f0f3f72a6cd4d93d0ad13203f2ea1cb7e1456",
         "type": "github"
       },
       "original": {
@@ -494,63 +708,45 @@
         "type": "github"
       }
     },
-    "nixpkgs-lib": {
+    "nixpkgs_11": {
       "locked": {
-        "dir": "lib",
-        "lastModified": 1701253981,
-        "narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=",
+        "lastModified": 1779560665,
+        "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58",
+        "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
         "type": "github"
       },
       "original": {
-        "dir": "lib",
         "owner": "NixOS",
         "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
-    "nixpkgs-raccoon": {
+    "nixpkgs_12": {
       "locked": {
-        "lastModified": 1688392541,
-        "narHash": "sha256-lHrKvEkCPTUO+7tPfjIcb7Trk6k31rz18vkyqmkeJfY=",
+        "lastModified": 1770019141,
+        "narHash": "sha256-VKS4ZLNx4PNrABoB0L8KUpc1fE7CLpQXQs985tGfaCU=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "ea4c80b39be4c09702b0cb3b42eab59e2ba4f24b",
+        "rev": "cb369ef2efd432b3cdf8622b0ffc0a97a02f3137",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-22.11",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-stable": {
-      "locked": {
-        "lastModified": 1710283656,
-        "narHash": "sha256-nI+AOy4uK6jLGBi9nsbHjL1EdSIzoo8oa+9oeVhbyFc=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "51063ed4f2343a59fdeebb279bb81d87d453942b",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-23.11",
+        "ref": "nixos-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1705133751,
-        "narHash": "sha256-rCIsyE80jgiOU78gCWN3A0wE0tR2GI5nH6MlS+HaaSQ=",
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "9b19f5e77dd906cb52dade0b7bd280339d2a1f3d",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
         "type": "github"
       },
       "original": {
@@ -560,14 +756,149 @@
         "type": "github"
       }
     },
+    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_4": {
+      "locked": {
+        "lastModified": 1773122722,
+        "narHash": "sha256-FIqHByVqxCprNjor1NqF80F2QQoiiyqanNNefdlvOg4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "62dc67aa6a52b4364dd75994ec00b51fbf474e50",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_5": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_6": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_7": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_8": {
+      "locked": {
+        "lastModified": 1773282481,
+        "narHash": "sha256-b/GV2ysM8mKHhinse2wz+uP37epUrSE+sAKXy/xvBY4=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fe416aaedd397cacb33a610b33d60ff2b431b127",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_9": {
+      "locked": {
+        "lastModified": 1779560665,
+        "narHash": "sha256-tpyBcxPpcQb8ukyNF7DoCwfSY3VPsxHoYwj00Cayv5o=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "64c08a7ca051951c8eae34e3e3cb1e202fe36786",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nuscht-search": {
+      "inputs": {
+        "flake-utils": "flake-utils",
+        "ixx": "ixx",
+        "nixpkgs": [
+          "catppuccin",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1733773348,
+        "narHash": "sha256-Y47y+LesOCkJaLvj+dI/Oa6FAKj/T9sKVKDXLNsViPw=",
+        "owner": "NuschtOS",
+        "repo": "search",
+        "rev": "3051be7f403bff1d1d380e4612f0c70675b44fc9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NuschtOS",
+        "repo": "search",
+        "type": "github"
+      }
+    },
     "nvim-treesitter": {
       "flake": false,
       "locked": {
-        "lastModified": 1702633625,
-        "narHash": "sha256-0wnqdug2VUgx1V+cD/sByym2UT9W5c+Lizl+BjBapVc=",
+        "lastModified": 1775221900,
+        "narHash": "sha256-PQR6tFt4lCrAZNQG7BLMD1IiCKja9wDS1S4laGJf/HE=",
         "owner": "nvim-treesitter",
         "repo": "nvim-treesitter",
-        "rev": "194b3f0047816132b08bcc2857b23a49fa967d04",
+        "rev": "4916d6592ede8c07973490d9322f187e07dfefac",
         "type": "github"
       },
       "original": {
@@ -576,30 +907,57 @@
         "type": "github"
       }
     },
-    "packwiz": {
-      "flake": false,
+    "pastel": {
+      "inputs": {
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": "nixpkgs_12",
+        "pnpm2nix": "pnpm2nix"
+      },
       "locked": {
-        "lastModified": 1697971110,
-        "narHash": "sha256-eYXA2r6oxvB1774qnQIb12EhnvdOBg02bTxa5nbIb1w=",
-        "owner": "comp500",
-        "repo": "packwiz",
-        "rev": "7e3ca8d9d54ec56d0ceaaca293e502c39d824422",
+        "lastModified": 1775622883,
+        "narHash": "sha256-2+7uCRXn+tn4LVaO7hLKPaezdKPW6HGvTr00aO4Tcxs=",
+        "owner": "cillynder",
+        "repo": "pastel",
+        "rev": "46f6569d5ad41ec1256dbf999d21701f73d6077b",
         "type": "github"
       },
       "original": {
-        "owner": "comp500",
-        "repo": "packwiz",
+        "owner": "cillynder",
+        "repo": "pastel",
+        "type": "github"
+      }
+    },
+    "pnpm2nix": {
+      "inputs": {
+        "flake-utils": "flake-utils_3",
+        "nixpkgs": [
+          "pastel",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1717937937,
+        "narHash": "sha256-bKoHjG5P15vCVpDndIXFfoJC65XhrBPQ9GWcXtXNuDA=",
+        "owner": "wrvsrx",
+        "repo": "pnpm2nix-nzbr",
+        "rev": "a2d285ad5718cb202f45e98a4f839a5b2608c4b1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "wrvsrx",
+        "ref": "adapt-to-v9",
+        "repo": "pnpm2nix-nzbr",
         "type": "github"
       }
     },
     "pure": {
       "flake": false,
       "locked": {
-        "lastModified": 1687718525,
-        "narHash": "sha256-TR4CyBZ+KoZRs9XDmWE5lJuUXXU1J8E2Z63nt+FS+5w=",
+        "lastModified": 1779255807,
+        "narHash": "sha256-UQ0hP3qJd4Qxiw1LXPdb9d0Dc4OSD3HJpgYzaCfujno=",
         "owner": "sindresorhus",
         "repo": "pure",
-        "rev": "87e6f5dd4c793f6d980532205aaefe196780606f",
+        "rev": "cc0759a0de620f191510e2e2f9748194a605b54d",
         "type": "github"
       },
       "original": {
@@ -610,30 +968,30 @@
     },
     "root": {
       "inputs": {
+        "aagl": "aagl",
         "agenix": "agenix",
-        "discord-tokyonight": "discord-tokyonight",
-        "discover": "discover",
+        "c-amethyst": "c-amethyst",
+        "c-beryllium": "c-beryllium",
+        "c-citrine": "c-citrine",
+        "c-diamond": "c-diamond",
+        "c-emerald": "c-emerald",
+        "c-fluorite": "c-fluorite",
+        "c-garnet": "c-garnet",
+        "catppuccin": "catppuccin_2",
+        "catppuccin-palette": "catppuccin-palette",
         "fast-syntax-highlighting": "fast-syntax-highlighting",
-        "home-manager": "home-manager_2",
-        "home-manager-raccoon": "home-manager-raccoon",
-        "home-manager-stable": "home-manager-stable",
-        "hosts-blocklists": "hosts-blocklists",
+        "home-manager": "home-manager_3",
         "linux-tkg": "linux-tkg",
         "neovim-nightly": "neovim-nightly",
         "nix-gaming": "nix-gaming",
-        "nixos-generators": "nixos-generators",
-        "nixos-hardware": "nixos-hardware",
-        "nixpkgs": "nixpkgs_2",
-        "nixpkgs-raccoon": "nixpkgs-raccoon",
-        "nixpkgs-stable": "nixpkgs-stable",
+        "nix-index-database": "nix-index-database",
+        "nixpkgs": "nixpkgs_11",
         "nvim-treesitter": "nvim-treesitter",
-        "packwiz": "packwiz",
+        "pastel": "pastel",
         "pure": "pure",
-        "rust-overlay": "rust-overlay",
         "spicetify-nix": "spicetify-nix",
-        "spicetify-themes": "spicetify-themes",
         "spotify-adblock": "spotify-adblock",
-        "tree-sitter-glimmer": "tree-sitter-glimmer",
+        "stevenblack-hosts": "stevenblack-hosts",
         "tree-sitter-jsonc": "tree-sitter-jsonc",
         "website": "website",
         "wine-discord-ipc-bridge": "wine-discord-ipc-bridge",
@@ -643,17 +1001,17 @@
     },
     "rust-overlay": {
       "inputs": {
-        "flake-utils": "flake-utils_2",
         "nixpkgs": [
+          "aagl",
           "nixpkgs"
         ]
       },
       "locked": {
-        "lastModified": 1702606645,
-        "narHash": "sha256-o3kM+nzw0qaphSJfdmV+JcDBVMZEll5EVDCLHY+L83A=",
+        "lastModified": 1777605393,
+        "narHash": "sha256-Hjp0VOOHgHcTrX23iVvnfAudPcuCmfkfpQNFwv2v/ks=",
         "owner": "oxalica",
         "repo": "rust-overlay",
-        "rev": "d7aaf97c7c5ea7b4198ef85d3d66b3dfe5c6ce57",
+        "rev": "ff88db34cfa486fc4964a6991cab1678d82eee8c",
         "type": "github"
       },
       "original": {
@@ -664,49 +1022,33 @@
     },
     "spicetify-nix": {
       "inputs": {
-        "flake-utils": "flake-utils_3",
         "nixpkgs": [
           "nixpkgs"
-        ]
+        ],
+        "systems": "systems_5"
       },
       "locked": {
-        "lastModified": 1699986787,
-        "narHash": "sha256-eYlLWibKtHN/uWJQLzOMRXpoTbO6VcFTfVY4dpgdJcQ=",
-        "owner": "the-argus",
+        "lastModified": 1779824049,
+        "narHash": "sha256-dWHVUjP03KSVG1PaLKA6j9EdxWSxSQvipMUIcSyuA/U=",
+        "owner": "Gerg-L",
         "repo": "spicetify-nix",
-        "rev": "3c702af1f717b7876fac08809201b1368d0d956c",
+        "rev": "1362178e5f5f7a848c49fe9dee004ef8824f100a",
         "type": "github"
       },
       "original": {
-        "owner": "the-argus",
+        "owner": "Gerg-L",
         "repo": "spicetify-nix",
         "type": "github"
       }
     },
-    "spicetify-themes": {
-      "flake": false,
-      "locked": {
-        "lastModified": 1701328736,
-        "narHash": "sha256-iMRutzOrZHaKfHOr2qOM/TkTYHysFBlmunVhU65kf2k=",
-        "owner": "spicetify",
-        "repo": "spicetify-themes",
-        "rev": "8b6a8010359914b3c8fdaf810705c754ce69c2a4",
-        "type": "github"
-      },
-      "original": {
-        "owner": "spicetify",
-        "repo": "spicetify-themes",
-        "type": "github"
-      }
-    },
     "spotify-adblock": {
       "flake": false,
       "locked": {
-        "lastModified": 1689983571,
-        "narHash": "sha256-UzpHAHpQx2MlmBNKm2turjeVmgp5zXKWm3nZbEo0mYE=",
+        "lastModified": 1773417310,
+        "narHash": "sha256-nwiX2wCZBKRTNPhmrurWQWISQdxgomdNwcIKG2kSQsE=",
         "owner": "abba23",
         "repo": "spotify-adblock",
-        "rev": "5a3281dee9f889afdeea7263558e7a715dcf5aab",
+        "rev": "813d3451c53126bf1941baaf8dd37f1152c3f412",
         "type": "github"
       },
       "original": {
@@ -715,6 +1057,22 @@
         "type": "github"
       }
     },
+    "stevenblack-hosts": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1779976382,
+        "narHash": "sha256-wt5NGa4K8/vda669UYUmTUt+BR9X5fPnuTZFfQdpLYo=",
+        "owner": "StevenBlack",
+        "repo": "hosts",
+        "rev": "d3e838712512490260f051150e3573eeebecfadb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "StevenBlack",
+        "repo": "hosts",
+        "type": "github"
+      }
+    },
     "systems": {
       "locked": {
         "lastModified": 1681028828,
@@ -760,30 +1118,44 @@
         "type": "github"
       }
     },
-    "tree-sitter-glimmer": {
-      "flake": false,
+    "systems_4": {
       "locked": {
-        "lastModified": 1696541973,
-        "narHash": "sha256-57Sp4LrvyNNuOc+8ZiHl6cwvGg1tmXZemRsWeW+Kzys=",
-        "owner": "alexlafroscia",
-        "repo": "tree-sitter-glimmer",
-        "rev": "f9746dc1d0707717fbba84cb5c22a71586af23e1",
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
         "type": "github"
       },
       "original": {
-        "owner": "alexlafroscia",
-        "repo": "tree-sitter-glimmer",
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
+    "systems_5": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
         "type": "github"
       }
     },
     "tree-sitter-jsonc": {
       "flake": false,
       "locked": {
-        "lastModified": 1615145540,
-        "narHash": "sha256-iWc2ePRiQnZ0FEdMAaAwa3iYt/SY0bEjQrZyqE9EhlU=",
+        "lastModified": 1769637052,
+        "narHash": "sha256-V38tvBHJsSHJbj8QrMbt5hz2q8WLf4jtKsTiAo98/Vo=",
         "owner": "WhyNotHugo",
         "repo": "tree-sitter-jsonc",
-        "rev": "02b01653c8a1c198ae7287d566efa86a135b30d5",
+        "rev": "f7890ba894d885d1b2b721cfae759b07d53c8886",
         "type": "gitlab"
       },
       "original": {
@@ -792,33 +1164,18 @@
         "type": "gitlab"
       }
     },
-    "utils": {
-      "locked": {
-        "lastModified": 1667395993,
-        "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "numtide",
-        "repo": "flake-utils",
-        "type": "github"
-      }
-    },
     "website": {
       "flake": false,
       "locked": {
         "lastModified": 1668017714,
         "narHash": "sha256-ywy/7xeT6FHkF7lcs+stW1WPV+piE8ztSwcQ161iico=",
-        "owner": "LavaDesu",
+        "owner": "cillynder",
         "repo": "lavadesu.github.io",
         "rev": "4e30c50be520a0a1bbecf408f056e6aaf135df67",
         "type": "github"
       },
       "original": {
-        "owner": "LavaDesu",
+        "owner": "cillynder",
         "ref": "master",
         "repo": "lavadesu.github.io",
         "type": "github"
@@ -827,11 +1184,11 @@
     "wine-discord-ipc-bridge": {
       "flake": false,
       "locked": {
-        "lastModified": 1691582340,
-        "narHash": "sha256-tAknITFlG63+gI5cN9SfUIUZkbIq/MgOPoGIcvoNo4Q=",
+        "lastModified": 1730092778,
+        "narHash": "sha256-jzsbOKMakNQ6RNMlioX088fGzFBDxOP45Atlsfm2RKg=",
         "owner": "0e4ef622",
         "repo": "wine-discord-ipc-bridge",
-        "rev": "f8198c9d52e708143301017a296f7557c4387127",
+        "rev": "86fcbddaf654aec40c6fe6a8293f627340331b0c",
         "type": "github"
       },
       "original": {
@@ -843,27 +1200,29 @@
     "zsh-abbr": {
       "flake": false,
       "locked": {
-        "lastModified": 1697757732,
-        "narHash": "sha256-MvxJkEbJKMmYRku/RF6ayOb7u7NI4HZehO8ty64jEnE=",
-        "owner": "olets",
-        "repo": "zsh-abbr",
-        "rev": "6802d7353b2422d7a82134ce655aff97367eefa0",
-        "type": "github"
+        "lastModified": 1773890443,
+        "narHash": "sha256-SVuwDeHIBg8yArKGzDEfsG3fz0UwABQoJkyKTQAPUiw=",
+        "ref": "refs/heads/main",
+        "rev": "889f4772c12b9dbe4965bbd56f2572af0a28fa3b",
+        "revCount": 1139,
+        "submodules": true,
+        "type": "git",
+        "url": "https://github.com/olets/zsh-abbr"
       },
       "original": {
-        "owner": "olets",
-        "repo": "zsh-abbr",
-        "type": "github"
+        "submodules": true,
+        "type": "git",
+        "url": "https://github.com/olets/zsh-abbr"
       }
     },
     "zsh-history-substring-search": {
       "flake": false,
       "locked": {
-        "lastModified": 1700734334,
-        "narHash": "sha256-houujb1CrRTjhCc+dp3PRHALvres1YylgxXwjjK6VZA=",
+        "lastModified": 1768499095,
+        "narHash": "sha256-KHujL1/TM5R3m4uQh2nGVC98D6MOyCgQpyFf+8gjKR0=",
         "owner": "zsh-users",
         "repo": "zsh-history-substring-search",
-        "rev": "8dd05bfcc12b0cd1ee9ea64be725b3d9f713cf64",
+        "rev": "14c8d2e0ffaee98f2df9850b19944f32546fdea5",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index c6619c5..5cf3457 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,114 +1,101 @@
 {
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
-    nixpkgs-raccoon.url = "github:NixOS/nixpkgs/nixos-22.11";
-    nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-23.11";
     home-manager.url = "github:nix-community/home-manager";
-    home-manager-raccoon.url = "github:nix-community/home-manager/release-22.11";
-    home-manager-stable.url = "github:nix-community/home-manager/release-23.11";
-    neovim-nightly.url = "github:nix-community/neovim-nightly-overlay";
-    nixos-hardware.url = "github:NixOS/nixos-hardware";
-    agenix.url = "github:ryantm/agenix";
-    nixos-generators.url = "github:nix-community/nixos-generators";
-    spicetify-nix.url = "github:the-argus/spicetify-nix";
-
-    agenix.inputs.nixpkgs.follows = "nixpkgs";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
-    home-manager-raccoon.inputs.nixpkgs.follows = "nixpkgs-raccoon";
-    home-manager-stable.inputs.nixpkgs.follows = "nixpkgs-stable";
+
+    agenix.url = "github:ryantm/agenix";
+    agenix.inputs.nixpkgs.follows = "nixpkgs";
+    aagl.url = "github:ezKEa/aagl-gtk-on-nix";
+    catppuccin.url = "github:catppuccin/nix/8eada392fd6571a747e1c5fc358dd61c14c8704e";
+    catppuccin.inputs.nixpkgs.follows = "nixpkgs";
+    catppuccin-palette = { url = "github:catppuccin/palette"; flake = false; };
+    neovim-nightly.url = "github:nix-community/neovim-nightly-overlay";
     neovim-nightly.inputs.nixpkgs.follows = "nixpkgs";
-    nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
-    spicetify-nix.inputs.nixpkgs.follows = "nixpkgs";
 
     nix-gaming.url = "github:fufexan/nix-gaming";
+    nix-index-database.url = "github:nix-community/nix-index-database";
+    nix-index-database.inputs.nixpkgs.follows = "nixpkgs";
+    spicetify-nix.url = "github:Gerg-L/spicetify-nix";
+    spicetify-nix.inputs.nixpkgs.follows = "nixpkgs";
 
     # services
-    hosts-blocklists = { url = "github:notracking/hosts-blocklists"; flake = false; };
-    website = { url = "github:LavaDesu/lavadesu.github.io/master"; flake = false; };
-    spicetify-themes = { url = "github:spicetify/spicetify-themes"; flake = false; };
+    pastel.url = "github:cillynder/pastel";
+    stevenblack-hosts = { url = "github:StevenBlack/hosts"; flake = false; };
+    website = { url = "github:cillynder/lavadesu.github.io/master"; flake = false; };
 
     # zsh plugins
-    zsh-abbr = { url = "github:olets/zsh-abbr"; flake = false; };
+    zsh-abbr = { url = "git+https://github.com/olets/zsh-abbr?submodules=1"; flake = false; };
     zsh-history-substring-search = { url = "github:zsh-users/zsh-history-substring-search"; flake = false; };
     fast-syntax-highlighting = { url = "github:zdharma-continuum/fast-syntax-highlighting"; flake = false; };
     pure = { url = "github:sindresorhus/pure"; flake = false; };
 
     # overlays
-    discord-tokyonight = { url = "github:DanisDGK/zelk-customizations"; flake = false; };
-    discover = { url = "github:trigg/Discover"; flake = false; };
     linux-tkg = { url = "github:Frogging-Family/linux-tkg"; flake = false; };
     nvim-treesitter = { url = "github:nvim-treesitter/nvim-treesitter"; flake = false; };
-    packwiz = { url = "github:comp500/packwiz"; flake = false; };
     spotify-adblock = { url = "github:abba23/spotify-adblock"; flake = false; };
-    tree-sitter-glimmer = { url = "github:alexlafroscia/tree-sitter-glimmer"; flake = false; };
     tree-sitter-jsonc = { url = "gitlab:WhyNotHugo/tree-sitter-jsonc"; flake = false; };
     wine-discord-ipc-bridge = { url = "github:0e4ef622/wine-discord-ipc-bridge"; flake = false; };
 
-    # shells
-    rust-overlay.url = "github:oxalica/rust-overlay";
-    rust-overlay.inputs.nixpkgs.follows = "nixpkgs";
+    # containers
+    c-amethyst.url = "path:./containers/amethyst";
+    c-beryllium.url = "path:./containers/beryllium";
+    c-citrine.url = "path:./containers/citrine";
+    c-diamond.url = "path:./containers/diamond";
+    c-emerald.url = "path:./containers/emerald";
+    c-fluorite.url = "path:./containers/fluorite";
+    c-garnet.url = "path:./containers/garnet";
   };
 
-  outputs = { self, agenix, nixos-generators, nixpkgs, nixpkgs-raccoon, nixpkgs-stable, ... } @ inputs:
+  outputs = { self, agenix, catppuccin, nixpkgs, ... } @ inputs:
     let
       overlays = (import ./overlays)
         ++ [(final: prev: {
           me = prev.callPackage ./packages { inherit inputs; } // { inherit inputs; };
         })];
 
+        patchOverlaysWithLinuxLava = nixpkgs: arch: ([(self: super: {
+          linuxLavaNixpkgs = import nixpkgs {
+            overlays = [ (import ./overlays/linux-lava.nix) ] ++ overlays;
+            system = arch;
+          };
+        })] ++ overlays);
+
       mkSystem =
         if !(self ? rev) then throw "Dirty git tree detected." else
-        nixpkgs: name: arch: enableGUI: extraModules: nixpkgs.lib.nixosSystem {
+        nixpkgs: name: arch: extraModules: nixpkgs.lib.nixosSystem {
           system = arch;
           modules = [
-            { nixpkgs.overlays = overlays; }
+            ({
+              nixpkgs.overlays = patchOverlaysWithLinuxLava nixpkgs arch;
+            })
             agenix.nixosModules.age
+            catppuccin.nixosModules.catppuccin
             (./hosts + "/${name}")
           ] ++ extraModules;
           specialArgs = {
-            inherit inputs enableGUI;
+            inherit inputs;
             modules = import ./modules { lib = nixpkgs.lib; };
+            gcSecrets = builtins.fromJSON (builtins.readFile "${self}/secrets.gcrypt/shared.json");
           };
         };
     in
     {
-      nixosConfigurations."anemone" = mkSystem nixpkgs "anemone" "x86_64-linux" true [];
-      nixosConfigurations."blossom" = mkSystem nixpkgs "blossom" "x86_64-linux" true [];
-      nixosConfigurations."hyacinth" = mkSystem nixpkgs "hyacinth" "x86_64-linux" true [];
-
-      nixosConfigurations."caramel" = mkSystem nixpkgs-raccoon "caramel" "aarch64-linux" false [{
-        nixpkgs.overlays = [
-          (self: super: {
-            makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
-          })
-        ];
-      }];
-      nixosConfigurations."sugarcane" = mkSystem nixpkgs-raccoon "sugarcane" "x86_64-linux" false [];
-      nixosConfigurations."dandelion" = mkSystem nixpkgs-stable "dandelion" "aarch64-linux" false [];
+      nixosConfigurations."alyssum" = mkSystem nixpkgs "alyssum" "x86_64-linux" [];
+      nixosConfigurations."anemone" = mkSystem nixpkgs "anemone" "x86_64-linux" [];
+      nixosConfigurations."dandelion" = mkSystem nixpkgs "dandelion" "aarch64-linux" [];
+      nixosConfigurations."hyacinth" = mkSystem nixpkgs "hyacinth" "x86_64-linux" [];
 
       packages."x86_64-linux" =
         let
-          pkgs = import nixpkgs {
-            inherit overlays;
+          pkgs = import nixpkgs rec {
+            overlays = patchOverlaysWithLinuxLava nixpkgs system;
             system = "x86_64-linux";
           };
         in
         {
-          inherit (pkgs.me) linux-lava;
+          inherit (pkgs.me) linux-lava spotify-adblock;
+          linux-lava-ccache = pkgs.me.linux-lava.override { useCcache = true; };
         };
-
-      packages."aarch64-linux" =
-        let
-          pkgs = import nixpkgs-raccoon {
-            inherit overlays;
-            system = "aarch64-linux";
-          };
-        in
-        {
-          caramel-img = self.nixosConfigurations."caramel".config.system.build.sdImage;
-        };
-
-      # TODO: currently broken
-      # devShells.x86_64-linux = pkgs.callPackage ./shells { inherit inputs; };
     };
 }
diff --git a/hosts/alyssum/default.nix b/hosts/alyssum/default.nix
new file mode 100644
index 0000000..06c415f
--- /dev/null
+++ b/hosts/alyssum/default.nix
@@ -0,0 +1,45 @@
+{ inputs, lib, modules, modulesPath, ... }: {
+  networking.hostName = "alyssum";
+  system.stateVersion = "25.11";
+  time.timeZone = "Australia/Melbourne";
+
+  age.secrets = {
+    acme_dns.file = ../../secrets/acme_dns.age;
+    passwd.file = ../../secrets/passwd.age;
+    navidrome_env.file = ../../secrets/navidrome_env.age;
+    wpa_conf = {
+      file = ../../secrets/wpa_conf.age;
+      path = "/etc/wpa_supplicant/imperative.conf";
+      symlink = false;
+    };
+  };
+
+  imports = with modules.system; [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    home-manager
+
+    base
+    kernel
+    nix-stable
+    packages
+    security
+    tailscale
+
+    modules.services.nginx
+    modules.services.syncthing
+
+    inputs.c-emerald.nixosModule
+    inputs.c-garnet.nixosModule
+
+    ./filesystem.nix
+    ./kernel.nix
+    ./networking.nix
+    ./home.syncthing.nix
+    ./samba.nix
+
+    ../../users/hana
+  ];
+
+  me.environment = "headless";
+  services.syncthing.user = lib.mkForce "hana";
+}
diff --git a/hosts/alyssum/filesystem.nix b/hosts/alyssum/filesystem.nix
new file mode 100644
index 0000000..bdea423
--- /dev/null
+++ b/hosts/alyssum/filesystem.nix
@@ -0,0 +1,35 @@
+{ ... }:
+let
+  bind = src: {
+    depends = [ "/nix" ];
+    device = src;
+    fsType = "none";
+    neededForBoot = true;
+    options = [ "bind" ];
+  };
+
+  mkLabelMount = label: type: {
+    device = "/dev/disk/by-label/${label}";
+    fsType = type;
+    options = [ "defaults" "relatime" ];
+  };
+  mkBtrfsMount = name: subvol: atime: mkLabelMount name "btrfs" // {
+    options = [ "autodefrag" "compress=zstd:3" "defaults" "discard=async" "space_cache=v2" "ssd" "subvol=${subvol}" (if atime then "relatime" else "noatime") ];
+  };
+  submount = mkBtrfsMount "alyssum";
+in {
+  fileSystems = {
+    "/" = {
+      device = "rootfs";
+      fsType = "tmpfs";
+      options = [ "defaults" "size=8G" "mode=755" ];
+    };
+    "/boot" = mkLabelMount "stem" "vfat";
+
+    "/flower" = mkBtrfsMount "myosotis" "/@" true;
+    "/nix" = submount "/@/nix" false;
+    "/persist" = (submount "/@/persist" true) // { neededForBoot = true; };
+    "/persist/.snapshots" = submount "/snap/persist" false;
+    "/var/log/journal" = bind "/persist/journal";
+  };
+}
diff --git a/hosts/alyssum/home.syncthing.nix b/hosts/alyssum/home.syncthing.nix
new file mode 100644
index 0000000..8d5a1cc
--- /dev/null
+++ b/hosts/alyssum/home.syncthing.nix
@@ -0,0 +1,39 @@
+{ config, lib, ... }:
+let
+  configOn = user: port: {
+    me.binds."/home/${user}/.config/syncthing" = "${user}/syncthing/config";
+    me.binds."/home/${user}/.local/state/syncthing" = "${user}/syncthing/state";
+
+    systemd.tmpfiles.rules = [ "d /flower/syncthing/${user} 700 ${user} users" ];
+
+    users.users.${user} = {
+      hashedPasswordFile = config.age.secrets.passwd.path;
+      isNormalUser = true;
+      linger = true;
+    };
+    home-manager.users.${user} = { ... }: {
+      home = {
+        username = "${user}";
+        homeDirectory = "/home/${user}";
+        stateVersion = "26.05";
+      };
+      services.syncthing = {
+        enable = true;
+        guiAddress = "[::]:${toString port}";
+        overrideDevices = false;
+        overrideFolders = false;
+        settings = {
+          options.listenAddresses = [
+            "tcp://0.0.0.0:2${toString port}"
+            "quic://0.0.0.0:2${toString port}"
+            "dynamic+https://relays.syncthing.net/endpoint"
+          ];
+          defaults.folder.path = "/flower/syncthing/${user}";
+        };
+      };
+    };
+  };
+in lib.mkMerge [
+  (configOn "kujira" 8385)
+  (configOn "cilly" 8386)
+]
diff --git a/hosts/alyssum/kernel.nix b/hosts/alyssum/kernel.nix
new file mode 100644
index 0000000..5e9b300
--- /dev/null
+++ b/hosts/alyssum/kernel.nix
@@ -0,0 +1,12 @@
+{ config, lib, ... }: {
+  boot = {
+    loader = {
+      efi.canTouchEfiVariables = true;
+      systemd-boot.enable = true;
+    };
+    initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
+    initrd.kernelModules = [ ];
+    kernelModules = [ "kvm-amd" ];
+  };
+  hardware.cpu.amd.updateMicrocode = true;
+}
diff --git a/hosts/alyssum/networking.nix b/hosts/alyssum/networking.nix
new file mode 100644
index 0000000..281cbb6
--- /dev/null
+++ b/hosts/alyssum/networking.nix
@@ -0,0 +1,15 @@
+{ config, ... }: {
+  networking = {
+    useDHCP = true;
+    wireless.enable = true;
+
+    interfaces.wlp1s0.useDHCP = false;
+    interfaces.wlp1s0.ipv4.addresses = [{
+      address = "192.168.1.167";
+      prefixLength = 24;
+    }];
+
+    defaultGateway = "192.168.1.1";
+    nameservers = [ "8.8.8.8" "8.8.4.4" ];
+  };
+}
diff --git a/hosts/caramel/packages.nix b/hosts/alyssum/packages.nix
similarity index 88%
rename from hosts/caramel/packages.nix
rename to hosts/alyssum/packages.nix
index e3e3f15..2d4bd30 100644
--- a/hosts/caramel/packages.nix
+++ b/hosts/alyssum/packages.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }: {
+{ pkgs, ... }: {
   environment.systemPackages = with pkgs; [
     git
     htop
diff --git a/hosts/alyssum/samba.nix b/hosts/alyssum/samba.nix
new file mode 100644
index 0000000..d876981
--- /dev/null
+++ b/hosts/alyssum/samba.nix
@@ -0,0 +1,84 @@
+{ config, lib, pkgs, ... }:
+let
+  configOn = user: let
+    passwd_fname = "passwd_smb${user}";
+  in {
+    age.secrets.${passwd_fname}.file = ../../secrets/${passwd_fname}.age;
+    me.binds."/flower/smb/${user}/music" = "/flower/media/music/${user}";
+    me.binds."/flower/smb/${user}/syncthing" = "/flower/syncthing/${user}";
+
+    users.users.${user} = {
+      hashedPasswordFile = config.age.secrets.passwd.path;
+      isNormalUser = true;
+    };
+
+    system.activationScripts = {
+      init_smbpasswd.text = let
+        smbpasswd = "${config.services.samba.package}/bin/smbpasswd";
+      in ''
+        printf "$(cat ${config.age.secrets.${passwd_fname}.path})\n$(cat ${config.age.secrets.${passwd_fname}.path})\n" | ${smbpasswd} -sa ${user}
+      '';
+    };
+    services.samba.settings."${user}" = {
+      "path" = "/flower/smb/${user}";
+      "browseable" = "yes";
+      "read only" = "no";
+      "guest ok" = "no";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      "force user" = user;
+      "force group" = "users";
+      "valid users" = user;
+    };
+  };
+in lib.mkMerge [
+  (configOn "cilly")
+  (configOn "kujira")
+  {
+    me.binds."/flower/smb/kujira/opencloud" = "/flower/opencloud/data/storage/users/users/a8e29fc0-673c-4c67-be00-2442904acb43";
+
+    networking.firewall.allowPing = true;
+
+    services.samba = {
+      enable = true;
+      package = pkgs.samba4Full;
+      openFirewall = true;
+      settings = {
+        global = {
+          "server smb encrypt" = "required";
+          "workgroup" = "WORKGROUP";
+          "server string" = "smbnix";
+          "netbios name" = "smbnix";
+          "security" = "user";
+          "hosts allow" = "100.64.0.0/10 127.0.0.1 alyssum localhost";
+          "hosts deny" = "0.0.0.0/0";
+          "guest account" = "nobody";
+          "map to guest" = "bad user";
+        };
+        "public" = {
+          "path" = "/flower/smb/public";
+          "browseable" = "yes";
+          "read only" = "no";
+          "guest ok" = "yes";
+          "create mask" = "0644";
+          "directory mask" = "0755";
+          "force user" = "hana";
+          "force group" = "users";
+        };
+      };
+    };
+
+    services.samba-wsdd = {
+      enable = true;
+      openFirewall = true;
+    };
+
+    services.avahi = {
+      enable = true;
+      openFirewall = true;
+      nssmdns4 = true;
+      publish.enable = true;
+      publish.userServices = true;
+    };
+  }
+]
diff --git a/hosts/anemone/default.nix b/hosts/anemone/default.nix
index 8a8f995..841e909 100644
--- a/hosts/anemone/default.nix
+++ b/hosts/anemone/default.nix
@@ -3,13 +3,13 @@
   system.stateVersion = "23.11";
   time.timeZone = "Australia/Melbourne";
 
-  nixpkgs.overlays = [ inputs.neovim-nightly.overlay ];
+  nixpkgs.overlays = [ inputs.neovim-nightly.overlays.default ];
   age.secrets = {
+    wg_anemone.file = ../../secrets/wg_anemone.age;
     passwd.file = ../../secrets/passwd.age;
   };
 
   imports = with modules.system; [
-    inputs.home-manager.nixosModule
     home-manager
 
     audio
@@ -17,6 +17,7 @@
     bluetooth
     ccache
     corectrl
+    docker
     flatpak
     greetd
     gui
@@ -27,18 +28,33 @@
     printing
     security
     snapper
+    tailscale
+    wireguard
 
     ./filesystem.nix
     ./kernel.nix
     ./networking.nix
 
     ../../users/rin
+
+    modules.services.syncthing
   ];
 
-  programs.hyprland.enable = true;
+  me = {
+    environment = "laptop";
+    batteryDevice = "BATT";
+    kbBacklightDevice = "asus::kbd_backlight";
+    hasFingerprint = true;
+    hidpi = true;
+  };
 
-  # For steam fhs-env
-  nixpkgs.config.permittedInsecurePackages = [
-    "openssl-1.1.1w"
-  ];
+  programs.wireshark = {
+    enable = true;
+    package = pkgs.wireshark;
+  };
+
+  services.fprintd.enable = true;
+  services.tlp.enable = true;
+
+  programs.kdeconnect.enable = true;
 }
diff --git a/hosts/anemone/kernel.nix b/hosts/anemone/kernel.nix
index a8d8cad..d959b37 100644
--- a/hosts/anemone/kernel.nix
+++ b/hosts/anemone/kernel.nix
@@ -7,6 +7,7 @@
     };
     initrd = {
       availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+      systemd.enable = true;
       verbose = false;
     };
     kernelModules = [ "kvm-amd" ];
@@ -22,6 +23,25 @@
     ];
   };
 
+  # swapDevices = [{
+  #   device = "/persist/swapfile";
+  #   size = 16 * 1024;
+  # }];
+  #
+  # systemd.sleep.extraConfig = ''
+  #   HibernateMode=shutdown
+  # '';
+  /*
+  services.logind.lidSwitch = "suspend-then-hibernate";
+  systemd.sleep.extraConfig = ''
+    HibernateDelaySec=14400
+    SuspendEstimationSec=3600
+    HibernateOnACPower=true
+  '';
+  */
+
+  powerManagement.cpufreq.min = 400000;
+
   hardware.cpu.amd.updateMicrocode = true;
 
   hardware.firmware = let
@@ -30,17 +50,12 @@
     pkgs.runCommandNoCC "cs35l41-10431683" { } ''
       mkdir -p $out/lib/firmware/cirrus
       cd $out/lib/firmware/cirrus
-      cp ${fw}/cs35l41-dsp1-spk-cali-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-cali-10431683-spkid0-l0.bin
-      cp ${fw}/cs35l41-dsp1-spk-cali-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-cali-10431683-spkid0-r0.bin
-      cp ${fw}/cs35l41-dsp1-spk-cali-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-cali-10431683-spkid1-l0.bin
-      cp ${fw}/cs35l41-dsp1-spk-cali-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-cali-10431683-spkid1-r0.bin
 
       cp ${fw}/cs35l41-dsp1-spk-prot-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-prot-10431683-spkid0-l0.bin
       cp ${fw}/cs35l41-dsp1-spk-prot-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-prot-10431683-spkid0-r0.bin
       cp ${fw}/cs35l41-dsp1-spk-prot-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-prot-10431683-spkid1-l0.bin
       cp ${fw}/cs35l41-dsp1-spk-prot-10431e12-spkid0-l0.bin cs35l41-dsp1-spk-prot-10431683-spkid1-r0.bin
 
-      cp ${fw}/cs35l41-dsp1-spk-cali-10431e12.wmfw cs35l41-dsp1-spk-cali-10431683.wmfw
       cp ${fw}/cs35l41-dsp1-spk-prot-10431e12.wmfw cs35l41-dsp1-spk-prot-10431683.wmfw
     ''
   )];
diff --git a/hosts/anemone/networking.nix b/hosts/anemone/networking.nix
index 797e2d9..f5a4dc5 100644
--- a/hosts/anemone/networking.nix
+++ b/hosts/anemone/networking.nix
@@ -1,15 +1,4 @@
 { config, ... }: {
-  networking = {
-    nameservers = [ "8.8.8.8" "8.8.4.4" ];
-    wireless.enable = true;
-
-    networkmanager = {
-      enable = true;
-      dns = "none";
-    };
-
-    extraHosts = ''
-      192.168.100.16 hyacinth
-    '';
-  };
+  networking.wireless.iwd.enable = true;
+  environment.etc."NetworkManager/system-connections".source = "/persist/nm_system-connections";
 }
diff --git a/hosts/blossom/default.nix b/hosts/blossom/default.nix
deleted file mode 100644
index 4c13361..0000000
--- a/hosts/blossom/default.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ config, inputs, modules, overlays, pkgs, ... }: {
-  networking.hostName = "blossom";
-  system.stateVersion = "21.11";
-  time.timeZone = "Asia/Phnom_Penh";
-
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
-  nixpkgs.overlays = [ inputs.neovim-nightly.overlay ];
-  age.secrets = {
-    passwd.file = ../../secrets/passwd.age;
-    wg_blossom.file = ../../secrets/wg_blossom.age;
-    wpa_conf.file = ../../secrets/wpa_conf.age;
-  };
-  imports = with modules.system; [
-    inputs.home-manager.nixosModule
-    home-manager
-
-    audio
-    base
-    greetd
-    gui
-    input
-    kernel
-    nix
-    packages
-    security
-    snapper
-    wireguard
-
-    ./filesystem.nix
-    ./kernel.nix
-    ./networking.nix
-
-    ../../users/rin
-  ];
-}
-
diff --git a/hosts/blossom/filesystem.nix b/hosts/blossom/filesystem.nix
deleted file mode 100644
index 9f6bf1c..0000000
--- a/hosts/blossom/filesystem.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, ... }:
-let
-  mkMount = uuid: type: {
-    device = "/dev/disk/by-uuid/${uuid}";
-    fsType = type;
-    options = [ "defaults" "relatime" ];
-  };
-  mkBtrfsMount = subvolid: atime: mkMount "cf0f4302-f006-46a5-afc7-ada04d17f6f2" "btrfs" // {
-    options = [ "autodefrag" "compress=zstd:3" "defaults" "discard=async" "space_cache=v2" "ssd" "subvolid=${builtins.toString subvolid}" (if atime then "relatime" else "noatime") ];
-  };
-in
-{
-  fileSystems = {
-    "/" = {
-      device = "rootfs";
-      fsType = "tmpfs";
-      options = [ "defaults" "size=4G" "mode=755" ];
-    };
-    "/boot" = mkMount "186A-A42E" "vfat";
-
-    "/mnt/butter" = mkBtrfsMount 5 true;
-    "/nix" = mkBtrfsMount 257 false;
-    "/home" = mkBtrfsMount 259 true;
-    "/home/.snapshots" = mkBtrfsMount 262 false;
-    "/root" = mkBtrfsMount 260 false;
-    "/var" = mkBtrfsMount 258 false;
-    "/persist" = {
-      depends = [ "/var" ];
-      device = "/var/persist";
-      fsType = "none";
-      options = [ "bind" ];
-      neededForBoot = true;
-    };
-
-    # "/mnt/nfs" = {
-    #   device = "192.168.100.11:/srv/nfs";
-    #   fsType = "nfs";
-    #   options = [ "defaults" ];
-    # };
-  };
-}
diff --git a/hosts/blossom/kernel.nix b/hosts/blossom/kernel.nix
deleted file mode 100644
index 935d709..0000000
--- a/hosts/blossom/kernel.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{ config, lib, pkgs, ... }: {
-  boot = {
-    loader = {
-      efi.canTouchEfiVariables = true;
-      grub = {
-        enable = true;
-        efiSupport = true;
-        device = "nodev";
-        useOSProber = lib.mkForce false;
-      };
-    };
-    initrd.kernelModules = [ "i915" ];
-    kernelParams = [
-      "amdgpu.gpu_recovery=1"
-      "amdgpu.si_support=1"
-      "radeon.si_support=0"
-      "intel_pstate=passive"
-      "msr.allow_writes=on"
-    ];
-    kernelPackages = lib.mkForce (pkgs.linuxPackagesFor pkgs.me.linux-lava);
-
-    extraModulePackages = [ config.boot.kernelPackages.v4l2loopback.out ];
-    kernelModules = [ "v4l2loopback" ];
-  };
-}
diff --git a/hosts/blossom/networking.nix b/hosts/blossom/networking.nix
deleted file mode 100644
index 2e0f6a6..0000000
--- a/hosts/blossom/networking.nix
+++ /dev/null
@@ -1,31 +0,0 @@
-{ config, ... }: {
-  environment.etc."wpa_supplicant.conf".source = config.age.secrets.wpa_conf.path;
-  networking = {
-    wireless = {
-      enable = true;
-      interfaces = [ "wlp3s0" ];
-    };
-
-    useDHCP = false;
-    interfaces.eno1.useDHCP = false;
-    interfaces.wlp3s0.useDHCP = false;
-
-    interfaces.eno1.ipv4.addresses = [{
-      address = "10.0.0.2";
-      prefixLength = 24;
-    }];
-    interfaces.wlp3s0.ipv4.addresses = [{
-      address = "192.168.100.13";
-      prefixLength = 24;
-    }];
-    defaultGateway = "192.168.100.1";
-    nameservers = [ "192.168.100.15" ];
-
-    extraHosts = ''
-      192.168.100.12 strawberry
-      192.168.100.15 caramel
-
-      10.100.0.1     sugarcane
-    '';
-  };
-}
diff --git a/hosts/caramel/default.nix b/hosts/caramel/default.nix
deleted file mode 100644
index 1fc224d..0000000
--- a/hosts/caramel/default.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: {
-  networking.hostName = "caramel";
-  system.stateVersion = "22.11";
-  time.timeZone = "Asia/Phnom_Penh";
-
-  age.secrets = {
-    acme_dns.file = ../../secrets/acme_dns.age;
-    passwd.file = ../../secrets/passwd.age;
-    warden_admin.file = ../../secrets/warden_admin.age;
-    wpa_conf.file = ../../secrets/wpa_conf.age;
-    wg_caramel.file = ../../secrets/wg_caramel.age;
-  };
-  imports =
-    (with modules.system; [
-      "${builtins.toString modulesPath}/installer/sd-card/sd-image-aarch64.nix"
-      inputs.home-manager-raccoon.nixosModule
-
-      base
-      home-manager
-      input
-      nix-stable
-      security
-      transmission
-      wireguard
-
-      ./filesystem.nix
-      ./kernel.nix
-      ./image.nix
-      ./networking.nix
-      ./packages.nix
-
-      ../../users/hana
-    ]) ++
-    (with modules.services; [
-#       nginx
-#       postgres
-#       synapse
-      jellyfin
-      sonarr
-      tmptsync
-      unbound
-    ]);
-}
diff --git a/hosts/caramel/filesystem.nix b/hosts/caramel/filesystem.nix
deleted file mode 100644
index 5cc264c..0000000
--- a/hosts/caramel/filesystem.nix
+++ /dev/null
@@ -1,50 +0,0 @@
-{ config, lib, ... }:
-let
-  bind = src: {
-    depends = [ "/persist" ];
-    device = src;
-    fsType = "none";
-    neededForBoot = true;
-    options = [ "bind" ];
-  };
-in {
-  fileSystems = {
-    "/" = lib.mkForce {
-      device = "rootfs";
-      fsType = "tmpfs";
-      options = [ "defaults" "size=1G" "mode=755" ];
-    };
-
-    # "/nix" = {
-    #   device = "overlayfs";
-    #   fsType = "overlay";
-    #   options = [
-    #     "lowerdir=/mnt/image/nix"
-    #     "upperdir=/persist/nix-overlay"
-    #     "workdir=/persist/.overlaytmp"
-    #   ];
-    #   noCheck = true;
-    #   depends = [ "/mnt/image" "/persist" ];
-    # };
-
-    "/nix" = (bind "/mnt/image/nix") // { depends = [ "/mnt/image" ]; };
-
-    "/mnt/image" = {
-      device = "/dev/disk/by-label/NIXOS_SD";
-      fsType = "ext4";
-      options = [ "defaults" "noatime" ];
-      neededForBoot = true;
-    };
-
-    "/persist" = {
-      device = "/dev/disk/by-label/PI_HDD";
-      fsType = "ext4";
-      options = [ "defaults" "relatime" ];
-      neededForBoot = true;
-    };
-
-    "/var/lib/acme" = bind "/persist/acme";
-    "/var/log/journal" = bind "/persist/journal";
-    "/boot" = (bind "/mnt/image/boot") // { depends = [ "/mnt/image" ]; };
-  };
-}
diff --git a/hosts/caramel/image.nix b/hosts/caramel/image.nix
deleted file mode 100644
index a7e9975..0000000
--- a/hosts/caramel/image.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, lib, pkgs, ... }: {
-  sdImage.expandOnBoot = false;
-  boot.postBootCommands = ''
-    # On the first boot do some maintenance tasks
-    if [ -f /mnt/image/nix-path-registration ]; then
-      set -euo pipefail
-      set -x
-      # Figure out device names for the boot device and root filesystem.
-      rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /mnt/image)
-      bootDevice=$(lsblk -npo PKNAME $rootPart)
-      partNum=$(lsblk -npo MAJ:MIN $rootPart | ${pkgs.gawk}/bin/awk -F: '{print $2}')
-
-      # Resize the root partition and the filesystem to fit the disk
-      echo ",+," | sfdisk -N$partNum --no-reread $bootDevice
-      ${pkgs.parted}/bin/partprobe
-      ${pkgs.e2fsprogs}/bin/resize2fs $rootPart
-
-      # Register the contents of the initial Nix store
-      ${config.nix.package.out}/bin/nix-store --load-db < /mnt/image/nix-path-registration
-
-      # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag.
-      touch /etc/NIXOS
-      ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
-
-      # Prevents this from running on later boots.
-      rm -f /mnt/image/nix-path-registration
-    fi
-  '';
-}
diff --git a/hosts/caramel/kernel.nix b/hosts/caramel/kernel.nix
deleted file mode 100644
index 8c8e9a8..0000000
--- a/hosts/caramel/kernel.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{ config, inputs, lib, pkgs, ... }: {
-  imports = [
-    inputs.nixos-hardware.nixosModules.raspberry-pi-4
-  ];
-  hardware.raspberry-pi."4".fkms-3d.enable = true;
-
-  boot = {
-    initrd.kernelModules = [ "overlay" ];
-    supportedFilesystems = lib.mkForce [ "btrfs" "vfat" ];
-    kernel.sysctl = {
-      "kernel.core_pattern" = "|/bin/false";
-      "kernel.sysrq" = 1;
-    };
-  };
-}
diff --git a/hosts/caramel/networking.nix b/hosts/caramel/networking.nix
deleted file mode 100644
index 33dd49c..0000000
--- a/hosts/caramel/networking.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, ... }: {
-  environment.etc."wpa_supplicant.conf".source = config.age.secrets.wpa_conf.path;
-  networking = {
-    firewall.allowedTCPPorts = [ 80 443 ];
-
-    wireless = {
-      enable = true;
-      interfaces = [ "wlan0" ];
-    };
-
-    useDHCP = false;
-    interfaces.wlan0.useDHCP = false;
-
-    interfaces.wlan0.ipv4.addresses = [{
-      address = "192.168.100.15";
-      prefixLength = 24;
-    }];
-    defaultGateway = "192.168.100.1";
-    nameservers = [ "8.8.8.8" ];
-
-    extraHosts = ''
-      192.168.100.12 strawberry
-      192.168.100.13 blossom
-    '';
-  };
-
-  # wait for ntp before connecting to wireguard
-  systemd = {
-    additionalUpstreamSystemUnits = [ "systemd-time-wait-sync.service" ];
-    services = {
-      "systemd-time-wait-sync".wantedBy = [ "multi-user.target" ];
-      "wireguard-wg0".after = [ "time-sync.target" ];
-    };
-  };
-}
diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix
index 735cd03..f65dfd1 100644
--- a/hosts/dandelion/default.nix
+++ b/hosts/dandelion/default.nix
@@ -1,26 +1,44 @@
-{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: {
+{ inputs, modules, modulesPath, ... }: {
   networking.hostName = "dandelion";
   system.stateVersion = "23.11";
   time.timeZone = "Australia/Melbourne";
 
+  age.secrets = {
+    acme_dns.file = ../../secrets/acme_dns.age;
+    slskd_env.file = ../../secrets/slskd_env.age;
+    wg_dandelion.file = ../../secrets/wg_dandelion.age;
+  };
+
   imports = with modules.system; [
     (modulesPath + "/profiles/qemu-guest.nix")
-    inputs.home-manager-stable.nixosModule
+    home-manager
 
     base
-    home-manager
-    input
+    kernel
     nix-stable
+    packages
     security
-    #wireguard
+    tailscale
+    wireguard
 
-    modules.services.postgres
+    modules.services.banksia
+    modules.services.nginx
+    modules.services.unbound
+    modules.services.website
+
+    inputs.c-amethyst.nixosModule
+    inputs.c-beryllium.nixosModule
+    inputs.c-citrine.nixosModule
+    inputs.c-diamond.nixosModule
+    inputs.c-fluorite.nixosModule
 
     ./filesystem.nix
     ./kernel.nix
     ./networking.nix
-    ./packages.nix
+    ./nginx.nix
 
     ../../users/hana
   ];
+
+  me.environment = "headless";
 }
diff --git a/hosts/dandelion/filesystem.nix b/hosts/dandelion/filesystem.nix
index d37cb1f..861bc15 100644
--- a/hosts/dandelion/filesystem.nix
+++ b/hosts/dandelion/filesystem.nix
@@ -1,4 +1,4 @@
-{ config, lib, ... }:
+{ ... }:
 let
   bind = src: {
     depends = [ "/nix" ];
@@ -8,12 +8,12 @@ let
     options = [ "bind" ];
   };
 
-  mkLabelMount = label: type: lazy: {
+  mkLabelMount = label: type: {
     device = "/dev/disk/by-label/${label}";
     fsType = type;
-    options = [ "defaults" "relatime" ] ++ lib.optionals lazy [ "nofail" ];
+    options = [ "defaults" "relatime" ];
   };
-  mkBtrfsMount = name: subvol: atime: mkLabelMount name "btrfs" false // {
+  mkBtrfsMount = name: subvol: atime: mkLabelMount name "btrfs" // {
     options = [ "autodefrag" "compress=zstd:3" "defaults" "discard=async" "space_cache=v2" "ssd" "subvol=${subvol}" (if atime then "relatime" else "noatime") ];
   };
   submount = mkBtrfsMount "DANDELION";
@@ -22,10 +22,10 @@ in {
     "/" = {
       device = "rootfs";
       fsType = "tmpfs";
-      options = [ "defaults" "size=12G" "mode=755" ];
+      options = [ "defaults" "size=6G" "mode=755" ];
     };
+    "/boot" = mkLabelMount "UEFI" "vfat";
 
-    "/boot" = mkLabelMount "UEFI" "vfat" true;
     "/nix" = submount "/@/nix" false;
     "/persist" = (submount "/@/persist" true) // { neededForBoot = true; };
     "/persist/.snapshots" = submount "/snap/persist" false;
diff --git a/hosts/dandelion/kernel.nix b/hosts/dandelion/kernel.nix
index 76629f3..7ea7d43 100644
--- a/hosts/dandelion/kernel.nix
+++ b/hosts/dandelion/kernel.nix
@@ -1,18 +1,10 @@
-{ config, inputs, pkgs, ... }: {
+{ ... }: {
   boot = {
     loader = {
-      systemd-boot.enable = false;
       efi.canTouchEfiVariables = true;
-      grub = {
-        enable = true;
-        device = "/dev/sda";
-      };
+      systemd-boot.enable = true;
     };
     initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" ];
     initrd.kernelModules = [ "nvme" ];
-    kernel.sysctl = {
-      "kernel.core_pattern" = "|/bin/false";
-      "kernel.sysrq" = 1;
-    };
   };
 }
diff --git a/hosts/dandelion/networking.nix b/hosts/dandelion/networking.nix
index 555dcdd..322719e 100644
--- a/hosts/dandelion/networking.nix
+++ b/hosts/dandelion/networking.nix
@@ -1,10 +1,4 @@
-{ config, ... }: {
-  networking = {
-    useDHCP = true;
-
-    # extraHosts = ''
-    #   10.100.0.3 blossom
-    #   10.100.0.4 strawberry
-    # '';
-  };
+{ ... }: {
+  networking.useDHCP = true;
+  networking.interfaces.enp2s0.useDHCP = false;
 }
diff --git a/hosts/dandelion/nginx.nix b/hosts/dandelion/nginx.nix
new file mode 100644
index 0000000..c29de38
--- /dev/null
+++ b/hosts/dandelion/nginx.nix
@@ -0,0 +1,8 @@
+{ ... }: {
+  services.nginx.virtualHosts."muse.lava.moe" = {
+    useACMEHost = "lava.moe";
+    forceSSL = true;
+    locations."/".return = "404";
+    locations."/share/".proxyPass = "http://[fd0d:2::5:2]:4533";
+  };
+}
diff --git a/hosts/dandelion/packages.nix b/hosts/dandelion/packages.nix
index e3e3f15..2d4bd30 100644
--- a/hosts/dandelion/packages.nix
+++ b/hosts/dandelion/packages.nix
@@ -1,4 +1,4 @@
-{ lib, pkgs, ... }: {
+{ pkgs, ... }: {
   environment.systemPackages = with pkgs; [
     git
     htop
diff --git a/hosts/hyacinth/default.nix b/hosts/hyacinth/default.nix
index db176e3..a32d4bd 100644
--- a/hosts/hyacinth/default.nix
+++ b/hosts/hyacinth/default.nix
@@ -1,23 +1,24 @@
 { config, inputs, modules, overlays, pkgs, ... }: {
   networking.hostName = "hyacinth";
   system.stateVersion = "21.11";
-  time.timeZone = "Asia/Phnom_Penh";
+  time.timeZone = "Australia/Melbourne";
 
-  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
-  nixpkgs.overlays = [ inputs.neovim-nightly.overlay ];
+  nixpkgs.overlays = [ inputs.neovim-nightly.overlays.default ];
   age.secrets = {
     passwd.file = ../../secrets/passwd.age;
-    wg_hyacinth.file = ../../secrets/wg_blossom.age;
+    wg_hyacinth.file = ../../secrets/wg_hyacinth.age;
     wpa_conf.file = ../../secrets/wpa_conf.age;
   };
   imports = with modules.system; [
-    inputs.home-manager.nixosModule
     home-manager
 
+    aagl
     audio
     base
+    bluetooth
     ccache
     corectrl
+    docker
     flatpak
     greetd
     gui
@@ -28,21 +29,19 @@
     printing
     security
     snapper
-    virtualisation
+    tailscale
     wireguard
 
-    modules.services.postgres
+    modules.services.syncthing
 
     ./filesystem.nix
     ./kernel.nix
     ./networking.nix
+    ./packages.nix
 
     ../../users/rin
   ];
-  services.postgresql.ensureDatabases = [ "barista" "barista-dev" ];
+  systemd.services.nix-daemon.environment.TMPDIR = "/nix/tmp";
 
-  # For steam fhs-env
-  nixpkgs.config.permittedInsecurePackages = [
-    "openssl-1.1.1w"
-  ];
+  me.hasBluetooth = true;
 }
diff --git a/hosts/hyacinth/filesystem.nix b/hosts/hyacinth/filesystem.nix
index c85d7be..2757182 100644
--- a/hosts/hyacinth/filesystem.nix
+++ b/hosts/hyacinth/filesystem.nix
@@ -15,7 +15,7 @@ in
     "/" = {
       device = "rootfs";
       fsType = "tmpfs";
-      options = [ "defaults" "size=8G" "mode=755" ];
+      options = [ "defaults" "size=24G" "mode=755" ];
     };
     "/boot" = mkLabelMount "CUP" "vfat";
 
diff --git a/hosts/hyacinth/kernel.nix b/hosts/hyacinth/kernel.nix
index 0fc0862..f410014 100644
--- a/hosts/hyacinth/kernel.nix
+++ b/hosts/hyacinth/kernel.nix
@@ -13,12 +13,8 @@
     ];
     kernelPackages = lib.mkForce (pkgs.linuxPackagesFor pkgs.me.linux-lava);
   };
-  services.xserver.xrandrHeads = [{
-    output = "DP-1";
-    primary = true;
-    monitorConfig = ''
-      Modeline "1920x1080_165.00"  525.00  1920 2088 2296 2672  1080 1083 1088 1192 -hsync +vsync
-      Option "PreferredMode" "1920x1080_165.00"
-    '';
-  }];
+  hardware.amdgpu.overdrive = {
+    enable = true;
+    ppfeaturemask = "0xffffffff";
+  };
 }
diff --git a/hosts/hyacinth/networking.nix b/hosts/hyacinth/networking.nix
index 5abc656..0b2eb03 100644
--- a/hosts/hyacinth/networking.nix
+++ b/hosts/hyacinth/networking.nix
@@ -1,20 +1,18 @@
 { config, ... }: {
   environment.etc."wpa_supplicant.conf".source = config.age.secrets.wpa_conf.path;
   networking = {
-    useDHCP = false;
+    useDHCP = true;
     interfaces.enp5s0.useDHCP = false;
+    interfaces.enp5s0.wakeOnLan.enable = true;
 
     interfaces.enp5s0.ipv4.addresses = [{
-      address = "192.168.100.16";
+      address = "192.168.1.201";
       prefixLength = 24;
     }];
-    defaultGateway = "192.168.100.1";
-    nameservers = [ "1.1.1.1" ];
+    defaultGateway = "192.168.1.1";
+    nameservers = [ "8.8.8.8" "8.8.4.4" ];
 
     extraHosts = ''
-      192.168.100.12 strawberry
-      192.168.100.15 caramel
-
       10.100.0.1     sugarcane
     '';
   };
diff --git a/hosts/hyacinth/packages.nix b/hosts/hyacinth/packages.nix
new file mode 100644
index 0000000..69f9ba1
--- /dev/null
+++ b/hosts/hyacinth/packages.nix
@@ -0,0 +1,7 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [
+    discord
+    jetbrains.idea
+    texliveFull
+  ];
+}
diff --git a/hosts/sugarcane/default.nix b/hosts/sugarcane/default.nix
deleted file mode 100644
index fb2a276..0000000
--- a/hosts/sugarcane/default.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: {
-  networking.hostName = "sugarcane";
-  system.stateVersion = "21.11";
-  time.timeZone = "Asia/Singapore";
-
-  age.secrets = {
-    passwd.file = ../../secrets/passwd.age;
-    wg_sugarcane.file = ../../secrets/wg_sugarcane.age;
-  };
-  imports = with modules.system; [
-    (modulesPath + "/profiles/qemu-guest.nix")
-    inputs.home-manager-raccoon.nixosModule
-
-    base
-    home-manager
-    input
-    nix-stable
-    security
-    wireguard
-
-    ./filesystem.nix
-    ./kernel.nix
-    ./networking.nix
-    ./packages.nix
-
-    ../../users/hana
-  ];
-}
diff --git a/hosts/sugarcane/filesystem.nix b/hosts/sugarcane/filesystem.nix
deleted file mode 100644
index cc3db8e..0000000
--- a/hosts/sugarcane/filesystem.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ config, ... }:
-let
-  bind = src: {
-    depends = [ "/nix" ];
-    device = src;
-    fsType = "none";
-    neededForBoot = true;
-    options = [ "bind" ];
-  };
-in {
-  fileSystems = {
-    "/" = {
-      device = "rootfs";
-      fsType = "tmpfs";
-      options = [ "defaults" "size=1G" "mode=755" ];
-    };
-
-    "/nix" = {
-      device = "/dev/disk/by-uuid/19d572a8-1cf6-4b9c-94c6-3ce6be54f719";
-      fsType = "ext4";
-      options = [ "defaults" "noatime" ];
-      neededForBoot = true;
-    };
-
-    "/persist" = bind "/nix/persist";
-    "/var/log/journal" = bind "/nix/persist/journal";
-    "/boot" = bind "/nix/persist/boot";
-  };
-}
diff --git a/hosts/sugarcane/kernel.nix b/hosts/sugarcane/kernel.nix
deleted file mode 100644
index 35c4452..0000000
--- a/hosts/sugarcane/kernel.nix
+++ /dev/null
@@ -1,17 +0,0 @@
-{ config, inputs, pkgs, ... }: {
-  boot = {
-    loader = {
-      systemd-boot.enable = false;
-      efi.canTouchEfiVariables = true;
-      grub = {
-        enable = true;
-        device = "/dev/sda";
-      };
-    };
-    initrd.kernelModules = [ "nvme" ];
-    kernel.sysctl = {
-      "kernel.core_pattern" = "|/bin/false";
-      "kernel.sysrq" = 1;
-    };
-  };
-}
diff --git a/hosts/sugarcane/networking.nix b/hosts/sugarcane/networking.nix
deleted file mode 100644
index 5218f0d..0000000
--- a/hosts/sugarcane/networking.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ config, ... }: {
-  networking = {
-    useDHCP = false;
-    interfaces.ens3.useDHCP = true;
-
-    extraHosts = ''
-      10.100.0.3 blossom
-      10.100.0.4 strawberry
-    '';
-  };
-}
diff --git a/hosts/sugarcane/packages.nix b/hosts/sugarcane/packages.nix
deleted file mode 100644
index e3e3f15..0000000
--- a/hosts/sugarcane/packages.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{ lib, pkgs, ... }: {
-  environment.systemPackages = with pkgs; [
-    git
-    htop
-    jq
-    neovim
-    rsync
-    sshfs
-    wget
-
-    kitty.terminfo
-  ];
-  environment.variables.EDITOR = "nvim";
-}
diff --git a/modules/binds.nix b/modules/binds.nix
new file mode 100644
index 0000000..c9ffe18
--- /dev/null
+++ b/modules/binds.nix
@@ -0,0 +1,13 @@
+{ config, lib, ...}: {
+  imports = [ ./options.nix ];
+  fileSystems = lib.mapAttrs (dest: key: let
+    target = if (lib.strings.hasPrefix "/" key)
+      then key
+      else "/persist/binds/${key}";
+  in {
+    depends = [ "/persist" ];
+    device = target;
+    fsType = "none";
+    options = [ "bind" ];
+  }) config.me.binds;
+}
diff --git a/modules/default.nix b/modules/default.nix
index 60cea74..6775c55 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -14,22 +14,30 @@ let
     }) paths
   );
 in {
+  binds = ./binds.nix;
+  options = ./options.nix;
   services = mkAttrsFromPaths [
+    ./services/banksia.nix
     ./services/jellyfin.nix
     ./services/nginx.nix
     ./services/postgres.nix
     ./services/sonarr.nix
     ./services/synapse.nix
+    ./services/syncthing.nix
     ./services/tmptsync.nix
+    ./services/transmission.nix
     ./services/unbound.nix
     ./services/vaultwarden.nix
+    ./services/website.nix
   ];
   system = mkAttrsFromPaths [
+    ./system/aagl.nix
     ./system/audio.nix
     ./system/base.nix
     ./system/bluetooth.nix
     ./system/ccache.nix
     ./system/corectrl.nix
+    ./system/docker.nix
     ./system/flatpak.nix
     ./system/greetd.nix
     ./system/gui.nix
@@ -42,36 +50,31 @@ in {
     ./system/printing.nix
     ./system/security.nix
     ./system/snapper.nix
-    ./system/transmission.nix
+    ./system/tailscale.nix
     ./system/virtualisation.nix
     ./system/wireguard.nix
   ];
   user = mkAttrsFromPaths [
-    ./user/bspwm.nix
+    ./user/catppuccin.nix
+    ./user/comma.nix
     ./user/direnv.nix
     ./user/dunst.nix
     ./user/eww.nix
-    ./user/eww-wayland.nix
     ./user/git.nix
     ./user/gpg.nix
+    ./user/hypridle.nix
+    ./user/hyprlock.nix
     ./user/kitty.nix
     ./user/mpv.nix
     ./user/neovim.nix
     ./user/neovim-minimal.nix
     ./user/npm.nix
     ./user/obs.nix
-    ./user/packages-rin.nix
-    ./user/pass.nix
-    ./user/picom.nix
-    ./user/polybar.nix
     ./user/rofi.nix
-    ./user/rofi-wayland.nix
     ./user/sessionVariables.nix
     ./user/spicetify.nix
-    ./user/sxhkd.nix
     ./user/theming.nix
     ./user/xdg.nix
-    ./user/xorg.nix
     ./user/zsh.nix
   ];
 }
diff --git a/modules/options.nix b/modules/options.nix
new file mode 100644
index 0000000..e861c12
--- /dev/null
+++ b/modules/options.nix
@@ -0,0 +1,53 @@
+{ config, lib, ... }:
+let
+  inherit (lib)
+    mkOption
+    types;
+in {
+  options.me = {
+    environment = mkOption {
+      type = types.enum [ "desktop" "laptop" "headless" ];
+      default = "desktop";
+    };
+
+    hasFingerprint = mkOption {
+      type = types.bool;
+      default = false;
+    };
+
+    gui = mkOption {
+      type = types.bool;
+      default = config.me.environment != "headless";
+    };
+
+    batteryDevice = mkOption {
+      type = with types; nullOr (uniq str);
+      default = null;
+    };
+
+    kbBacklightDevice = mkOption {
+      type = with types; nullOr (uniq str);
+      default = null;
+    };
+
+    hasBluetooth = mkOption {
+      type = types.bool;
+      default = config.me.environment == "laptop";
+    };
+
+    hasWifi = mkOption {
+      type = types.bool;
+      default = config.me.environment == "laptop";
+    };
+
+    hidpi = mkOption {
+      type = types.bool;
+      default = false;
+    };
+
+    binds = lib.mkOption {
+      type = with lib.types; attrsOf str;
+      default = {};
+    };
+  };
+}
diff --git a/modules/services/banksia.nix b/modules/services/banksia.nix
new file mode 100644
index 0000000..2ace618
--- /dev/null
+++ b/modules/services/banksia.nix
@@ -0,0 +1,11 @@
+# TODO ^^
+{ ... }: {
+  services.nginx.virtualHosts = {
+    "banksia.lava.moe" = {
+      useACMEHost = "lava.moe";
+      forceSSL = true;
+      locations."/".return = "302 https://lab.lava.moe/cilly/Banksia";
+      locations."/api".proxyPass = "http://localhost:8080/";
+    };
+  };
+}
diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix
index 4b01c80..a02b7e9 100644
--- a/modules/services/nginx.nix
+++ b/modules/services/nginx.nix
@@ -1,17 +1,21 @@
-{ config, inputs, ... }: {
+{ config, ... }: {
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
   security.acme = {
     acceptTerms = true;
-    email = "me@lava.moe";
-    certs."lava.moe" = {
+    defaults = {
+      email = "me@lava.moe";
       group = "nginx";
-      domain = "lava.moe";
+      dnsProvider = "cloudflare";
+      environmentFile = config.age.secrets."acme_dns".path;
+    };
+    certs."lava.moe" = {
       extraDomainNames = [
         "*.lava.moe"
         "*.local.lava.moe"
       ];
-      dnsProvider = "cloudflare";
-      credentialsFile = config.age.secrets."acme_dns".path;
     };
+    certs."cilly.moe" = {};
+    certs."cilly.dev" = {};
   };
 
   services.nginx = {
@@ -20,23 +24,5 @@
     recommendedOptimisation = true;
     recommendedGzipSettings = true;
     recommendedProxySettings = true;
-
-    virtualHosts = {
-      "lava.moe" = {
-        useACMEHost = "lava.moe";
-        forceSSL = true;
-        root = inputs.website.outPath;
-      };
-      "_" = {
-        default = true;
-        addSSL = true;
-        # TODO generate this somewhere
-        sslCertificate = "/persist/fakeCerts/fake.crt";
-        sslCertificateKey = "/persist/fakeCerts/fake.key";
-        extraConfig = ''
-          return 444;
-        '';
-      };
-    };
   };
 }
diff --git a/modules/services/postgres.nix b/modules/services/postgres.nix
index bffdcee..bbbeaa1 100644
--- a/modules/services/postgres.nix
+++ b/modules/services/postgres.nix
@@ -8,6 +8,7 @@ in {
   services.postgresql = {
     enable = true;
     dataDir = dir;
+    # TODO: broken :3
     package = pkgs.postgresql_13;
     authentication = lib.mkOverride 10 ''
       #type  database  DBuser  origin-address      auth-method
diff --git a/modules/services/syncthing.nix b/modules/services/syncthing.nix
new file mode 100644
index 0000000..db32371
--- /dev/null
+++ b/modules/services/syncthing.nix
@@ -0,0 +1,23 @@
+{ config, ... }:
+let
+  dir = "/persist/shared/.syncthing";
+  user = if config.me.gui then "rin" else "hana";
+  uid = toString config.users.users."${user}".uid;
+  gid = toString config.users.groups.users.gid;
+in
+{
+  systemd.tmpfiles.rules = [
+    "d ${dir}/config 700 ${uid} ${gid}"
+    "d ${dir}/data 700 ${uid} ${gid}"
+  ];
+  systemd.services.syncthing.environment.STNODEFAULTFOLDER = "true";
+  services.syncthing = {
+    enable = true;
+    openDefaultPorts = true;
+    user = user;
+    group = "users";
+    dataDir = "/persist/shared/.syncthing/data";
+    configDir = "/persist/shared/.syncthing/config";
+    guiAddress = if config.me.gui then "127.0.0.1:8384" else ":8384";
+  };
+}
diff --git a/modules/system/transmission.nix b/modules/services/transmission.nix
similarity index 71%
rename from modules/system/transmission.nix
rename to modules/services/transmission.nix
index 202b5ae..7540d68 100644
--- a/modules/system/transmission.nix
+++ b/modules/services/transmission.nix
@@ -5,13 +5,6 @@
     downloadDirPermissions = "775";
     openFirewall = true;
     settings = {
-      alt-speed-down = 512;
-      alt-speed-enabled = true;
-      alt-speed-time-begin = 360;
-      alt-speed-time-day = 127;
-      alt-speed-time-enabled = true;
-      alt-speed-time-end = 1380;
-      alt-speed-up = 256;
       download-dir = "/persist/transmission/Downloads";
       incomplete-dir = "/persist/transmission/.incomplete";
       ratio-limit-enabled = true;
diff --git a/modules/services/unbound.nix b/modules/services/unbound.nix
index a9cf3bc..8aae0fd 100644
--- a/modules/services/unbound.nix
+++ b/modules/services/unbound.nix
@@ -1,8 +1,17 @@
-{ inputs, ... }:
+{ inputs, pkgs, gcSecrets, ... }:
 let
   dir = "/persist/unbound";
+
+  converted = pkgs.runCommand "stevenblack-hosts-unbound" {} ''
+    echo "server:" > "$out"
+    grep '^0\.0\.0\.0' "${inputs.stevenblack-hosts}/hosts" | awk '{print "local-zone: \""$2"\" always_refuse"}' | tail -n +2 >> "$out"
+  '';
 in {
-  networking.firewall.interfaces.wlan0 = {
+  networking.firewall.interfaces."ve-+" = {
+    allowedUDPPorts = [ 53 853 ];
+    allowedTCPPorts = [ 53 853 ];
+  };
+  networking.firewall.interfaces.wg0 = {
     allowedUDPPorts = [ 53 853 ];
     allowedTCPPorts = [ 53 853 ];
   };
@@ -16,17 +25,27 @@ in {
         name = ".";
         forward-tls-upstream = true;
         forward-addr = [
+          "2606:4700:4700::1111@853#cloudflare-dns.com"
+          "2606:4700:4700::1001@853#cloudflare-dns.com"
+          "2001:4860:4860::8888@853#dns.google"
+          "2001:4860:4860::8844@853#dns.google"
           "1.1.1.1@853#cloudflare-dns.com"
           "1.0.0.1@853#cloudflare-dns.com"
+          "8.8.8.8@853#dns.google"
+          "8.8.4.4@853#dns.google"
         ];
       }];
 
       server = {
-        interface = [ "0.0.0.0" ];
+        interface = [ "0.0.0.0" "::0" ];
         access-control = [
           "127.0.0.1/8      allow"
           "10.0.0.0/8       allow"
+          "100.64.0.0/10    allow"
           "192.168.100.0/24 allow"
+          "fd0d::/16        allow"
+          "fd7a:115c:a1e0::/48 allow"
+          "${gcSecrets.wireguard.ipv6Subnet}:/80 allow"
         ];
         domain-insecure = [ "\"local.lava.moe\"" ];
         local-zone = [ "\"warden.local.lava.moe.\" redirect" ];
@@ -35,7 +54,7 @@ in {
         ];
       };
 
-      include = "${inputs.hosts-blocklists}/unbound/unbound.blacklist.conf";
+      include = "${converted}";
     };
   };
 
diff --git a/modules/services/website.nix b/modules/services/website.nix
new file mode 100644
index 0000000..3fba609
--- /dev/null
+++ b/modules/services/website.nix
@@ -0,0 +1,43 @@
+{ inputs, pkgs, ... }: let
+  pastel = inputs.pastel.packages.${pkgs.system}.default;
+in {
+  services.nginx.virtualHosts = {
+    "cilly.moe" = {
+      useACMEHost = "cilly.moe";
+      forceSSL = true;
+      root = pastel.outPath;
+    };
+    "cilly.dev" = {
+      useACMEHost = "cilly.dev";
+      forceSSL = true;
+      root = pastel.outPath;
+    };
+    "lava.moe" = {
+      useACMEHost = "lava.moe";
+      forceSSL = true;
+      root = inputs.website.outPath;
+    };
+    "cdn.lava.moe" = {
+      useACMEHost = "lava.moe";
+      forceSSL = true;
+      extraConfig = ''
+        return 301 https://sh.lava.moe$request_uri;
+      '';
+    };
+    "sh.lava.moe" = {
+      useACMEHost = "lava.moe";
+      forceSSL = true;
+      root = "/persist/cdn";
+    };
+    "_" = {
+      default = true;
+      addSSL = true;
+      # TODO generate this somewhere
+      sslCertificate = "/persist/fakeCerts/fake.crt";
+      sslCertificateKey = "/persist/fakeCerts/fake.key";
+      extraConfig = ''
+        return 444;
+      '';
+    };
+  };
+}
diff --git a/modules/system/aagl.nix b/modules/system/aagl.nix
new file mode 100644
index 0000000..57826c4
--- /dev/null
+++ b/modules/system/aagl.nix
@@ -0,0 +1,6 @@
+{ inputs, ... }: {
+  imports = [ inputs.aagl.nixosModules.default ];
+  nix.settings = inputs.aagl.nixConfig;
+  programs.anime-game-launcher.enable = true;
+  programs.sleepy-launcher.enable = true;
+}
diff --git a/modules/system/audio.nix b/modules/system/audio.nix
index 1339b51..46d50c0 100644
--- a/modules/system/audio.nix
+++ b/modules/system/audio.nix
@@ -17,7 +17,6 @@ let
     rate = toString int.rate;
   };
 in {
-  sound.enable = false;
   security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
@@ -26,7 +25,7 @@ in {
     pulse.enable = true;
     jack.enable = true;
   };
-  environment.etc."pipewire/pipewire.conf.d/99-config.conf".text = builtins.toJSON {
+  services.pipewire.extraConfig.pipewire = {
     "context.properties" = {
       "default.clock.rate" = int.rate;
       "default.clock.quantum" = int.quantum.def;
@@ -50,7 +49,7 @@ in {
       "resample.quality" = 1;
     };
   };
-  environment.etc."pipewire/pipewire-pulse.conf.d/99-config.conf".text = builtins.toJSON {
+  services.pipewire.extraConfig.pipewire-pulse = {
       "context.modules" = [
         {
           name = "libpipewire-module-rtkit";
diff --git a/modules/system/base.nix b/modules/system/base.nix
index 0ca07dc..c45eb99 100644
--- a/modules/system/base.nix
+++ b/modules/system/base.nix
@@ -1,4 +1,6 @@
-{ config, enableGUI, inputs, modules, overlays, ... }: {
+{ config, inputs, modules, ... }: {
+  imports = [ modules.binds modules.options ];
+
   environment.etc = {
     "machine-id".source = "/persist/machine-id";
     "ssh/ssh_host_rsa_key".source = "/persist/ssh_host_rsa_key";
@@ -8,7 +10,9 @@
   };
   environment.pathsToLink = [ "/share/zsh" ];
 
-  i18n.defaultLocale = "en_GB.UTF-8";
+  i18n.defaultLocale = "en_AU.UTF-8";
+  i18n.extraLocales = [ "en_GB.UTF-8/UTF-8" ];
+
   users.mutableUsers = false;
 
   system = {
@@ -19,6 +23,5 @@
     };
   };
   nix.registry.config.flake = inputs.self;
-  nix.registry.nixpkgs.flake = inputs.nixpkgs;
   nix.registry.shells.flake = inputs.self;
 }
diff --git a/modules/system/corectrl.nix b/modules/system/corectrl.nix
index c2ec98d..6f6ca01 100644
--- a/modules/system/corectrl.nix
+++ b/modules/system/corectrl.nix
@@ -1,9 +1,5 @@
 { ... }: {
   programs.corectrl = {
     enable = true;
-    gpuOverclock = {
-      enable = true;
-      ppfeaturemask = "0xffffffff";
-    };
   };
 }
diff --git a/modules/system/docker.nix b/modules/system/docker.nix
new file mode 100644
index 0000000..1ebd190
--- /dev/null
+++ b/modules/system/docker.nix
@@ -0,0 +1,13 @@
+{ pkgs, ... }: {
+  virtualisation.docker = {
+    enable = true;
+    storageDriver = "btrfs";
+    # rootless = {
+    #   enable = true;
+    #   setSocketVariable = true;
+    # };
+  };
+  environment.systemPackages = [
+    pkgs.docker-compose
+  ];
+}
diff --git a/modules/system/greetd.nix b/modules/system/greetd.nix
index 4e2a41f..f220847 100644
--- a/modules/system/greetd.nix
+++ b/modules/system/greetd.nix
@@ -1,16 +1,18 @@
-{ pkgs, lib, ... }: {
+{ pkgs, ... }: {
   services.greetd = {
     enable = true;
     settings = {
       default_session = {
-        command = "${pkgs.greetd.tuigreet}/bin/tuigreet --remember --asterisks --time --cmd 'zsh -c \"source $HOME/.config/zsh/.zshrc && Hyprland > $XDG_RUNTIME_DIR/Hyprland.out\"'";
+        command = "${pkgs.tuigreet}/bin/tuigreet --remember --asterisks --time --cmd 'zsh -c \"source $HOME/.config/zsh/.zshrc && Hyprland > $XDG_RUNTIME_DIR/Hyprland.out\"'";
         user = "greeter";
       };
+
+      initial_session = {
+        command = "${pkgs.writeShellScript "launch.sh" ''
+          zsh -c "source $HOME/.config/zsh/.zshrc && Hyprland > \"$XDG_RUNTIME_DIR/Hyprland.out\""
+        ''}";
+        user = "rin";
+      };
     };
   };
-
-  services.xserver = {
-    autorun = false;
-    displayManager.startx.enable = true;
-  };
 }
diff --git a/modules/system/gui.nix b/modules/system/gui.nix
index 5f951e3..7028dac 100644
--- a/modules/system/gui.nix
+++ b/modules/system/gui.nix
@@ -1,6 +1,6 @@
 { config, lib, pkgs, ... }: {
   fonts = {
-    enableDefaultFonts = true;
+    enableDefaultPackages = true;
     fontconfig = {
       defaultFonts = {
         serif = [ "NotoSerif" ];
@@ -8,15 +8,13 @@
         monospace = [ "CascadiaCode" ];
       };
     };
-    fonts = with pkgs; [
-      cascadia-code
-      font-awesome
-      font-awesome_4
-      hanazono
+    packages = with pkgs; [
+      material-symbols
       material-icons
+      cascadia-code
+      hanazono
       noto-fonts
-      noto-fonts-cjk
-      noto-fonts-extra
+      noto-fonts-cjk-sans
       open-sans
       twemoji-color-font
       unifont
@@ -27,4 +25,7 @@
     displayManager.lightdm.enable = lib.mkForce false;
     desktopManager.xterm.enable = false;
   };
+
+  programs.hyprland.enable = true;
+  security.pam.services.hyprlock = {};
 }
diff --git a/modules/system/home-manager.nix b/modules/system/home-manager.nix
index 43bc0ac..7d0f19d 100644
--- a/modules/system/home-manager.nix
+++ b/modules/system/home-manager.nix
@@ -1,10 +1,19 @@
-{ config, enableGUI, inputs, modules, ... }: {
+{ config, inputs, modules, ... }: {
+  imports = [
+    inputs.home-manager.nixosModules.home-manager
+  ];
   home-manager = {
     useGlobalPkgs = true;
     useUserPackages = true;
     extraSpecialArgs = {
-      inherit enableGUI inputs modules;
+      inherit inputs modules;
       sysConfig = config;
     };
+    sharedModules = [
+      {
+        imports = [ modules.options ];
+        config.me = config.me;
+      }
+    ];
   };
 }
diff --git a/modules/system/input.nix b/modules/system/input.nix
index 17e5416..a0bf2ff 100644
--- a/modules/system/input.nix
+++ b/modules/system/input.nix
@@ -1,4 +1,4 @@
-{ config, lib, pkgs, ... }: {
+{ ... }: {
   services.xserver = {
     displayManager = {
       xserverArgs = [
@@ -6,14 +6,19 @@
         "-arinterval 15"
       ];
     };
-    libinput = {
-      enable = true;
-      mouse = {
-        accelSpeed = "0";
-        accelProfile = "flat";
+  };
+  services.keyd = {
+    enable = true;
+    keyboards = {
+      default = {
+        ids = [ "*" ];
+        settings = {
+          main = {
+            capslock = "esc";
+            esc = "capslock";
+          };
+        };
       };
     };
-    xkbOptions = "caps:escape";
   };
-  console.useXkbConfig = true;
 }
diff --git a/modules/system/kernel.nix b/modules/system/kernel.nix
index e4c5b6b..c0a1bcf 100644
--- a/modules/system/kernel.nix
+++ b/modules/system/kernel.nix
@@ -11,5 +11,8 @@
     };
   };
   hardware.enableRedistributableFirmware = true;
-  zramSwap.enable = true;
+  zramSwap = {
+    enable = true;
+    priority = 100;
+  };
 }
diff --git a/modules/system/nix-stable.nix b/modules/system/nix-stable.nix
index a88612a..1884c04 100644
--- a/modules/system/nix-stable.nix
+++ b/modules/system/nix-stable.nix
@@ -1,5 +1,7 @@
 { config, lib, pkgs, ... }: {
   nix = {
+    package = pkgs.nixVersions.latest;
+
     settings = rec {
       substituters = [
         "https://cache.nixos.org?priority=10"
@@ -17,4 +19,5 @@
     '';
   };
   nixpkgs.config.allowUnfree = true;
+  programs.nh.enable = true;
 }
diff --git a/modules/system/nix.nix b/modules/system/nix.nix
index be8c472..eb14f73 100644
--- a/modules/system/nix.nix
+++ b/modules/system/nix.nix
@@ -1,6 +1,7 @@
-{ config, lib, pkgs, ... }: {
+{ config, inputs, pkgs, ... }: {
   nix = {
-    package = pkgs.nixUnstable;
+    nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
+    package = pkgs.nixVersions.latest;
 
     settings = rec {
       extra-sandbox-paths = [ config.programs.ccache.cacheDir ];
@@ -23,4 +24,5 @@
     '';
   };
   nixpkgs.config.allowUnfree = true;
+  programs.nh.enable = true;
 }
diff --git a/modules/system/packages-gui.nix b/modules/system/packages-gui.nix
new file mode 100644
index 0000000..d853c40
--- /dev/null
+++ b/modules/system/packages-gui.nix
@@ -0,0 +1,26 @@
+{ config, lib, pkgs, ... }: {
+  config = lib.mkIf config.me.gui {
+    environment.systemPackages = with pkgs; [
+      android-tools
+      gparted
+      nautilus
+    ];
+    hardware.graphics.extraPackages = with pkgs; [
+      intel-vaapi-driver
+      libva-vdpau-driver
+      libvdpau-va-gl
+    ];
+    hardware.opentabletdriver.enable = true;
+    hardware.keyboard.qmk.enable = true;
+    programs.steam = {
+      enable = true;
+      package = pkgs.steam.override {
+        extraPkgs = pkgs: with pkgs; [
+          gsettings-desktop-schemas
+        ];
+      };
+    };
+    services.dbus.packages = [ pkgs.dconf pkgs.gcr ];
+    services.gnome.sushi.enable = true;
+  };
+}
diff --git a/modules/system/packages.nix b/modules/system/packages.nix
index bc0c1b4..d4e2e3c 100644
--- a/modules/system/packages.nix
+++ b/modules/system/packages.nix
@@ -1,9 +1,14 @@
-{ config, enableGUI, lib, pkgs, ... }: {
+{ pkgs, ... }: {
+  imports = [ ./packages-gui.nix ];
   environment.systemPackages = with pkgs; [
+    # ecryptfs
     efibootmgr
+    fd
     git
+    git-crypt
     htop
     jq
+    kitty.terminfo
     libarchive
     lf
     msr-tools
@@ -11,35 +16,10 @@
     neovim
     nfs-utils
     ntfs3g
-    sshfs
+    ripgrep
     rsync
+    sshfs
     wget
-  ] ++ lib.optionals enableGUI [
-    gparted
-    gnome.nautilus
   ];
   environment.variables.EDITOR = "nvim";
 }
-// (if !enableGUI then {} else {
-  programs.adb.enable = true;
-  hardware.opengl.extraPackages = with pkgs; [
-    vaapiIntel
-    vaapiVdpau
-    libvdpau-va-gl
-    rocm-opencl-icd
-    rocm-opencl-runtime
-  ];
-  programs.light.enable = true;
-  hardware.opentabletdriver.enable = true;
-  hardware.keyboard.qmk.enable = true;
-  programs.steam = {
-    enable = true;
-    package = pkgs.steam.override {
-      extraPkgs = pkgs: with pkgs; [
-        gsettings-desktop-schemas
-      ];
-    };
-  };
-  services.dbus.packages = [ pkgs.dconf pkgs.gcr ];
-  services.gnome.sushi.enable = true;
-})
diff --git a/modules/system/printing.nix b/modules/system/printing.nix
index 9cb254b..f7ccb20 100644
--- a/modules/system/printing.nix
+++ b/modules/system/printing.nix
@@ -3,7 +3,7 @@
     enable = true;
     drivers = with pkgs; [
       epson-escpr
-      me.epson-201112j
+      #me.epson-201112j
     ];
   };
 }
diff --git a/modules/system/security.nix b/modules/system/security.nix
index 602f108..f1f087b 100644
--- a/modules/system/security.nix
+++ b/modules/system/security.nix
@@ -1,4 +1,4 @@
-{ config, pkgs, ... }: {
+{ config, lib, pkgs, ... }: {
   networking.firewall =
   let
     iptables = "${pkgs.iptables}/bin/iptables";
@@ -53,5 +53,33 @@
         }
       ];
     };
+    pam = lib.mkIf (config.me.environment != "headless") {
+      u2f = {
+        enable = true;
+        settings = {
+          cue = true;
+          pinverification = 1;
+        };
+      };
+      services.doas.rules.auth = {
+        u2f.settings.pinverification = lib.mkForce 0;
+        u2f_int = lib.mkMerge [
+          {
+            enable = true;
+            order = config.security.pam.services.doas.rules.auth.u2f.order + 1;
+            control = "sufficient";
+            modulePath = "${pkgs.pam_u2f}/lib/security/pam_u2f.so";
+            inherit (config.security.pam.u2f) settings;
+          }
+          {
+            settings = lib.mkForce {
+              interactive = true;
+              pinverification = 0;
+              userpresence = 0;
+            };
+          }
+        ];
+      };
+    };
   };
 }
diff --git a/modules/system/tailscale.nix b/modules/system/tailscale.nix
new file mode 100644
index 0000000..5e3e044
--- /dev/null
+++ b/modules/system/tailscale.nix
@@ -0,0 +1,13 @@
+{ config, lib, ... }: {
+  age.secrets.tailscale_auth.file = ../../secrets/tailscale_auth.age;
+  me.binds."/var/lib/tailscale" = "tailscale";
+  networking.firewall.trustedInterfaces = [ "tailscale0" ];
+  networking.firewall.allowedUDPPorts = lib.mkIf (config.me.environment == "headless") [ 123 ];
+
+  services.tailscale = {
+    enable = true;
+    authKeyFile = config.age.secrets.tailscale_auth.path;
+    openFirewall = true;
+    useRoutingFeatures = if config.me.environment == "headless" then "both" else "client";
+  };
+}
diff --git a/modules/system/wireguard.nix b/modules/system/wireguard.nix
index 2684d65..71f85ad 100644
--- a/modules/system/wireguard.nix
+++ b/modules/system/wireguard.nix
@@ -1,13 +1,11 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, gcSecrets, ... }:
 let
-  port = 51820;
-  serverName = "sugarcane";
-  serverInterface = "ens3";
-  serverIp = "51.79.240.130";
+  port = 51801;
+  serverName = "dandelion";
+  serverInterface = "enp0s6";
+  serverIp = gcSecrets.wireguard.gateway;
 
   forwarding = {
-    "80" = [ "10.100.0.2" "80" ];
-    "443" = [ "10.100.0.2" "443" ];
     "22727" = [ "10.100.0.3" "7777" ];
   };
 
@@ -20,52 +18,61 @@ let
       in ''
         ${pkgs.iptables}/bin/iptables -${type} PREROUTING -t nat -i ${serverInterface} -p tcp --dport ${sport} -j DNAT --to ${dest}:${dport}
         ${pkgs.iptables}/bin/iptables -${type} FORWARD -p tcp -d ${dest} --dport ${dport} -j ACCEPT
+        ${pkgs.iptables}/bin/iptables -${type} PREROUTING -t nat -i ${serverInterface} -p udp --dport ${sport} -j DNAT --to ${dest}:${dport}
+        ${pkgs.iptables}/bin/iptables -${type} FORWARD -p udp -d ${dest} --dport ${dport} -j ACCEPT
       '') forwarding
     );
 
-  routeBypass = {
-    caramel = {
-      gateway = "192.168.100.1";
-      interface = "wlan0";
-      routes = [
-        serverIp
-      ];
-    };
-    hyacinth = {
-      gateway = "192.168.100.1";
-      interface = "enp5s0";
-      routes = [
-        serverIp
-      ];
-    };
-  };
-
   clients = {
-    caramel = {
-      publicKey = "VDqcpS0lJzFgwikj61MJ1xc9P8Cuq0NXa+Hc+etn2iA=";
-      allowedIPs = [ "10.100.0.2/32" ];
-    };
     hyacinth = {
       publicKey = "6nVhazYdmC15A/nke9VrqIg3sOBVOmqj4GEsyBq7MVo=";
-      allowedIPs = [ "10.100.0.3/32" ];
+      allowedIPs = [ "10.100.0.3/32" "${gcSecrets.wireguard.ipv6Subnet}:3" "fd0d::3" ];
+      interfaces = {
+        wg0 = { peers = [ server6OnlyPeer ]; };
+        wg1 = { peers = [ serverPeer ]; autostart = false; };
+        wg2 = { peers = [ serverLocalOnlyPeer ]; autostart = false; };
+      };
     };
-    strawberry = {
-      publicKey = "Fkcp/VSN4Dkhly8V4hskF4lnDviA7VZHCnWf7OliFCg=";
-      allowedIPs = [ "10.100.0.4/32" ];
+    anemone = {
+      publicKey = "px5+JNdAmqBvUC++DhiJrUBRAr+BYP6iYVt4sbhPTWY=";
+      allowedIPs = [ "10.100.0.4/32" "${gcSecrets.wireguard.ipv6Subnet}:4" "fd0d::4" ];
+      interfaces = {
+        wg0 = { peers = [ server6OnlyPeer ]; };
+        wg1 = { peers = [ serverPeer ]; autostart = false; };
+        wg2 = { peers = [ serverLocalOnlyPeer ]; autostart = false; };
+      };
     };
-    maple = {
-      publicKey = "kPw8hpANygfz83Oi/l+iCVYalV2zfs7fhkccjoGG2Do=";
-      allowedIPs = [ "10.100.0.5/32" ];
+    hibiscus = {
+      publicKey = "vQ5a2KMrwi7RCRsD0yvog+n35vQYFuvwiPn+W4lbRBw=";
+      allowedIPs = [ "10.100.0.5/32" "${gcSecrets.wireguard.ipv6Subnet}:5" "fd0d::5" ];
+      interfaces = {
+        wg0 = { peers = [ server6OnlyPeer ]; };
+        wg1 = { peers = [ serverPeer ]; autostart = false; };
+        wg2 = { peers = [ serverLocalOnlyPeer ]; autostart = false; };
+      };
+    };
+    hazel = {
+      publicKey = "0zruTndObzHo+b1rbOuTsxCU97epygZycxXS/lgUHUc=";
+      allowedIPs = [ "10.100.0.21/32" "${gcSecrets.wireguard.ipv6Subnet}:21" "fd0d::21" ];
+      interfaces = {
+        wg0 = {
+          dns = [ "::1" "127.0.0.1" ];
+          peers = [ serverLocalOnlyPeer ];
+        };
+      };
     };
   };
 
-  clientPeers = builtins.attrValues clients;
-  serverPeer = {
+  clientPeers = builtins.map (client: builtins.removeAttrs client [ "interfaces" ]) (builtins.attrValues clients);
+  serverPeerWith = ips: {
     publicKey = "3ugIk2tQZXjAH9/95s63ld2WNUHQrd4Mz5jzbln6oj0=";
-    allowedIPs = [ "0.0.0.0/0" ];
+    allowedIPs = ips;
     endpoint = "${serverIp}:${toString port}";
     persistentKeepalive = 25;
   };
+  serverPeer = serverPeerWith [ "0.0.0.0/0" "::/0" ];
+  server6OnlyPeer = serverPeerWith [ "10.100.0.0/24" "::/0" ];
+  serverLocalOnlyPeer = serverPeerWith [ "10.100.0.0/24" "fd0d::/16" ];
 
   serverConfig = {
     nat = {
@@ -79,7 +86,7 @@ let
     };
 
     wireguard.interfaces.wg0 = {
-      ips = [ "10.100.0.1/24" ];
+      ips = [ "10.100.0.1/24" "${gcSecrets.wireguard.ipv6Subnet}:1" "fd0d::1" ];
       listenPort = port;
 
       postSetup = ''
@@ -97,33 +104,24 @@ let
   };
 
   clientConfig = {
-    wireguard.interfaces.wg0 =
+    wg-quick.interfaces =
     let
       client = clients."${config.networking.hostName}";
-      routes = routeBypass."${config.networking.hostName}";
-      mapRoutes = type: lib.concatMapStringsSep "\n" (r: "${pkgs.iproute2}/bin/ip route ${type} ${r} via ${routes.gateway} dev ${routes.interface}") routes.routes;
-    in {
-      ips = client.allowedIPs;
-      listenPort = port;
-
-      postSetup = ''
-        ${mapRoutes "add"}
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${serverInterface} -j MASQUERADE
-      '';
-
-      postShutdown = ''
-        ${mapRoutes "del"}
-        ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o ${serverInterface} -j MASQUERADE
-      '';
-
-      privateKeyFile = config.age.secrets."wg_${config.networking.hostName}".path;
-      peers = [ serverPeer ];
-    };
+    in
+      builtins.mapAttrs (interface: conf: {
+        address = client.allowedIPs;
+        dns = [ "fd0d::1" "10.100.0.1" ];
+        privateKeyFile = config.age.secrets."wg_${config.networking.hostName}".path;
+      } // conf) client.interfaces;
   };
 in {
+  boot.kernel.sysctl = lib.mkIf (config.networking.hostName == serverName) ({
+    "net.ipv6.conf.all.forwarding" = true;
+    "net.ipv6.conf.default.forwarding" = true;
+  });
   networking =
     lib.mkMerge [
       (lib.mkIf (config.networking.hostName == serverName) serverConfig)
-      (lib.mkIf (builtins.hasAttr config.networking.hostName clients) clientConfig)
+      (lib.mkIf (config.networking.hostName != serverName) clientConfig)
     ];
 }
diff --git a/modules/user/bspwm.nix b/modules/user/bspwm.nix
deleted file mode 100644
index 13b2941..0000000
--- a/modules/user/bspwm.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-# Depends on eww
-{ config, pkgs, ... }: {
-  xsession.windowManager.bspwm = {
-    enable = true;
-    monitors = { "DP-1" = [ "1" "2" "3" "4" "5" "6" "7" "8" "9" "0"]; };
-    settings = {
-      window_gap = 10;
-      border_width = 0;
-      split_ratio = 0.5;
-      top_padding = 0;
-    };
-    extraConfig = ''
-      ${pkgs.feh}/bin/feh --no-fehbg --bg-fill ~/Pictures/Wallpapers/current
-
-      ${pkgs.procps}/bin/pkill -SIGINT eww
-      ${pkgs.eww}/bin/eww open linebar
-    '';
-  };
-}
diff --git a/modules/user/catppuccin.nix b/modules/user/catppuccin.nix
new file mode 100644
index 0000000..176b42c
--- /dev/null
+++ b/modules/user/catppuccin.nix
@@ -0,0 +1,75 @@
+{ config, inputs, lib, pkgs, ... }: {
+  imports = [
+    inputs.catppuccin.homeManagerModules.catppuccin
+  ];
+
+  options.catppuccin.colors = lib.mkOption {
+    type = lib.types.attrs;
+    default = (builtins.fromJSON (builtins.readFile "${inputs.catppuccin-palette}/palette.json"))."${config.catppuccin.flavor}".colors;
+  };
+  options.catppuccin.hexcolors = lib.mkOption {
+    type = lib.types.attrs;
+    default = builtins.mapAttrs (name: value: value.hex) config.catppuccin.colors;
+  };
+
+  config = {
+    catppuccin = {
+      accent = lib.mkDefault "pink";
+      flavor = lib.mkDefault "mocha";
+      kitty.enable = true;
+      gtk.enable = true;
+      hyprlock.enable = true;
+      nvim.enable = true;
+    };
+
+    specialisation = {
+      light.configuration.catppuccin.flavor = "latte";
+      dark.configuration.catppuccin.flavor = "mocha";
+    };
+
+    home.packages = [(pkgs.writeShellScriptBin "theme" ''
+      last_path="$HOME/.local/state/last-theme"
+      target="$1"
+      if [ "$target" == "get_last" ]; then
+        if [ ! -e "$last_path" ]; then
+          echo "no last theme found; assuming dark" >&2
+          target="dark"
+        else
+          target=$(cat "$last_path" | tr -d "\n")
+        fi
+        echo "$target"
+        exit 0
+      fi
+      if [ "$target" == "restore" ]; then
+        echo "restoring theme"
+        if [ ! -e "$last_path" ]; then
+          echo "no last theme found; assuming dark" >&2
+          target="dark"
+        else
+          target=$(cat "$last_path" | tr -d "\n")
+        fi
+      fi
+      if [ "$target" != "dark" ] && [ "$target" != "light" ]; then
+        echo "invalid theme, valid values: [dark, light, restore]"
+        exit 1
+      fi
+      current="$HOME/.local/state/home-manager/gcroots/current-home/"
+      cached="$HOME/.local/state/last-parent-specialisation"
+      if [ -d "$current/specialisation" ]; then
+        if [ -d "$cached" ]; then
+          rm -f "$cached"
+        fi
+        ln -sf "$(readlink -f $current)" "$cached"
+      fi
+
+      if [ ! -d "$cached/specialisation" ]; then
+        echo "no specialisations found"
+        exit 1
+      fi
+
+      "$cached/specialisation/$target/activate"
+
+      echo "$target" > "$last_path"
+    '')];
+  };
+}
diff --git a/modules/user/comma.nix b/modules/user/comma.nix
new file mode 100644
index 0000000..5ae7f03
--- /dev/null
+++ b/modules/user/comma.nix
@@ -0,0 +1,7 @@
+{ inputs, ... }: {
+  imports = [
+    inputs.nix-index-database.homeModules.default
+  ];
+  programs.nix-index.enable = true;
+  programs.nix-index-database.comma.enable = true;
+}
diff --git a/modules/user/direnv.nix b/modules/user/direnv.nix
index 3f54b94..2329800 100644
--- a/modules/user/direnv.nix
+++ b/modules/user/direnv.nix
@@ -5,7 +5,7 @@
       enable = true;
     };
   };
-  programs.git.extraConfig.core.excludesFile = ".envrc";
+  programs.git.settings.core.excludesFile = ".envrc";
   # We can't use .source since hm manages this file too
   xdg.configFile."direnv/direnvrc".text = builtins.readFile ../../res/direnvrc;
   home.activation = {
diff --git a/modules/user/dunst.nix b/modules/user/dunst.nix
index 08f4d62..2ae1404 100644
--- a/modules/user/dunst.nix
+++ b/modules/user/dunst.nix
@@ -12,9 +12,9 @@ in {
       global = {
         monitor = 0;
         follow = "mouse";
-        width = 460;
+        width = "(100, 450)";
         origin = "top-right";
-        offset = "24x35";
+        offset = "24x50";
         notification_limit = 0;
         indicate_hidden = true;
         shrink = true;
@@ -36,7 +36,7 @@ in {
         hide_duplicate_count = true;
         show_indicators = false;
         icon_position = "left";
-        max_icon_size = 32;
+        max_icon_size = 40;
         sticky_history = true;
         history_length = 100;
         browser = "${pkgs.firefox}/bin/firefox -new-tab";
@@ -49,21 +49,21 @@ in {
       };
 
       urgency_low = {
-        background = "#12131b";
-        foreground = "#d8dee8";
+        background = config.catppuccin.hexcolors.crust;
+        foreground = config.catppuccin.hexcolors.text;
         timeout = 3;
       };
 
       urgency_normal = {
-        background = "#12131b";
-        foreground = "#d8dee8";
+        background = config.catppuccin.hexcolors.crust;
+        foreground = config.catppuccin.hexcolors.text;
         timeout = 5;
       };
 
       urgency_critical = {
-        background = "#12131b";
-        foreground = "#d8dee8";
-        # frame_color = "#bf616a";
+        background = config.catppuccin.hexcolors.crust;
+        foreground = config.catppuccin.hexcolors.text;
+        frame_color = config.catppuccin.hexcolors.red;
         timeout = 0;
       };
     };
diff --git a/modules/user/eww-wayland.nix b/modules/user/eww-wayland.nix
deleted file mode 100644
index e939a1f..0000000
--- a/modules/user/eww-wayland.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ pkgs, ... }: {
-  home.packages = with pkgs; [ socat ];
-  programs.eww = {
-    enable = true;
-    configDir = ../../res/eww-wayland;
-  };
-}
diff --git a/modules/user/eww.nix b/modules/user/eww.nix
index b0a8099..13db70e 100644
--- a/modules/user/eww.nix
+++ b/modules/user/eww.nix
@@ -1,8 +1,29 @@
-# Depends on bspwm
-{ pkgs, ... }: {
-  home.packages = with pkgs; [ xtitle ];
+{ config, lib, pkgs, ... }:
+let
+  inherit (lib) boolToString defaultTo;
+  res = pkgs.stdenvNoCC.mkDerivation {
+    pname = "eww-wayland-config";
+    version = "1.0.0";
+    dontUnpack = true;
+    installPhase = ''
+      cp -r ${../../res/eww} $out
+
+      substituteInPlace $out/eww.yuck \
+        --replace-fail "_BAT_ENABLED_" "${boolToString (config.me.batteryDevice != null)}" \
+        --replace-fail "_BAT_PATH_" "${defaultTo "" config.me.batteryDevice}" \
+        --replace-fail "_BT_ENABLED_" "${boolToString config.me.hasBluetooth}" \
+        --replace-fail "_WIFI_ENABLED_" "${boolToString config.me.hasWifi}"
+
+      substituteInPlace $out/eww.scss \
+        --replace-fail "EWW_BACKGROUND" "${config.catppuccin.hexcolors.crust}" \
+        --replace-fail "EWW_TEXT" "${config.catppuccin.hexcolors.text}" \
+        --replace-fail "EWW_ACCENT" "${config.catppuccin.hexcolors.${config.catppuccin.accent}}"
+    '';
+  };
+in {
+  home.packages = with pkgs; [ iw socat ];
   programs.eww = {
     enable = true;
-    configDir = ../../res/eww;
   };
+  xdg.configFile."eww".source = res;
 }
diff --git a/modules/user/git.nix b/modules/user/git.nix
index beea776..ca2762e 100644
--- a/modules/user/git.nix
+++ b/modules/user/git.nix
@@ -1,14 +1,16 @@
-{ config, ... }: {
+{ ... }: {
   programs.git = {
     enable = true;
-    userName = "LavaDesu";
-    userEmail = "me@lava.moe";
     signing = {
       key = "059F098EBF0E9A13E10A46BF6500251E087653C9";
       signByDefault = true;
     };
-    extraConfig = {
+    settings = {
+      user.name = "Cilly Leang";
+      user.email = "mini@cilly.moe";
       core.abbrev = 11;
+      safe.directory = "/home/rin/Projects/flakes";
+      init.defaultBranch = "master";
     };
   };
 }
diff --git a/modules/user/gpg.nix b/modules/user/gpg.nix
index a8ab12f..dba731f 100644
--- a/modules/user/gpg.nix
+++ b/modules/user/gpg.nix
@@ -1,10 +1,10 @@
-{ config, enableGUI, ... }: {
+{ config, pkgs, ... }: {
   programs.gpg = {
     enable = true;
     homedir = "${config.xdg.dataHome}/gnupg";
   };
   services.gpg-agent = {
     enable = true;
-    pinentryFlavor = if enableGUI then "gnome3" else "tty";
+    pinentry.package = pkgs.pinentry-gnome3;
   };
 }
diff --git a/modules/user/hypridle.nix b/modules/user/hypridle.nix
new file mode 100644
index 0000000..af7af86
--- /dev/null
+++ b/modules/user/hypridle.nix
@@ -0,0 +1,45 @@
+{ config, lib, pkgs, ... }:
+let
+  kblight = "brightnessctl -d ${config.me.kbBacklightDevice}";
+in
+{
+  home.packages = [ config.services.hypridle.package ];
+  services.hypridle = {
+    enable = true;
+    settings = {
+      general = {
+        lock_cmd = "pidof hyprlock || hyprlock";
+        before_sleep_cmd = "${lib.getExe pkgs.playerctl} pause; loginctl lock-session";
+        after_sleep_cmd = "hyprctl dispatch dpms on";
+      };
+
+      listener = lib.optionals (config.me.kbBacklightDevice != null) [
+        {
+          timeout = 120;
+          on-timeout = "${kblight} -s && ${kblight} 0";
+          on-resume = "${kblight} -r";
+        }
+      ] ++ [
+        {
+          timeout = 150;
+          on-timeout = "brightnessctl -s && brightnessctl 50%-";
+          on-resume = "brightnessctl -r";
+        }
+        {
+          timeout = 180;
+          on-timeout = "brightnessctl -r && loginctl lock-session";
+        }
+        {
+          timeout = 195;
+          on-timeout = "hyprctl dispatch dpms off";
+          on-resume = "hyprctl dispatch dpms on";
+        }
+      ] ++ lib.optionals (config.me.environment == "laptop") [
+        {
+          timeout = 600;
+          on-timeout = "systemctl suspend";
+        }
+      ];
+    };
+  };
+}
diff --git a/modules/user/hyprlock.nix b/modules/user/hyprlock.nix
new file mode 100644
index 0000000..529c522
--- /dev/null
+++ b/modules/user/hyprlock.nix
@@ -0,0 +1,148 @@
+{ config, lib, ... }:
+let
+  scaling = if config.me.hidpi then 1 else 0.5;
+  s = value: if builtins.isInt value || builtins.isFloat value
+  then
+    builtins.floor (value * scaling)
+  else if builtins.isList value
+  then
+    lib.strings.concatMapStringsSep "," (v: builtins.toString (scaling * v)) value
+  else
+    builtins.throw "invalid scaled value type ${builtins.typeOf value} for ${value}";
+  sn = value: s (builtins.map (v: (-v)) value);
+in
+{
+  programs.hyprlock = {
+    enable = true;
+    settings = {
+      general = {
+        disable_loading_bar = true;
+        hide_cursor = true;
+      };
+      auth = {
+        fingerprint = {
+          enabled = config.me.hasFingerprint;
+          ready_message = "Scan fingerprint to unlock";
+        };
+      };
+      background = {
+        monitor = "";
+        color = "$base";
+      };
+      shape = lib.optionals (config.me.batteryDevice != null) [
+        # Battery pill
+        {
+          monitor = "";
+          size = s [165 65];
+          color = "$crust";
+          rounding = -1;
+          halign = "right";
+          valign = "top";
+          position = sn [595 10];
+        }
+      ] ++ [
+        # Time pill
+        {
+          monitor = "";
+          size = s [545 65];
+          color = "$crust";
+          rounding = -1;
+          halign = "right";
+          valign = "top";
+          position = sn [40 10];
+        }
+      ];
+      label = lib.optionals config.me.hasFingerprint [
+        # Fingerprint icon
+        {
+            monitor = "";
+            color = "$text";
+            font_family = "Material Symbols Outlined";
+            font_size = s 64;
+            halign = "center";
+            valign = "top";
+            position = sn [0 100];
+            text = "";
+        }
+        # Fingerprint text
+        {
+          monitor = "";
+          color = "$text";
+          text = "$FPRINTPROMPT";
+          font_size = s 25;
+          font_family = "Open Sans";
+          position = sn [0 235];
+          halign = "center";
+          valign = "top";
+        }
+      ] ++ lib.optionals (config.me.batteryDevice != null) [
+        # Battery icon
+        {
+          monitor = "";
+          text = "";
+          color = "$accent";
+          font_family = "Material Symbols Outlined";
+          font_size = s 27;
+          position = sn [695 20];
+          halign = "right";
+          valign = "top";
+        }
+        # Battery percentage
+        {
+          monitor = "";
+          text = ''cmd[update:60000] echo "<span weight='700'>$(cat /sys/class/power_supply/${config.me.batteryDevice}/capacity)%</span>"'';
+          color = "$text";
+          font_size = s 23;
+          font_family = "Open Sans";
+          position = sn [625 20];
+          halign = "right";
+          valign = "top";
+        }
+      ] ++ [
+        # Time and Date
+        {
+          monitor = "";
+          color = "$text";
+          font_family = "Open Sans";
+          font_size = s 23;
+          halign = "right";
+          valign = "top";
+          position = sn [70 20];
+          text = ''cmd[update:1000] echo "<span alpha='70%' weight='550'>$(date '+%A, %d %B %Y')</span>  <span weight='700'>$(date +%H:%M)</span><span alpha='70%' weight='550'>$(date +:%S)</span>"'';
+        }
+
+        # Fail text under input
+        {
+          monitor = "";
+          color = "$red";
+          font_family = "Open Sans";
+          font_size = s 25;
+          text = "$FAIL $ATTEMPTS[]";
+          position = sn [0 200];
+          halign = "center";
+          valign = "center";
+        }
+      ];
+      input-field = {
+        monitor = "";
+        size = s [600 120];
+        outline_thickness = s 4;
+        check_color = "$peach";
+        dots_size = 0.2;
+        dots_spacing = 0.2;
+        dots_center = true;
+        fail_text = "";
+        font_color = "$text";
+        inner_color = "$crust";
+        outer_color = "$base";
+        placeholder_text = "Password";
+        fade_on_empty = false;
+        hide_input = false;
+        capslock_color = "$yellow";
+        position = sn [0 47];
+        halign = "center";
+        valign = "center";
+      };
+    };
+  };
+}
diff --git a/modules/user/kitty.nix b/modules/user/kitty.nix
index a7a7601..ddc189a 100644
--- a/modules/user/kitty.nix
+++ b/modules/user/kitty.nix
@@ -9,10 +9,11 @@
     settings = {
       font_features = "-ss01 +ss19";
       enable_audio_bell = false;
+      color5 = config.catppuccin.hexcolors.mauve;
+      color13 = config.catppuccin.hexcolors.mauve;
+      window_margin_width = 5;
+      scrollback_pager = ''nvim --noplugin -c "set signcolumn=no showtabline=0" -c "silent write! /tmp/kitty_scrollback_buffer | te cat /tmp/kitty_scrollback_buffer - " -c "autocmd VimEnter * normal G"'';
+      scrollback_pager_history_size = 2;
     };
-    extraConfig = builtins.readFile (builtins.fetchurl {
-      url = "https://raw.githubusercontent.com/folke/tokyonight.nvim/eede574f9ef57137e6d7e4bab37b09db636c5a56/extras/kitty_tokyonight_night.conf";
-      sha256 = "0l9yl3qmgf7b10x7hy7q5hma0hsyamq3n14lfbw31cimm6snwim6";
-    });
   };
 }
diff --git a/modules/user/mpv.nix b/modules/user/mpv.nix
index c740392..6ef3da4 100644
--- a/modules/user/mpv.nix
+++ b/modules/user/mpv.nix
@@ -1,7 +1,7 @@
-{ config, pkgs, ... }: {
+{ pkgs, ... }: {
   programs.mpv = {
     enable = true;
-    package = pkgs.wrapMpv pkgs.mpv-unwrapped {
+    package = pkgs.mpv.override {
       youtubeSupport = true;
       scripts = [ pkgs.mpvScripts.mpris ];
     };
diff --git a/modules/user/neovim-minimal.nix b/modules/user/neovim-minimal.nix
index e319e38..392097d 100644
--- a/modules/user/neovim-minimal.nix
+++ b/modules/user/neovim-minimal.nix
@@ -9,11 +9,12 @@
     vimAlias = true;
     vimdiffAlias = true;
     withNodeJs = false;
+    withPython3 = false;
+    withRuby = false;
 
     plugins = with pkgs.vimPlugins; [
-      ctrlp-vim
+      fzf-vim
       lualine-nvim
-      nerdtree
       tokyonight-nvim
       vim-fugitive
       vim-nix
@@ -21,14 +22,7 @@
       vim-signify
       vim-surround
 
-      nvim-cmp
-      nvim-lspconfig
-      cmp-nvim-lsp
-      cmp_luasnip
-      luasnip
-
       (nvim-treesitter.withPlugins (p: with p; [
-        tree-sitter-comment
         tree-sitter-json
         tree-sitter-lua
         tree-sitter-nix
diff --git a/modules/user/neovim.nix b/modules/user/neovim.nix
index c90448b..2b8d4c1 100644
--- a/modules/user/neovim.nix
+++ b/modules/user/neovim.nix
@@ -1,9 +1,9 @@
-{ config, lib, pkgs, ... }:
+{ config, lib, pkgs, sysConfig, ... }:
 let
   luaconf = pkgs.writeText "config.lua"
     (lib.replaceStrings
-      ["{{OMNISHARP_PATH}}" "{{DART_PATH}}"]
-      ["${pkgs.omnisharp-roslyn}/bin/OmniSharp" "${pkgs.dart}/bin/dart"]
+      ["{{OMNISHARP_PATH}}" "{{DART_PATH}}" "{{CATPPUCCIN_FLAVOUR}}" "{{USERNAME}}" "{{HOSTNAME}}"]
+      ["${pkgs.omnisharp-roslyn}/bin/OmniSharp" "${pkgs.dart}/bin/dart" config.catppuccin.nvim.flavor config.home.username sysConfig.networking.hostName]
       (builtins.readFile ../../res/config.lua));
 in {
   systemd.user.tmpfiles.rules = [
@@ -17,33 +17,45 @@ in {
     vimdiffAlias = true;
     #package = pkgs.neovim-nightly;
     withNodeJs = true;
+    withPython3 = true;
+    withRuby = false;
 
     extraPackages = with pkgs; [
+      nixd
       rust-analyzer
-      nodePackages."@prisma/language-server"
-      nodePackages.diagnostic-languageserver
-      nodePackages.eslint_d
-      nodePackages.typescript-language-server
-      nodePackages.vscode-langservers-extracted
-      nodePackages.yaml-language-server
+      texlab
+      astro-language-server
+      tailwindcss-language-server
+      diagnostic-languageserver
+      eslint_d
+      typescript-language-server
+      vscode-langservers-extracted
+      yaml-language-server
     ];
 
     plugins = with pkgs.vimPlugins; [
+      autoclose-nvim
+      auto-save-nvim
       flutter-tools-nvim
       fzf-vim
       fzf-lsp-nvim
       lualine-nvim
+      nvim-ts-autotag
+      nvim-web-devicons
       plenary-nvim
       tokyonight-nvim
       vim-fugitive
+      vim-latex-live-preview
       vim-nix
       vim-repeat
       vim-signify
       vim-surround
+      vimtex
       lsp_signature-nvim
 
       nvim-cmp
       nvim-dap
+      nvim-highlight-colors
       nvim-lspconfig
       cmp-nvim-lsp
       cmp_luasnip
@@ -51,27 +63,33 @@ in {
 
       #(pkgs.me.nvim-treesitter-nightly.withPlugins (p: with p; [
       (nvim-treesitter.withPlugins (p: with p; [
+        tree-sitter-astro
         tree-sitter-bash
         tree-sitter-c
         tree-sitter-c-sharp
         tree-sitter-cpp
+        tree-sitter-groovy
         tree-sitter-html
+        tree-sitter-java
         tree-sitter-javascript
         tree-sitter-json
+        tree-sitter-kotlin
+        tree-sitter-latex
         tree-sitter-lua
         tree-sitter-markdown
         tree-sitter-nix
         tree-sitter-php
-        tree-sitter-prisma
         tree-sitter-python
         tree-sitter-query
         tree-sitter-regex
         tree-sitter-rust
+        tree-sitter-swift
         tree-sitter-toml
         tree-sitter-tsx
         tree-sitter-typescript
         tree-sitter-vim
         tree-sitter-vimdoc
+        tree-sitter-xml
         tree-sitter-yaml
       ]))
     ];
diff --git a/modules/user/pass.nix b/modules/user/pass.nix
deleted file mode 100644
index f1d4c3d..0000000
--- a/modules/user/pass.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-{ pkgs, ... }: {
-  programs.password-store = {
-    enable = true;
-    package = pkgs.pass.withExtensions (exts: with exts; [ pass-import pass-otp ]);
-  };
-}
diff --git a/modules/user/picom.nix b/modules/user/picom.nix
deleted file mode 100644
index 7c7d5e7..0000000
--- a/modules/user/picom.nix
+++ /dev/null
@@ -1,41 +0,0 @@
-{ config, ... }: {
-  services.picom = {
-    enable = true;
-
-    # blur = true;
-    # blurExclude = [
-    #   (builtins.concatStringsSep " && " [
-    #     "class_g != 'Alacritty'"
-    #     "class_g != 'kitty'"
-    #     #"class_g != 'Polybar'"
-    #     "class_g != 'URxvt'"
-    #   ])
-    # ];
-    fade = true;
-    fadeDelta = 5;
-    fadeSteps = [ 0.05 0.05 ];
-
-    opacityRules = [
-      "80:class_g = 'Alacritty' && !focused"
-      "95:class_g = 'kitty' && !focused"
-    ];
-    vSync = true;
-
-    settings = {
-      glx-no-stencil = true;
-      glx-copy-from-front = false;
-      glx-no-rebind-pixmap = true;
-      # https://github.com/yshui/picom/issues/578
-      glx-use-copysubbuffer-mesa = false;
-      use-damage = true;
-
-      detect-transient = true;
-      detect-client-leader = true;
-      detect-client-opacity = true;
-      detect-rounded-corners = true;
-      use-ewmh-active-win = true;
-      mark-wmwin-focused = true;
-      mark-ovredir-focused = true;
-    };
-  };
-}
diff --git a/modules/user/polybar.nix b/modules/user/polybar.nix
deleted file mode 100644
index ce71f38..0000000
--- a/modules/user/polybar.nix
+++ /dev/null
@@ -1,165 +0,0 @@
-{ config, ... }: {
-  services.polybar =
-  let
-    colours = {
-      background1 = "#1a1b26";
-      background2 = "#9d7cd8";
-      accent = "#c0caf5";
-      foreground2 = "#1a1b26";
-      foreground2trans = "#cc1a1b26";
-    };
-  in {
-    enable = true;
-    script = builtins.readFile ../../scripts/polybar.sh;
-    settings = {
-      "bar/scroller" = {
-        monitor = "DP-1";
-        width = "100%";
-        height = 1;
-        background = colours.background1;
-        spacing = 2;
-        override-redirect = true;
-
-        modules.center = "workspaces-stub";
-        scroll = {
-          up = "#workspaces-stub.prev";
-          down = "#workspaces-stub.next";
-        };
-      };
-
-      "bar/top" = {
-        monitor = "DP-1";
-        width = "100%";
-        height = 29;
-        background = colours.background1;
-        foreground = "#fff";
-        offset-y = 3;
-
-        spacing = 2;
-        padding = {
-          left = 5;
-          right = 5;
-          bottom = 5;
-        };
-        override-redirect = true;
-        wm-restack = "bspwm";
-
-        font = [
-          "NotoSans:style=SemiBold:size=11:antialias=true;2"
-          "NotoSans:size=11:antialias=true;2"
-          "MaterialIcons:size=17:antialias=true;6"
-          "Iosevka:style=Medium:antialias=false:size=19;4"
-
-          "HanaMinA:size=9.8;1"
-          "HanaMinB:size=9.8;1"
-        ];
-
-        modules = {
-          left = "left workspaces right";
-          center = "title";
-          right = "left datetime right";
-        };
-
-        enable-ipc = true;
-        scroll = {
-          up = "#workspaces.prev";
-          down = "#workspaces.next";
-        };
-      };
-
-      "module/left" = {
-        type = "custom/text";
-
-        content = {
-          text = "%{T4}";
-          background = colours.background1;
-          foreground = colours.background2;
-        };
-      };
-
-      "module/right" = {
-        type = "custom/text";
-
-        content = {
-          text = "%{T4}";
-          background = colours.background1;
-          foreground = colours.background2;
-        };
-      };
-
-      "module/workspaces" = {
-        type = "internal/bspwm";
-
-        pin-workspaces = true;
-        enable-click = true;
-        enable-scroll = false;
-        reverse-scroll = false;
-
-        label = {
-          monitor = "";
-          focused = {
-            text = "%{T3}"; # ef4a
-            background = colours.background2;
-            foreground = colours.accent;
-          };
-          occupied = {
-            text = "%{T3}"; # e837
-            background = colours.background2;
-            foreground = colours.background1;
-          };
-          empty = {
-            text = "%{T3}"; # ef4a
-            background = colours.background2;
-            foreground = colours.background1;
-          };
-          urgent = {
-            text = "%{T3}"; # e837
-            background = colours.background2;
-            foreground = colours.background1;
-          };
-
-          separator = {
-            text = " ";
-            background = colours.background2;
-            padding = "0";
-          };
-        };
-      };
-
-      "module/workspaces-stub" = {
-        type = "internal/bspwm";
-        pin-workspaces = true;
-        enable-click = false;
-        enable-scroll = false;
-        reverse-scroll = false;
-        label = {
-          monitor = "";
-          focused = "";
-          occupied = "";
-          empty = "";
-          urgent = "";
-          separator = "";
-        };
-      };
-
-      "module/title" = {
-        type = "internal/xwindow";
-        format = {
-          text = "%{T1}<label>";
-          padding = 4;
-        };
-      };
-
-      "module/datetime" = {
-        type = "internal/date";
-        date = {
-          text = "%{T1}%%{F${colours.foreground2}}%H:%M%%{F-}";
-          alt = "%{T2}%%{F${colours.foreground2trans}}%A, %d %B %Y  %{T1}%%{F${colours.foreground2}}%H:%M%%{F${colours.foreground2trans}}:%{T2}%S%%{F-}";
-        };
-        format = {
-          background = colours.background2;
-        };
-      };
-    };
-  };
-}
diff --git a/modules/user/rofi-wayland.nix b/modules/user/rofi-wayland.nix
deleted file mode 100644
index 6bb85a0..0000000
--- a/modules/user/rofi-wayland.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ config, pkgs, ... }: {
-  programs.rofi = {
-    enable = true;
-    package = pkgs.rofi-wayland;
-    theme = "theme";
-  };
-  xdg.configFile."rofi/theme.rasi".source = ../../res/theme.rasi;
-}
diff --git a/modules/user/rofi.nix b/modules/user/rofi.nix
index 45fcc4d..1f11d06 100644
--- a/modules/user/rofi.nix
+++ b/modules/user/rofi.nix
@@ -1,7 +1,22 @@
-{ config, inputs, ... }: {
+{ config, pkgs, ... }:
+let
+  theme = pkgs.stdenvNoCC.mkDerivation {
+    pname = "rofi-theme";
+    version = "1.0.0";
+    dontUnpack = true;
+    installPhase = ''
+      cp ${../../res/theme.rasi} $out
+      substituteInPlace $out \
+        --replace-fail "CAT_BACKGROUND" "${config.catppuccin.hexcolors.crust}" \
+        --replace-fail "CAT_TEXT" "${config.catppuccin.hexcolors.text}" \
+        --replace-fail "CAT_ACCENT" "${config.catppuccin.hexcolors.${config.catppuccin.accent}}" \
+        --replace-fail "CAT_PLACEHOLDER" "${config.catppuccin.hexcolors.overlay1}"
+    '';
+  };
+in {
   programs.rofi = {
     enable = true;
     theme = "theme";
   };
-  xdg.configFile."rofi/theme.rasi".source = ../../res/theme.rasi;
+  xdg.configFile."rofi/theme.rasi".source = theme;
 }
diff --git a/modules/user/sessionVariables.nix b/modules/user/sessionVariables.nix
index ef9caab..22a6b09 100644
--- a/modules/user/sessionVariables.nix
+++ b/modules/user/sessionVariables.nix
@@ -6,7 +6,6 @@
       "$PATH"
     ];
 
-    XAUTHORITY = "$XDG_RUNTIME_DIR/Xauthority";
     EDITOR = "nvim";
 
     _JAVA_OPTIONS = "-Djava.util.prefs.userRoot=${config.xdg.configHome}/java";
@@ -22,7 +21,6 @@
     NPM_CONFIG_USERCONFIG = "${config.xdg.configHome}/npm/npmrc";
     PUB_CACHE = "${config.xdg.cacheHome}/dart";
     WGETRC = "${config.xdg.configHome}/wgetrc";
-    XINITRC = "${config.xdg.configHome}/xorg/xinitrc";
 
     WINEPREFIX = "${config.xdg.dataHome}/wine64";
     WINEARCH = "win64";
diff --git a/modules/user/spicetify.nix b/modules/user/spicetify.nix
index 8158246..ec854c4 100644
--- a/modules/user/spicetify.nix
+++ b/modules/user/spicetify.nix
@@ -1,40 +1,50 @@
-{ config, inputs, pkgs, ... }:
+{ config, inputs, lib, pkgs, ... }:
 let
-  spicePkgs = inputs.spicetify-nix.packages.${pkgs.system}.default;
-  #adblock = inputs.spotify-adblock.defaultPackage.x86_64-linux;
-  adblock = pkgs.me.spotify-adblock;
+  spicePkgs = inputs.spicetify-nix.legacyPackages.${pkgs.system};
 in
 {
-  imports = [ inputs.spicetify-nix.homeManagerModule ];
+  imports = [ inputs.spicetify-nix.homeManagerModules.spicetify ];
 
   programs.spicetify = {
-    spotifyPackage = pkgs.spotify-unwrapped.overrideAttrs(o: {
-      installPhase = pkgs.lib.replaceStrings ["--prefix PATH"] [
-        ''--prefix SPOTIFY_ADBLOCK_CONFIG : ${adblock}/lib/config.toml \
-          --prefix LD_PRELOAD : ${adblock}/lib/libspotifyadblock.so \
-          --prefix PATH''] o.installPhase;
-    });
-
     enable = true;
-    theme = spicePkgs.themes.Dribbblish // {
-      #src = inputs.spicetify-themes;
-      extraCommands = "spicetify-cli --no-restart config experimental_features 1";
-      #requiredExtensions = [((builtins.head spicePkgs.themes.Dribbblish.requiredExtensions) // { filename = "theme.js"; }) ];
-    };
-    colorScheme = "purple";
+    alwaysEnableDevTools = true;
+    theme = spicePkgs.themes.catppuccin // {
+      additionalCss = ''
+        /* Removes "About the artist" text in now playing menu */
+        .main-nowPlayingView-sectionHeaderText {
+          display: none;
+        }
 
+        /* Removes gradient in now playing menu */
+        .main-nowPlayingView-contextItemInfo:before {
+          background: none;
+        }
+
+        /* Removes gradient above artist image */
+        /* https://stackoverflow.com/a/77015731 < this is so smart */
+        .main-nowPlayingView-aboutArtistV2ImageContainer.main-nowPlayingView-aboutArtistV2Image {
+          background-size: 0% 0%, cover;
+        }
+      '';
+    };
+    colorScheme = config.catppuccin.flavor;
+
+    enabledSnippets = with spicePkgs.snippets; [
+      removeGradient
+    ];
     enabledCustomApps = with spicePkgs.apps; [
-      lyrics-plus
+      lyricsPlus
     ];
     enabledExtensions = with spicePkgs.extensions; [
-      fullAppDisplayMod
-      shuffle # shuffle+ (special characters are sanitized out of ext names)
+      fullAppDisplay
+      shuffle
       hidePodcasts
 
-      skipStats
       songStats
       history
       volumePercentage
     ];
   };
+
+  home.file.".local/bin/spotify".source = lib.getExe config.programs.spicetify.spicedSpotify;
 }
diff --git a/modules/user/sxhkd.nix b/modules/user/sxhkd.nix
deleted file mode 100644
index b2bda2b..0000000
--- a/modules/user/sxhkd.nix
+++ /dev/null
@@ -1,65 +0,0 @@
-{ config, pkgs, ... }:
-let
-  super = "Mod4";
-  alt = "Mod1";
-in {
-  services.sxhkd = {
-    enable = true;
-    keybindings = {
-      # Dunst (Notification daemon)
-      "super + grave" = "dunstctl history-pop";
-      "super + shift + period" = "dunstctl context";
-      "super + shift + space" = "dunstctl close-all";
-
-      # Rofi (App launcher)
-      "super + Return" = "rofi -lines 12 -padding 18 -width 60 -location 0 -show drun -sidebar-mode -columns 3 -font 'Noto Sans 8'";
-
-      # Printscreen
-      "Print" = "maim -us | tee ~/Pictures/Screenshots/$(date +%s)c.png | xclip -selection clipboard -t image/png";
-      "shift + Print" = "maim -u | tee ~/Pictures/Screenshots/$(date +%s).png | xclip -selection clipboard -t image/png";
-
-      # Quick-kill picom
-      "super + p" = "systemctl --user stop picom";
-      "super + shift + p" = "systemctl --user restart picom";
-
-      # Volume
-      "XF86Audio{RaiseVolume,LowerVolume,Mute}" = "pamixer -{i 5,d 5,t}";
-
-      # Brightness
-      "XF86MonBrightness{Up,Down}" = "light -{A,U} 10";
-      "shift + XF86MonBrightness{Up,Down}" = "light -{A,U} 1";
-
-      # Gamma
-      "ctrl + XF86MonBrightness{Up,Down}" = "xgamma -gamma {1.3,1}";
-
-      "Super_L" = "eww open mainbar";
-      "@Super_L" = "eww close mainbar";
-
-      # Kill focused window
-      "super + {_,shift + }c" = "bspc node -{c,k}";
-
-      # Change focus
-      "super + {h,j,k,l}" = "bspc node -f {west,south,north,east}";
-      "super + {Left,Down,Up,Right}" = "bspc node -f {west,south,north,east}";
-
-      # Switch windows
-      "super + shift + {h,j,k,l}" = "bspc node -s {west,south,north,east}";
-      "super + shift + {Left,Down,Up,Right}" = "bspc node -s {west,south,north,east}";
-
-      # Move focused window
-      "super + shift + {1-9,0}" = "bspc node -d ^{1-9,10}";
-
-      # Toggle tiled/fullscreen/floating
-      "super + {t,f,space}" = "bspc node -t '~{tiled,fullscreen,floating}'";
-
-      # Exit / Restart bspwm
-      "super + shift + {q,r}" = "bspc {quit,wm -r}";
-
-      # Restart sxhkd
-      "super + shift + s" = "pkill -USR1 -x sxhkd";
-
-      # Workspace switching
-      "super + {1-9,0}" = "bspc desktop -f ^{1-9,10}";
-    };
-  };
-}
diff --git a/modules/user/theming.nix b/modules/user/theming.nix
index 3cfd758..00ab88f 100644
--- a/modules/user/theming.nix
+++ b/modules/user/theming.nix
@@ -7,20 +7,22 @@
       name = "Open Sans";
       size = 11;
     };
-    iconTheme = {
-      package = pkgs.yaru-theme;
-      name = "Yaru";
+    gtk3.extraConfig = {
+      gtk-application-prefer-dark-theme = if config.catppuccin.flavor == "latte" then "0" else "1";
     };
-    theme = {
-      name = "Materia-dark";
-      package = pkgs.materia-theme;
+    gtk4.extraConfig = {
+      gtk-application-prefer-dark-theme = if config.catppuccin.flavor == "latte" then "0" else "1";
     };
   };
 
+  dconf.settings = {
+    "org/gnome/desktop/interface".color-scheme = if config.catppuccin.flavor == "latte" then "prefer-light" else "prefer-dark";
+  };
+
   home.pointerCursor = {
     package = pkgs.yaru-theme;
     name = "Yaru";
-    size = 16;
+    size = 24;
     gtk.enable = true;
     x11.enable = true;
   };
diff --git a/modules/user/xorg.nix b/modules/user/xorg.nix
deleted file mode 100644
index b8ba9da..0000000
--- a/modules/user/xorg.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-{ config, ... }: {
-
-  xsession = {
-    enable = true;
-    profilePath = ".config/xorg/xprofile";
-    scriptPath = ".config/xorg/xsession";
-  };
-
-  xdg.configFile."xorg/xinitrc".source = ../../scripts/xinitrc;
-  xresources = {
-    path = "${config.xdg.configHome}/xorg/xresources";
-    properties = {
-      # special
-      "*.foreground" =  "#c5c8c6";
-      "*.background" =  "#1d1f21";
-      "*.cursorColor" = "#c5c8c6";
-
-      # black
-      "*.color0" =      "#1d1f21";
-      "*.color8" =      "#969896";
-
-      # red
-      "*.color1" =      "#cc342b";
-      "*.color9" =      "#cc342b";
-
-      # green
-      "*.color2" =      "#198844";
-      "*.color10" =     "#198844";
-
-      # yellow
-      "*.color3" =      "#fba922";
-      "*.color11" =     "#fba922";
-
-      # blue
-      "*.color4" =      "#3971ed";
-      "*.color12" =     "#3971ed";
-
-      # magenta
-      "*.color5" =      "#a36ac7";
-      "*.color13" =     "#a36ac7";
-
-      # cyan
-      "*.color6" =      "#3971ed";
-      "*.color14" =     "#3971ed";
-
-      # white
-      "*.color7" =      "#c5c8c6";
-      "*.color15" =     "#ffffff";
-    };
-  };
-}
diff --git a/modules/user/zsh.nix b/modules/user/zsh.nix
index fec1e38..1eb736c 100644
--- a/modules/user/zsh.nix
+++ b/modules/user/zsh.nix
@@ -38,7 +38,8 @@ let
     jf = "doas journalctl -f";
 
     fl = "cd ~/Projects/flakes";
-    nr = "doas nixos-rebuild switch --flake .#${sysConfig.networking.hostName} -v -L";
+    nr = "nh os switch";
+    nb = "nh os boot";
 
     gs = "git status";
     ga = "git add";
@@ -97,11 +98,13 @@ let
     bindkey -M vicmd 'k' history-substring-search-up
     bindkey -M vicmd 'j' history-substring-search-down
   '';
+  disableExecute = ''
+    bindkey -a -r ':'
+  '';
 in {
-  programs.command-not-found.enable = true;
   programs.zsh = {
     enable = true;
-    dotDir = ".config/zsh";
+    dotDir = "${config.xdg.configHome}/zsh";
 
     autocd = true;
     defaultKeymap = "viins";
@@ -114,14 +117,6 @@ in {
     };
 
     enableCompletion = true;
-    initExtraBeforeCompInit = ''
-      fpath+=(/run/current-system/sw/share/zsh/site-functions)
-      zstyle ':completion:*' completer _complete
-      zstyle ':completion:*' matcher-list "" 'm:{[:lower:][:upper:]-_}={[:upper:][:lower:]_-}' '+l:|=* r:|=*'
-      zstyle ':completion:*' menu select
-      _comp_options+=(globdots)
-      zmodload zsh/complist
-    '';
 
     localVariables = {
       KEYTIMEOUT = "1";
@@ -135,15 +130,26 @@ in {
       ls = "ls --color=auto --group-directories-first -v";
       diff = "diff -Naur --color=auto";
     };
-    initExtraFirst = ''
-      autoload -U colors && colors
-    '';
-    initExtra = lib.concatStringsSep "\n" [
-      pure
-      cursorShape
-      direnv
-      genAbbrs
-      viExtraNav
+    initContent = lib.mkMerge [
+      (lib.mkBefore ''
+        autoload -U colors && colors
+      '')
+      (lib.mkOrder 550 ''
+        fpath+=(/run/current-system/sw/share/zsh/site-functions)
+        zstyle ':completion:*' completer _complete
+        zstyle ':completion:*' matcher-list "" 'm:{[:lower:][:upper:]-_}={[:upper:][:lower:]_-}' '+l:|=* r:|=*'
+        zstyle ':completion:*' menu select
+        _comp_options+=(globdots)
+        zmodload zsh/complist
+      '')
+      (lib.concatStringsSep "\n" [
+        pure
+        cursorShape
+        direnv
+        genAbbrs
+        viExtraNav
+        disableExecute
+      ])
     ];
 
     plugins = builtins.map (e: pluginFromInput e) [
diff --git a/overlays/android-studio.nix b/overlays/android-studio.nix
deleted file mode 100644
index 413dfad..0000000
--- a/overlays/android-studio.nix
+++ /dev/null
@@ -1,27 +0,0 @@
-self: { bash, buildFHSEnv, cacert, ncurses5, runCommand, ... } @ super:
-let
-  drvName = super.android-studio.name;
-  fhsEnv = buildFHSEnv {
-    name = "${drvName}-fhs-env";
-    # google's analytics calls jdk's getOperatingSystemMXBean which tries to parse cgroups and ultimately fails for whatever reason with an npe
-    unshareCgroup = false;
-    multiPkgs = pkgs: [
-      ncurses5
-
-      (runCommand "fedoracert" {}
-        ''
-        mkdir -p $out/etc/pki/tls/
-        ln -s ${cacert}/etc/ssl/certs $out/etc/pki/tls/certs
-        '')
-    ];
-  };
-
-  startScript = ''
-    #!${bash}/bin/bash
-    ${fhsEnv}/bin/${drvName}-fhs-env ${super.android-studio.passthru.unwrapped}/bin/studio.sh "$@"
-  '';
-in {
-  android-studio = super.android-studio.overrideAttrs(_: {
-    inherit startScript;
-  });
-}
diff --git a/overlays/bitwarden-desktop.nix b/overlays/bitwarden-desktop.nix
new file mode 100644
index 0000000..2d7be24
--- /dev/null
+++ b/overlays/bitwarden-desktop.nix
@@ -0,0 +1,19 @@
+# https://github.com/NixOS/nixpkgs/pull/374068
+self: super: {
+  bitwarden-desktop = super.bitwarden-desktop.overrideAttrs (o: {
+    preBuild = o.preBuild + ''
+      pushd apps/desktop/desktop_native/proxy
+      cargo build --offline --bin desktop_proxy --release
+      popd
+    '';
+    installPhase = builtins.replaceStrings ["runHook preInstall"] [''
+      runHook preInstall
+
+      install -Dm755 -t $out/bin apps/desktop/desktop_native/target/release/desktop_proxy
+
+      mkdir -p $out/lib/mozilla/native-messaging-hosts
+      substituteAll ${./patches/firefox-native-messaging-host.json} $out/lib/mozilla/native-messaging-hosts/com.8bit.bitwarden.json
+
+    ''] o.installPhase;
+  });
+}
diff --git a/overlays/cascadia-code.nix b/overlays/cascadia-code.nix
new file mode 100644
index 0000000..59ce553
--- /dev/null
+++ b/overlays/cascadia-code.nix
@@ -0,0 +1,12 @@
+self: super: {
+  cascadia-code = super.cascadia-code.overrideAttrs(o: {
+    installPhase = (builtins.replaceStrings ["runHook postInstall"] [""] o.installPhase) + ''
+      install -Dm644 otf/static/*.otf -t $out/share/fonts/opentype
+      install -Dm644 ttf/static/*.ttf -t $out/share/fonts/truetype
+      rm $out/share/fonts/opentype/*NF*
+      rm $out/share/fonts/truetype/*NF*
+      runHook postInstall
+    '';
+
+  });
+}
diff --git a/overlays/corectrl.nix b/overlays/corectrl.nix
deleted file mode 100644
index 1629a7e..0000000
--- a/overlays/corectrl.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-self: super: {
-  # copied from nixpkgs 94d828a5033b688af09b02983aad37ecf529bf3c to fix corectrl build failure on linux 6.6
-  # awaiting merge into unstable
-
-  corectrl = super.corectrl.overrideAttrs (old: rec {
-    version = "1.3.8";
-    src = self.fetchFromGitLab {
-      owner = "corectrl";
-      repo = "corectrl";
-      rev = "v${version}";
-      sha256 = "sha256-lc6yWzJiSzGKMzJIpgOtirJONsh49vXWDWrhLV/erwQ=";
-    };
-
-    patches = [ ./patches/corectrl.patch ];
-  });
-}
diff --git a/overlays/default.nix b/overlays/default.nix
index d6c9151..cbe3e7e 100644
--- a/overlays/default.nix
+++ b/overlays/default.nix
@@ -1,12 +1,12 @@
 builtins.map (path: import path) [
-  ./android-studio.nix
+  ./bitwarden-desktop.nix
+  ./cascadia-code.nix
   ./ccache.nix
-  ./corectrl.nix
-  ./discord.nix
   ./eww.nix
+  ./jetbrains.nix
   ./material-icons.nix
-  ./picom.nix
-  ./rofi.nix
+  ./openldap.nix
   ./steam.nix
-  ./xinit.nix
+  ./utillinux.nix
+  ./wpa-supplicant.nix
 ]
diff --git a/overlays/discord.nix b/overlays/discord.nix
deleted file mode 100644
index badb6d3..0000000
--- a/overlays/discord.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-self: super: {
-  discord-canary = super.discord-canary.override rec {
-    version = "0.0.166";
-    src = builtins.fetchurl {
-      url = "https://dl-canary.discordapp.net/apps/linux/${version}/discord-canary-${version}.tar.gz";
-      sha256 = "02sa34jjwwpf82w492qpk9k2jjfg2lkh1f2z4w5l0zyll6jwjikd";
-    };
-  };
-}
diff --git a/overlays/eww.nix b/overlays/eww.nix
index bea0aec..8d89aa1 100644
--- a/overlays/eww.nix
+++ b/overlays/eww.nix
@@ -1,5 +1,5 @@
 self: super: {
-  eww = (super.eww.override { withWayland = true; }).overrideAttrs (old: rec {
+  eww = super.eww.overrideAttrs (old: rec {
     patches = old.patches ++ [
       # Use normal scroll events instead of smooth scroll ( due to https://bugzilla.gnome.org/show_bug.cgi?id=675959 )
       ./patches/eww.patch
diff --git a/overlays/jetbrains.nix b/overlays/jetbrains.nix
new file mode 100644
index 0000000..dd1d1ad
--- /dev/null
+++ b/overlays/jetbrains.nix
@@ -0,0 +1,22 @@
+# https://github.com/NixOS/nixpkgs/issues/375254
+self: super: {
+  jetbrains = super.jetbrains // {
+    gateway = let
+      unwrapped = super.jetbrains.gateway;
+    in super.buildFHSEnv {
+      name = "gateway";
+      inherit (unwrapped) version;
+
+      runScript = super.writeScript "gateway-wrapper" ''
+        unset JETBRAINS_CLIENT_JDK
+        exec ${unwrapped}/bin/gateway "$@"
+      '';
+
+      meta = unwrapped.meta;
+
+      passthru = {
+        inherit unwrapped;
+      };
+    };
+  };
+}
diff --git a/overlays/linux-lava.nix b/overlays/linux-lava.nix
new file mode 100644
index 0000000..321532f
--- /dev/null
+++ b/overlays/linux-lava.nix
@@ -0,0 +1,26 @@
+self: super: let
+  llvmPackages = super.llvmPackages_19;
+  clangVersion = super.lib.versions.major llvmPackages.libclang.version;
+  addFlagsScript = "$out/nix-support/add-local-cc-cflags-before.sh";
+  cc = llvmPackages.stdenv.cc.override {
+    # :sob: see https://github.com/NixOS/nixpkgs/issues/142901
+    bintools = llvmPackages.bintools;
+
+    # https://github.com/NixOS/nixpkgs/issues/368850
+    extraBuildCommands = ''
+      cat <(echo "NIX_CC_WRAPPER_SUPPRESS_TARGET_WARNING=1") "${addFlagsScript}" > "${addFlagsScript}.new"
+      mv "${addFlagsScript}.new" "${addFlagsScript}"
+      substituteInPlace "$out/nix-support/cc-cflags" --replace " -nostdlibinc" ""
+      echo " -resource-dir=${llvmPackages.libclang.lib}/lib/clang/${clangVersion}" >> $out/nix-support/cc-cflags
+    '';
+  };
+  stdenv = super.overrideCC llvmPackages.stdenv cc;
+  ccacheStdenv = super.ccacheStdenv.override { inherit stdenv; };
+in {
+  linuxLavaEnv = {
+    inherit llvmPackages clangVersion cc stdenv ccacheStdenv;
+  };
+  rust-bindgen-unwrapped = super.rust-bindgen-unwrapped.override {
+    clang = cc;
+  };
+}
diff --git a/overlays/openldap.nix b/overlays/openldap.nix
new file mode 100644
index 0000000..f9b2b46
--- /dev/null
+++ b/overlays/openldap.nix
@@ -0,0 +1,9 @@
+self: super: {
+  # openldap i686 fails checks
+  # issue: https://github.com/NixOS/nixpkgs/issues/514113
+  # workaround: https://github.com/NixOS/nixpkgs/issues/513245#issuecomment-4320293674
+  # fix: https://github.com/NixOS/nixpkgs/pull/515956
+  openldap = super.openldap.overrideAttrs {
+    doCheck = !self.stdenv.hostPlatform.isi686;
+  };
+}
diff --git a/overlays/patches/corectrl.patch b/overlays/patches/corectrl.patch
deleted file mode 100644
index beaef3b..0000000
--- a/overlays/patches/corectrl.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-diff --git a/src/helper/CMakeLists.txt b/src/helper/CMakeLists.txt
-index 3fe2ace..2542ea1 100644
---- a/src/helper/CMakeLists.txt
-+++ b/src/helper/CMakeLists.txt
-@@ -22,15 +22,7 @@ message("D-Bus files will be installed into ${DBUS_DATADIR_PREFIX_DIR}/dbus-1")
- 
- # Find polkit
- pkg_check_modules(POLKIT REQUIRED polkit-gobject-1)
--execute_process(
--  COMMAND pkg-config --variable=policydir polkit-gobject-1
--  RESULT_VARIABLE POLKIT_POLICY_INSTALL_DIR_RESULT
--  OUTPUT_VARIABLE POLKIT_POLICY_INSTALL_DIR
--  OUTPUT_STRIP_TRAILING_WHITESPACE
--)
--if(NOT POLKIT_POLICY_INSTALL_DIR_RESULT EQUAL "0")
--  message(FATAL_ERROR "Failed to retrieve Polkit `policydir` variable using pkg-config")
--endif()
-+option(POLKIT_POLICY_INSTALL_DIR "Polkit policy directory")
- 
- list(APPEND HELPER_COMPILE_DEFINITIONS
-   ELPP_THREAD_SAFE
diff --git a/overlays/patches/firefox-native-messaging-host.json b/overlays/patches/firefox-native-messaging-host.json
new file mode 100644
index 0000000..e9f5f99
--- /dev/null
+++ b/overlays/patches/firefox-native-messaging-host.json
@@ -0,0 +1,7 @@
+{
+  "name": "com.8bit.bitwarden",
+  "description": "Bitwarden desktop <-> browser bridge",
+  "path": "@out@/bin/desktop_proxy",
+  "type": "stdio",
+  "allowed_extensions": ["{446900e4-71c2-419f-a6a7-df9c091e268b}"]
+}
diff --git a/overlays/patches/startx.patch b/overlays/patches/startx.patch
deleted file mode 100644
index aba345e..0000000
--- a/overlays/patches/startx.patch
+++ /dev/null
@@ -1,13 +0,0 @@
-diff --git a/startx.cpp b/startx.cpp
-index 125c398..296b29f 100644
---- a/startx.cpp
-+++ b/startx.cpp
-@@ -270,7 +270,7 @@ if [ x"$enable_xauth" = x1 ] ; then
-     dummy=0
- 
-     XCOMM create a file with auth information for the server. ':0' is a dummy.
--    xserverauthfile=$HOME/.serverauth.$$
-+    xserverauthfile=$XAUTHORITY
-     trap "rm -f '$xserverauthfile'" HUP INT QUIT ILL TRAP BUS TERM
-     xauth -q -f "$xserverauthfile" << EOF
- add :$dummy . $mcookie
diff --git a/overlays/patches/wpa-supplicant.patch b/overlays/patches/wpa-supplicant.patch
new file mode 100644
index 0000000..7c27be4
--- /dev/null
+++ b/overlays/patches/wpa-supplicant.patch
@@ -0,0 +1,13 @@
+diff --git a/wpa_supplicant/systemd/wpa_supplicant.service.in b/wpa_supplicant/systemd/wpa_supplicant.service.in
+index 58a6228..fbe7de3 100644
+--- a/wpa_supplicant/systemd/wpa_supplicant.service.in
++++ b/wpa_supplicant/systemd/wpa_supplicant.service.in
+@@ -7,7 +7,7 @@ Wants=network.target
+ [Service]
+ Type=dbus
+ BusName=fi.w1.wpa_supplicant1
+-ExecStart=@BINDIR@/wpa_supplicant -u
++ExecStart=@BINDIR@/wpa_supplicant -u -q
+ 
+ [Install]
+ WantedBy=multi-user.target
diff --git a/overlays/picom.nix b/overlays/picom.nix
deleted file mode 100644
index d5b7ef4..0000000
--- a/overlays/picom.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-self: super: {
-  picom = super.picom.overrideAttrs (old: {
-    src = super.fetchFromGitHub {
-      repo = "picom";
-      owner = "yshui";
-      rev = "31e58712ec11b198340ae217d33a73d8ac73b7fe";
-      sha256 = "1hg5jfpknbcv9scaghpy2nbrg9cxwm8mkh6znpgbbzr05g7ch6al";
-    };
-  });
-}
diff --git a/overlays/rofi.nix b/overlays/rofi.nix
deleted file mode 100644
index 028cd9a..0000000
--- a/overlays/rofi.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-self: super: {
-  rofi-unwrapped = super.rofi-unwrapped.overrideAttrs (_: rec {
-    version = "1.7.2";
-
-    src = super.fetchFromGitHub {
-      owner = "davatorium";
-      repo = "rofi";
-      rev = version;
-      fetchSubmodules = true;
-      sha256 = "0yarkzhn7vxqxafmz196kvklzwdxygbhd0d29gxm7lrfba8brdxy";
-    };
-  });
-}
diff --git a/overlays/steam.nix b/overlays/steam.nix
index 5478dba..d3514f5 100644
--- a/overlays/steam.nix
+++ b/overlays/steam.nix
@@ -5,9 +5,5 @@ self: super: {
       keyutils
       gamescope
     ];
-
-    extraLibraries = pkgs: with pkgs; [
-      openssl_1_1
-    ];
   };
 }
diff --git a/overlays/utillinux.nix b/overlays/utillinux.nix
new file mode 100644
index 0000000..20db08a
--- /dev/null
+++ b/overlays/utillinux.nix
@@ -0,0 +1,4 @@
+self: super: {
+  # Waiting for nixpkgs#349783
+  utillinux = self.util-linux;
+}
diff --git a/overlays/wpa-supplicant.nix b/overlays/wpa-supplicant.nix
new file mode 100644
index 0000000..1a2cf86
--- /dev/null
+++ b/overlays/wpa-supplicant.nix
@@ -0,0 +1,6 @@
+self: super: {
+  # Thanks https://discourse.nixos.org/t/journal-logs-spammed-with-ctrl-event-scan-failed/56316/5
+  wpa_supplicant = super.wpa_supplicant.overrideAttrs(o: {
+    patches = o.patches ++ [ ./patches/wpa-supplicant.patch ];
+  });
+}
diff --git a/overlays/xinit.nix b/overlays/xinit.nix
deleted file mode 100644
index 6d0daed..0000000
--- a/overlays/xinit.nix
+++ /dev/null
@@ -1,10 +0,0 @@
-self: super: {
-  xorg = super.xorg // {
-    xinit = super.xorg.xinit.overrideAttrs (old: {
-      # Some info:
-      # - Make startx use $XAUTHORITY as server auth files instead of .serverauth.$$
-      # - Make startx respect $XINITRC and $XSERVERRC
-      patches = (old.patches or []) ++ [ ./patches/startx.patch ];
-    });
-  };
-}
diff --git a/packages/default.nix b/packages/default.nix
index da90b36..4ae8658 100644
--- a/packages/default.nix
+++ b/packages/default.nix
@@ -1,17 +1,12 @@
 {
   callPackage,
+  linuxLavaNixpkgs,
   inputs
-}: rec {
-  discord-tokyonight = callPackage ./discord-tokyonight { inherit inputs; };
-  discover-overlay = callPackage ./discover { inherit inputs; };
-  epson-201112j = callPackage ./epson-201112j { };
-  linux-lava = callPackage ./linux-lava { inherit inputs; };
+}: {
+  linux-lava = linuxLavaNixpkgs.callPackage ./linux-lava { inherit inputs; };
   nvim-treesitter-nightly = callPackage ./nvim-treesitter-nightly { inherit inputs; };
-  packwiz = callPackage ./packwiz { inherit inputs; };
+  psensor = callPackage ./psensor { };
   spotify-adblock = callPackage ./spotify-adblock { inherit inputs; };
-  tetrio-desktop = callPackage ./tetrio/base.nix { };
-  tetrio-desktop-plus = callPackage ./tetrio/plus.nix { inherit tetrio-desktop; };
-  tree-sitter-glimmer = callPackage ./tree-sitter-glimmer { inherit inputs; };
   tree-sitter-jsonc = callPackage ./tree-sitter-jsonc { inherit inputs; };
   wine-discord-ipc-bridge = callPackage ./wine-discord-ipc-bridge { inherit inputs; };
 }
diff --git a/packages/discord-tokyonight/default.nix b/packages/discord-tokyonight/default.nix
deleted file mode 100644
index d9a3832..0000000
--- a/packages/discord-tokyonight/default.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{
-  inputs,
-  stdenvNoCC
-}:
-stdenvNoCC.mkDerivation {
-  pname = "discord-tokyonight";
-  version = "1.0.0";
-  dontUnpack = true;
-  installPhase = ''
-    cp -r ${inputs.discord-tokyonight} $out
-    chmod u+w $out
-    cp ${./powercord_manifest.json} $out/powercord_manifest.json
-  '';
-}
diff --git a/packages/discord-tokyonight/powercord_manifest.json b/packages/discord-tokyonight/powercord_manifest.json
deleted file mode 100644
index 16efa69..0000000
--- a/packages/discord-tokyonight/powercord_manifest.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-    "version": "1.0",
-    "name": "Tokyo Night Colours",
-    "author": "DanisDGK",
-    "license": "MIT",
-    "theme": "colors/tokyonight_night.css",
-    "description": "Tokyonight colourscheme"
-}
diff --git a/packages/discover/default.nix b/packages/discover/default.nix
deleted file mode 100644
index 883fdf6..0000000
--- a/packages/discover/default.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ inputs
-, python3Packages
-, gtk3
-, gobject-introspection
-, wrapGAppsHook
-, ...
-}:
-python3Packages.buildPythonApplication {
-  pname = "discover-overlay";
-  version = "1.0";
-  src = inputs.discover;
-
-  nativeBuildInputs = [
-    wrapGAppsHook
-  ];
-  propagatedBuildInputs = with python3Packages; [
-    gtk3
-    gobject-introspection
-    pygobject3
-    websocket-client
-    pyxdg
-    requests
-    python-pidfile
-    pillow
-  ];
-}
diff --git a/packages/epson-201112j/default.nix b/packages/epson-201112j/default.nix
deleted file mode 100644
index 6424a46..0000000
--- a/packages/epson-201112j/default.nix
+++ /dev/null
@@ -1,75 +0,0 @@
-{ lib, stdenv, fetchurl, rpmextract, autoreconfHook, file, libjpeg, cups }:
-
-let
-  version = "1.0.0";
-  filterVersion = "1.0.0";
-in
-  stdenv.mkDerivation {
-    pname = "epson-201112j";
-    inherit version;
-
-    src = fetchurl {
-      # NOTE: Don't forget to update the webarchive link too!
-      urls = [
-        "http://download.ebz.epson.net/dsc/f/01/00/01/68/36/cbf6cf36263b5a6c4f370266f2479556cd665d7c/epson-inkjet-printer-201112j-${version}-1lsb3.2.src.rpm"
-      ];
-
-      sha256 = "sha256-+n5QQDMgEjKYFlH62bVAZRtr0GjyG8yDahPquOjIZWA=";
-    };
-
-    nativeBuildInputs = [ rpmextract autoreconfHook file ];
-
-    buildInputs = [ libjpeg cups ];
-
-    unpackPhase = ''
-      rpmextract $src
-      tar -zxf epson-inkjet-printer-201112j-${version}.tar.gz
-      tar -zxf epson-inkjet-printer-filter-${filterVersion}.tar.gz
-      for ppd in epson-inkjet-printer-201112j-${version}/ppds/*; do
-        substituteInPlace $ppd --replace "/opt/epson-inkjet-printer-201112j" "$out"
-        substituteInPlace $ppd --replace "/cups/lib" "/lib/cups"
-      done
-      cd epson-inkjet-printer-filter-${filterVersion}
-    '';
-
-    preConfigure = ''
-      chmod +x configure
-      export LDFLAGS="$LDFLAGS -Wl,--no-as-needed"
-    '';
-
-    postInstall = ''
-      cd ../epson-inkjet-printer-201112j-${version}
-      cp -a lib64 resource watermark $out
-      mkdir -p $out/share/cups/model/epson-inkjet-printer-201112j
-      cp -a ppds $out/share/cups/model/epson-inkjet-printer-201112j/
-      cp -a Manual.txt $out/doc/
-      cp -a README $out/doc/README.driver
-    '';
-
-    meta = with lib; {
-      homepage = "https://www.openprinting.org/driver/epson-201112j";
-      description = "Epson printer driver (BX535WD, BX630FW, BX635FWD, ME940FW, NX530, NX635, NX635, SX535WD, WorkForce 545, WorkForce 645";
-      longDescription = ''
-        This software is a filter program used with the Common UNIX Printing
-        System (CUPS) under Linux. It supplies high quality printing with
-        Seiko Epson Color Ink Jet Printers.
-        List of printers supported by this package:
-          Epson BX535WD Series
-          Epson BX630FW Series
-          Epson BX635FWD Series
-          Epson ME940FW Series
-          Epson NX530 Series
-          Epson SX535WD Series
-          Epson WorkForce 545 Series
-          Epson WorkForce 645 Series
-        To use the driver adjust your configuration.nix file:
-          services.printing = {
-            enable = true;
-            drivers = [ pkgs.epson-201112j ];
-          };
-      '';
-      license = with licenses; [ lgpl21 epson ];
-      platforms = platforms.linux;
-      maintainers = [];
-    };
-  }
diff --git a/packages/linux-lava/bluetooth.patch b/packages/linux-lava/bluetooth.patch
new file mode 100644
index 0000000..87e198c
--- /dev/null
+++ b/packages/linux-lava/bluetooth.patch
@@ -0,0 +1,13 @@
+diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
+index ef9689f8776..aabbc031b5f 100644
+--- a/drivers/bluetooth/btusb.c
++++ b/drivers/bluetooth/btusb.c
+@@ -759,6 +759,8 @@ static const struct usb_device_id quirks_table[] = {
+ 						     BTUSB_WIDEBAND_SPEECH },
+ 	{ USB_DEVICE(0x2b89, 0x8761), .driver_info = BTUSB_REALTEK |
+ 						     BTUSB_WIDEBAND_SPEECH },
++	{ USB_DEVICE(0x2c4e, 0x0115), .driver_info = BTUSB_REALTEK |
++ 						     BTUSB_WIDEBAND_SPEECH },
+ 
+ 	/* Additional Realtek 8821AE Bluetooth devices */
+ 	{ USB_DEVICE(0x0b05, 0x17dc), .driver_info = BTUSB_REALTEK },
diff --git a/packages/linux-lava/default.nix b/packages/linux-lava/default.nix
index 17b15ef..aa288f5 100644
--- a/packages/linux-lava/default.nix
+++ b/packages/linux-lava/default.nix
@@ -1,27 +1,17 @@
 { buildLinux
 , callPackage
-, ccacheStdenv
 , inputs
-, kernelPatches
 , lib
-, llvmPackages_16
-, overrideCC
+, linuxLavaEnv
+, useCcache ? false
 , ...
 } @ args:
 
 let
   sources = callPackage ./sources.nix { inherit inputs; };
-  llvmPackages = llvmPackages_16;
   kernel = buildLinux (args // {
     inherit (sources) src kernelPatches;
-    stdenv = ccacheStdenv.override {
-      # :sob: see https://github.com/NixOS/nixpkgs/issues/142901
-      stdenv = overrideCC llvmPackages.stdenv (llvmPackages.stdenv.cc.override {
-        bintools = llvmPackages.bintools.override {
-          sharedLibraryLoader = null;
-        };
-      });
-    };
+    stdenv = if useCcache then linuxLavaEnv.ccacheStdenv else linuxLavaEnv.stdenv;
     version = "${sources.version}-tkg-Lava";
     isZen = true;
     extraMakeFlags = [ "LLVM=1" "LLVM_IAS=1" ];
@@ -66,6 +56,10 @@ let
       INIT_STACK_ALL_ZERO = yes;
       INIT_STACK_NONE = no;
 
+      # bore
+      SCHED_BORE = yes;
+      MIN_BASE_SLICE_NS = freeform "2000000";
+
       # tickless timers
       HZ_PERIODIC = no;
       NO_HZ = yes;
diff --git a/packages/linux-lava/dsd_um3402yar.patch b/packages/linux-lava/dsd_um3402yar.patch
deleted file mode 100644
index 27a13a9..0000000
--- a/packages/linux-lava/dsd_um3402yar.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/sound/pci/hda/cs35l41_hda_property.c b/sound/pci/hda/cs35l41_hda_property.c
-index 2eca5822055..503f3b889f1 100644
---- a/sound/pci/hda/cs35l41_hda_property.c
-+++ b/sound/pci/hda/cs35l41_hda_property.c
-@@ -54,6 +54,7 @@
- 	{ "10431533", I2C, 2, INTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 1, -1, 1000, 4500, 24 },
- 	{ "10431573", SPI, 2, INTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, 2, 0, 1000, 4500, 24 },
- 	{ "10431663", SPI, 2, INTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, -1, 0, 1000, 4500, 24 },
-+	{ "10431683", I2C, 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 1, -1, 0, 0, 0 },
- 	{ "104316D3", SPI, 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, 2, 0, 0, 0, 0 },
- 	{ "104316F3", SPI, 2, EXTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 1, 2, 0, 0, 0, 0 },
- 	{ "104317F3", I2C, 2, INTERNAL, { CS35L41_LEFT, CS35L41_RIGHT, 0, 0 }, 0, 1, -1, 1000, 4500, 24 },
-@@ -358,6 +359,7 @@
- 	{ "CSC3551", "10431533", generic_dsd_config },
- 	{ "CSC3551", "10431573", generic_dsd_config },
- 	{ "CSC3551", "10431663", generic_dsd_config },
-+	{ "CSC3551", "10431683", generic_dsd_config },
- 	{ "CSC3551", "104316D3", generic_dsd_config },
- 	{ "CSC3551", "104316F3", generic_dsd_config },
- 	{ "CSC3551", "104317F3", generic_dsd_config },
diff --git a/packages/linux-lava/sources.nix b/packages/linux-lava/sources.nix
index c6f501c..1ea7dcb 100644
--- a/packages/linux-lava/sources.nix
+++ b/packages/linux-lava/sources.nix
@@ -1,17 +1,16 @@
 { fetchFromGitHub, inputs, lib }:
 let
-  version = "6.7.0";
-  kernelHash = "0s8hbcsg7fdvspqam8kzcxygjsznr4zfi60nqgc81l3n4m518cgg";
-  kernelPatchHash = "1qnial7m91l3amcsgms3cs599pi529kvda1c982qk45s39y029xj";
+  version = "7.0.10";
+  kernelHash = "1w4i705i0nl1xqv7fdhdbhy7j3xrzhl31fabs6vmgiw7nf06szxv";
+  kernelPatchHash = "0h7gxqcnww7sj5cdyblzj04775zhavwdylkm2pm91v6xkjbnz1zj";
 
   mm = lib.versions.majorMinor version;
+  hasPatch = (builtins.length (builtins.splitVersion version)) == 3;
   tkgPatches = [
     "0002-clear-patches"
     "0003-glitched-base"
-    "0003-glitched-eevdf-additions"
+    "0001-bore"
     "0003-glitched-cfs"
-    "0007-v${mm}-fsync1_via_futex_waitv"
-#   "0007-v${mm}-winesync" fails to patch
     "0012-misc-additions"
   ];
 
@@ -34,14 +33,13 @@ in {
     sha256 = kernelHash;
   };
 
-  kernelPatches = [
-    #kernelPatchSrc
-    (patch ./dsd_um3402yar.patch)
+  kernelPatches = lib.optionals hasPatch [
+    kernelPatchSrc
+    (patch ./bluetooth.patch)
   ]
   ++ builtins.map (name: {
     inherit name;
     patch = "${inputs.linux-tkg}/linux-tkg-patches/${mm}/${name}.patch";
   }) tkgPatches
-  ++ [
-  ];
+  ++ [ ];
 }
diff --git a/packages/packwiz/default.nix b/packages/packwiz/default.nix
deleted file mode 100644
index 3a54208..0000000
--- a/packages/packwiz/default.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ inputs
-, buildGoModule
-}:
-buildGoModule {
-  pname = "packwiz";
-  version = inputs.packwiz.shortRev;
-  src = inputs.packwiz;
-  vendorSha256 = "1f2xh8czq8fh823dyp54rdv5mmb9gf62f5fimdah4wmghqw4wbzy";
-}
diff --git a/packages/psensor/default.nix b/packages/psensor/default.nix
new file mode 100644
index 0000000..165cc73
--- /dev/null
+++ b/packages/psensor/default.nix
@@ -0,0 +1,53 @@
+{ stdenv
+, lib
+, fetchurl
+, pkg-config
+, lm_sensors
+, libgtop
+, libatasmart
+, gtk3
+, libnotify
+, udisks2
+, wrapGAppsHook3
+, libappindicator
+, linuxPackages
+}:
+let
+  libXNVCtrl = linuxPackages.nvidia_x11.settings.libXNVCtrl;
+in
+stdenv.mkDerivation rec {
+  pname = "psensor";
+
+  version = "1.2.1";
+
+  src = fetchurl {
+    url = "https://wpitchoune.net/psensor/files/psensor-${version}.tar.gz";
+    sha256 = "1ark901va79gfq5p8h8dqypjgm3f8crmj37520q3slwz2rfphkq8";
+  };
+
+  nativeBuildInputs = [ pkg-config wrapGAppsHook3 ];
+
+  buildInputs = [
+    lm_sensors
+    libgtop
+    libatasmart
+    gtk3
+    libnotify
+    udisks2
+    libappindicator
+  ];
+
+  preConfigure = ''
+    NIX_CFLAGS_COMPILE="$NIX_CFLAGS_COMPILE -I${libXNVCtrl}/include -Wno-error"
+    NIX_LDFLAGS="$NIX_LDFLAGS -L${libXNVCtrl}/lib"
+  '';
+
+  meta = with lib; {
+    description = "Graphical hardware monitoring application for Linux";
+    homepage = "https://wpitchoune.net/psensor/";
+    license = licenses.mit;
+    platforms = platforms.linux;
+    maintainers = [ ];
+    mainProgram = "psensor";
+  };
+}
diff --git a/packages/spotify-adblock/0001-cargo.patch b/packages/spotify-adblock/0001-cargo.patch
deleted file mode 100644
index 84031b5..0000000
--- a/packages/spotify-adblock/0001-cargo.patch
+++ /dev/null
@@ -1,141 +0,0 @@
-From 002a25dd56233d599adda61b298d612a46267407 Mon Sep 17 00:00:00 2001
-From: LavaDesu <me@lava.moe>
-Date: Tue, 14 Sep 2021 08:34:05 +0700
-Subject: [PATCH] cargo
-
----
- Cargo.lock | 122 +++++++++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 122 insertions(+)
- create mode 100644 Cargo.lock
-
-diff --git a/Cargo.lock b/Cargo.lock
-new file mode 100644
-index 00000000000..b952e17ca90
---- /dev/null
-+++ b/Cargo.lock
-@@ -0,0 +1,122 @@
-+# This file is automatically @generated by Cargo.
-+# It is not intended for manual editing.
-+version = 3
-+
-+[[package]]
-+name = "aho-corasick"
-+version = "0.7.18"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "1e37cfd5e7657ada45f742d6e99ca5788580b5c529dc78faf11ece6dc702656f"
-+dependencies = [
-+ "memchr",
-+]
-+
-+[[package]]
-+name = "lazy_static"
-+version = "1.4.0"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
-+
-+[[package]]
-+name = "libc"
-+version = "0.2.101"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "3cb00336871be5ed2c8ed44b60ae9959dc5b9f08539422ed43f09e34ecaeba21"
-+
-+[[package]]
-+name = "memchr"
-+version = "2.4.1"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "308cc39be01b73d0d18f82a0e7b2a3df85245f84af96fdddc5d202d27e47b86a"
-+
-+[[package]]
-+name = "proc-macro2"
-+version = "1.0.29"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "b9f5105d4fdaab20335ca9565e106a5d9b82b6219b5ba735731124ac6711d23d"
-+dependencies = [
-+ "unicode-xid",
-+]
-+
-+[[package]]
-+name = "quote"
-+version = "1.0.9"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "c3d0b9745dc2debf507c8422de05d7226cc1f0644216dfdfead988f9b1ab32a7"
-+dependencies = [
-+ "proc-macro2",
-+]
-+
-+[[package]]
-+name = "regex"
-+version = "1.5.4"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461"
-+dependencies = [
-+ "aho-corasick",
-+ "memchr",
-+ "regex-syntax",
-+]
-+
-+[[package]]
-+name = "regex-syntax"
-+version = "0.6.25"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b"
-+
-+[[package]]
-+name = "serde"
-+version = "1.0.130"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "f12d06de37cf59146fbdecab66aa99f9fe4f78722e3607577a5375d66bd0c913"
-+dependencies = [
-+ "serde_derive",
-+]
-+
-+[[package]]
-+name = "serde_derive"
-+version = "1.0.130"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "d7bc1a1ab1961464eae040d96713baa5a724a8152c1222492465b54322ec508b"
-+dependencies = [
-+ "proc-macro2",
-+ "quote",
-+ "syn",
-+]
-+
-+[[package]]
-+name = "spotify-adblock"
-+version = "1.0.0"
-+dependencies = [
-+ "lazy_static",
-+ "libc",
-+ "regex",
-+ "serde",
-+ "toml",
-+]
-+
-+[[package]]
-+name = "syn"
-+version = "1.0.76"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "c6f107db402c2c2055242dbf4d2af0e69197202e9faacbef9571bbe47f5a1b84"
-+dependencies = [
-+ "proc-macro2",
-+ "quote",
-+ "unicode-xid",
-+]
-+
-+[[package]]
-+name = "toml"
-+version = "0.5.8"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "a31142970826733df8241ef35dc040ef98c679ab14d7c3e54d827099b3acecaa"
-+dependencies = [
-+ "serde",
-+]
-+
-+[[package]]
-+name = "unicode-xid"
-+version = "0.2.2"
-+source = "registry+https://github.com/rust-lang/crates.io-index"
-+checksum = "8ccb82d61f80a663efe1f787a51b16b5a51e3314d6ac365b08639f52387b33f3"
--- 
-2.32.0
-
diff --git a/packages/spotify-adblock/default.nix b/packages/spotify-adblock/default.nix
index d076e87..57992de 100644
--- a/packages/spotify-adblock/default.nix
+++ b/packages/spotify-adblock/default.nix
@@ -7,7 +7,7 @@ rustPlatform.buildRustPackage {
   version = "1.0";
   src = inputs.spotify-adblock;
 
-  cargoSha256 = "sha256-yxumYGAMObgl1u6GlbEQOKOn1DWxXN8bbT7BjiWT96o=";
+  cargoHash = "sha256-oGpe+kBf6kBboyx/YfbQBt1vvjtXd1n2pOH6FNcbF8M=";
 
   patches = [ ./0002-allow-setting-config-from-environment-variable.patch ];
 
diff --git a/packages/tetrio/base.nix b/packages/tetrio/base.nix
deleted file mode 100644
index 27a42e6..0000000
--- a/packages/tetrio/base.nix
+++ /dev/null
@@ -1,90 +0,0 @@
-# Copied from https://github.com/NixOS/nixpkgs/pull/146940
-
-{ stdenv
-, lib
-, fetchurl
-, autoPatchelfHook
-, alsa-lib
-, cups
-, dpkg
-, gtk3
-, libpulseaudio
-, libX11
-, libXScrnSaver
-, libXtst
-, mesa
-, nss
-, systemd
-, wrapGAppsHook
-}:
-
-stdenv.mkDerivation rec {
-  pname = "tetrio-desktop";
-  version = "8.0.0";
-
-  src = fetchurl {
-    url = "https://web.archive.org/web/20211228025517if_/https://tetr.io/about/desktop/builds/TETR.IO%20Setup.deb";
-    name = "${pname}.deb";
-    sha256 = "1nlblfhrph4cw8rpic9icrs78mzrxyskl7ggyy2i8bk9i07i21xf";
-  };
-
-  nativeBuildInputs = [
-    dpkg
-    autoPatchelfHook
-    wrapGAppsHook
-  ];
-
-  dontWrapGApps = true;
-
-  buildInputs = [
-    alsa-lib
-    cups
-    libX11
-    libXScrnSaver
-    libXtst
-    mesa
-    nss
-    gtk3
-  ];
-
-  libPath = lib.makeLibraryPath [
-    libpulseaudio
-    systemd
-  ];
-
-  unpackCmd = "dpkg -x $curSrc src";
-
-  installPhase = ''
-    runHook preInstall
-
-    mkdir $out
-    cp -r opt/ usr/share/ $out
-
-    mkdir $out/bin
-    ln -s $out/opt/TETR.IO/tetrio-desktop $out/bin/
-
-    substituteInPlace $out/share/applications/tetrio-desktop.desktop \
-      --replace "Exec=\"/opt/TETR.IO/tetrio-desktop\"" "Exec=\"$out/opt/TETR.IO/tetrio-desktop\""
-
-    runHook postInstall
-  '';
-
-  postFixup = ''
-    wrapProgram $out/opt/TETR.IO/tetrio-desktop \
-      --prefix LD_LIBRARY_PATH : ${libPath}:$out/opt/TETR.IO \
-      ''${gappsWrapperArgs[@]}
-  '';
-
-  meta = with lib; {
-    homepage = "https://tetr.io";
-    downloadPage = "https://tetr.io/about/desktop/";
-    description = "TETR.IO desktop client";
-    longDescription = ''
-      TETR.IO is a modern yet familiar online stacker.
-      Play against friends and foes all over the world, or claim a spot on the leaderboards - the stacker future is yours!
-    '';
-    platforms = [ "x86_64-linux" ];
-    license = licenses.unfree;
-    #maintainers = with maintainers; [ wackbyte ];
-  };
-}
diff --git a/packages/tetrio/plus.nix b/packages/tetrio/plus.nix
deleted file mode 100644
index c6a0a07..0000000
--- a/packages/tetrio/plus.nix
+++ /dev/null
@@ -1,43 +0,0 @@
-{
-  fetchzip,
-  lib,
-  symlinkJoin,
-  stdenvNoCC,
-  tetrio-desktop,
-  unzip
-}:
-
-let
-  version = "0.23.7";
-
-  patchedAsar = stdenvNoCC.mkDerivation rec {
-    pname = "tetrio-plus";
-    version = "0.25.3";
-
-    src = fetchzip {
-      url = "https://gitlab.com/UniQMG/tetrio-plus/uploads/684477053451cd0819e2c84e145966eb/tetrio-plus_0.25.3_app.asar.zip";
-      sha256 = "sha256-GQgt4GZNeKx/uzmVsuKppW2zg8AAiGqsk2JYJIkqfVE=";
-    };
-
-    installPhase = ''
-      runHook preInstall
-      install app.asar $out
-      runHook postInstall
-    '';
-
-    meta = with lib; {
-      description = "TETR.IO customization toolkit";
-      homepage = "https://gitlab.com/UniQMG/tetrio-plus";
-      license = licenses.mit;
-      maintainers = with maintainers; [ huantian ];
-      platforms = [ "x86_64-linux" ];
-    };
-  };
-in tetrio-desktop.overrideAttrs(old: {
-  pname = "tetrio-desktop-plus";
-  version = old.version + "+${version}";
-
-  postInstall = ''
-    cp ${patchedAsar} $out/opt/TETR.IO/resources/app.asar
-  '';
-})
diff --git a/packages/tree-sitter-glimmer/default.nix b/packages/tree-sitter-glimmer/default.nix
deleted file mode 100644
index 5b0e426..0000000
--- a/packages/tree-sitter-glimmer/default.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{
-  callPackage,
-  inputs
-}:
-callPackage (inputs.nixpkgs + "/pkgs/development/tools/parsing/tree-sitter/grammar.nix") {} {
-  language = "glimmer";
-  version = "1.0.0";
-  src = inputs.tree-sitter-glimmer;
-}
diff --git a/res/config-minimal.lua b/res/config-minimal.lua
index 7aade79..c2d3f06 100644
--- a/res/config-minimal.lua
+++ b/res/config-minimal.lua
@@ -1,20 +1,24 @@
 -- Keybindings
-local map = vim.api.nvim_set_keymap
+local map = vim.keymap.set
 map('n', '<C-H>', '<C-W>h', { noremap = true })
 map('n', '<C-J>', '<C-W>j', { noremap = true })
 map('n', '<C-K>', '<C-W>k', { noremap = true })
 map('n', '<C-L>', '<C-W>l', { noremap = true })
 map('n', '<C-Q>', ':q<CR>', { noremap = true })
+map('n', '<C-P>', ':Files<CR>', { noremap = true })
 
 -- Autocommands
 vim.cmd('au BufEnter * set noro')
+vim.cmd('au CursorHold * lua vim.diagnostic.open_float(0, { scope = "line", focusable = false })')
 
 -- Settings
+vim.opt.mouse = ""
 vim.opt.relativenumber = true
 vim.opt.number = true
 vim.opt.cursorline = true
 vim.opt.signcolumn = "yes:3"
 vim.opt.title = true
+vim.opt.termguicolors = true
 vim.opt.updatetime = 0
 vim.opt.clipboard:prepend('unnamedplus')
 
@@ -43,56 +47,9 @@ vim.g.signify_sign_delete_first_line = '┏━'
 vim.g.signify_sign_change            = vim.g.signify_sign_add
 vim.g.signify_sign_change_delete     = vim.g.signify_sign_delete
 
--- Theming
-vim.g.tokyonight_style = 'night'
-vim.cmd[[
-    syntax enable
-    colorscheme tokyonight
-]]
-local colors = require("tokyonight.colors").setup {}
-vim.cmd("highlight SignifySignAdd             guifg="..colors.green)
-vim.cmd("highlight SignifySignChange          guifg="..colors.orange)
-vim.cmd("highlight SignifySignDelete          guifg="..colors.red)
-vim.cmd("highlight SignifySignDeleteFirstLine guifg="..colors.red)
-vim.cmd("highlight SignifySignChangeDelete    guifg="..colors.red)
-
 -- Plugins
-require('nvim-treesitter.configs').setup {
+require('nvim-treesitter').setup {
     highlight = { enable = true },
     indent = { enable = false }
 }
-require('lualine').setup {
-    options = {
-        theme = 'tokyonight'
-    }
-}
-
--- LSP
-local nvim_lsp = require('lspconfig')
-
-local on_attach = function(client, bufnr)
-    local function buf_set_keymap(...) vim.api.nvim_buf_set_keymap(bufnr, ...) end
-    local function buf_set_option(...) vim.api.nvim_buf_set_option(bufnr, ...) end
-
-    buf_set_option('omnifunc', 'v:lua.vim.lsp.omnifunc')
-
-    local opts = { noremap = true, silent = true }
-
-    buf_set_keymap('n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
-    buf_set_keymap('n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
-    buf_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
-    buf_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
-    buf_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
-    buf_set_keymap('n', '<space>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
-    buf_set_keymap('n', '<space>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
-    buf_set_keymap('n', '<space>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
-    buf_set_keymap('n', '<space>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
-    buf_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
-    buf_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
-    buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
-    buf_set_keymap('n', '<space>e', '<cmd>lua vim.diagnostic.open_float(0, { scope = "line" })<CR>', opts)
-    buf_set_keymap('n', '[d', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts)
-    buf_set_keymap('n', ']d', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts)
-    buf_set_keymap('n', '<space>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts)
-    buf_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
-end
+require('lualine').setup { }
diff --git a/res/config.lua b/res/config.lua
index a8cda44..c0b5dad 100644
--- a/res/config.lua
+++ b/res/config.lua
@@ -1,22 +1,26 @@
 -- Keybindings
-local map = vim.api.nvim_set_keymap
-map('n', '<C-H>', '<C-W>h', { noremap = true })
-map('n', '<C-J>', '<C-W>j', { noremap = true })
-map('n', '<C-K>', '<C-W>k', { noremap = true })
-map('n', '<C-L>', '<C-W>l', { noremap = true })
-map('n', '<C-Q>', ':q<CR>', { noremap = true })
-map('n', '<C-P>', ':Files<CR>', { noremap = true })
+local map = vim.keymap.set
+map('n', '<C-H>', '<C-W>h', { remap = false })
+map('n', '<C-J>', '<C-W>j', { remap = false })
+map('n', '<C-K>', '<C-W>k', { remap = false })
+map('n', '<C-L>', '<C-W>l', { remap = false })
+map('n', '<C-Q>', ':q<CR>', { remap = false })
+map('n', '<C-P>', ':Files<CR>', { remap = false })
+map('n', '<C-/>', 'gcc', { remap = true, silent = true })
+map('v', '<C-/>', 'gc', { remap = true, silent = true })
 
 -- Autocommands
 vim.cmd('au BufEnter * set noro')
 vim.cmd('au CursorHold * lua vim.diagnostic.open_float(0, { scope = "line", focusable = false })')
 
 -- Settings
+vim.opt.mouse = ""
 vim.opt.relativenumber = true
 vim.opt.number = true
 vim.opt.cursorline = true
 vim.opt.signcolumn = "yes:3"
 vim.opt.title = true
+vim.opt.termguicolors = true
 vim.opt.updatetime = 0
 vim.opt.clipboard:prepend('unnamedplus')
 
@@ -45,17 +49,15 @@ vim.g.signify_sign_delete_first_line = '┏━'
 vim.g.signify_sign_change            = vim.g.signify_sign_add
 vim.g.signify_sign_change_delete     = vim.g.signify_sign_delete
 
+-- VimTeX
+vim.g.vimtex_view_method = "zathura"
+vim.g.vimtex_quickfix_open_on_warning = 0
+
 -- Theming
-require("tokyonight").setup({
-    style = "night"
-})
-vim.cmd[[
-    syntax enable
-    colorscheme tokyonight
-]]
-local colors = require("tokyonight.colors").setup {}
+vim.api.nvim_command("syntax enable")
+local colors = require("catppuccin.palettes").get_palette "{{CATPPUCCIN_FLAVOUR}}"
 vim.cmd("highlight SignifySignAdd             guifg="..colors.green)
-vim.cmd("highlight SignifySignChange          guifg="..colors.orange)
+vim.cmd("highlight SignifySignChange          guifg="..colors.peach)
 vim.cmd("highlight SignifySignDelete          guifg="..colors.red)
 vim.cmd("highlight SignifySignDeleteFirstLine guifg="..colors.red)
 vim.cmd("highlight SignifySignChangeDelete    guifg="..colors.red)
@@ -63,16 +65,42 @@ vim.cmd("highlight SignifySignChangeDelete    guifg="..colors.red)
 -- Set this specific highlight group in rust
 -- Shown when using #[cfg] directives, entire chunks of disabled code has squiggly lines and I don't want
 -- to see it
-vim.cmd("au FileType rust highlight DiagnosticUnderlineHint ctermfg=14 gui=italic guifg="..colors.comment)
+vim.cmd("au FileType rust highlight DiagnosticUnderlineHint ctermfg=14 gui=italic guifg="..colors.overlay2)
 
 -- Plugins
-require('nvim-treesitter.configs').setup {
+require('autoclose').setup {}
+local function autosavecond(buf)
+    if vim.tbl_contains({"astro", "tex"}, vim.fn.getbufvar(buf, "&filetype")) then
+        return true
+    end
+    return false
+end
+require('auto-save').setup {
+    trigger_events = {
+        defer_save = { "InsertLeave", "TextChanged", "TextChangedI" },
+    },
+    debounce_delay = 250,
+    condition = autosavecond,
+}
+require('nvim-ts-autotag').setup {}
+require('nvim-highlight-colors').setup {
+    render = "virtual",
+}
+require('nvim-treesitter').setup {
     highlight = { enable = true },
     indent = { enable = false }
 }
 require('lualine').setup {
     options = {
-        theme = 'tokyonight'
+        theme = 'catppuccin'
+    },
+    sections = {
+        lualine_c = {
+            {
+                "filename",
+                path = 1,
+            }
+        }
     }
 }
 
@@ -80,74 +108,72 @@ require('lualine').setup {
 -- many thanks to @kristijanhusak
 -- https://github.com/nvim-treesitter/nvim-treesitter/issues/1167#issuecomment-920824125
 function _G.javascript_indent()
-  local line = vim.fn.getline(vim.v.lnum)
-  local prev_line = vim.fn.getline(vim.v.lnum - 1)
-  if line:match('^%s*[%*/]%s*') then
-    if prev_line:match('^%s*%*%s*') then
-      return vim.fn.indent(vim.v.lnum - 1)
+    local line = vim.fn.getline(vim.v.lnum)
+    local prev_line = vim.fn.getline(vim.v.lnum - 1)
+    if line:match('^%s*[%*/]%s*') then
+        if prev_line:match('^%s*%*%s*') then
+            return vim.fn.indent(vim.v.lnum - 1)
+        end
+        if prev_line:match('^%s*/%*%*%s*$') then
+            return vim.fn.indent(vim.v.lnum - 1) + 1
+        end
     end
-    if prev_line:match('^%s*/%*%*%s*$') then
-      return vim.fn.indent(vim.v.lnum - 1) + 1
-    end
-  end
 
-  return vim.fn['GetJavascriptIndent']()
+    return vim.fn['GetJavascriptIndent']()
 end
 
 vim.cmd('au FileType javascript setlocal indentexpr=v:lua.javascript_indent()')
 
 -- LSP
-local nvim_lsp = require('lspconfig')
+vim.api.nvim_create_autocmd("LspAttach", {
+    callback = function(args)
+        local client = vim.lsp.get_client_by_id(args.data.client_id)
+        if not client then
+            return
+        end
 
-local on_attach = function(client, bufnr)
-    local function buf_set_keymap(...) vim.api.nvim_buf_set_keymap(bufnr, ...) end
-    local function buf_set_option(...) vim.api.nvim_buf_set_option(bufnr, ...) end
+        local function buf_set_keymap(...) vim.api.nvim_buf_set_keymap(args.buf, ...) end
+        local function buf_set_option(...) vim.api.nvim_buf_set_option(args.buf, ...) end
 
-    local opts = { noremap = true, silent = true }
+        local opts = { noremap = true, silent = true }
 
-    buf_set_keymap('n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
-    buf_set_keymap('n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
-    buf_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
-    buf_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
-    buf_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
-    buf_set_keymap('n', '<space>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
-    buf_set_keymap('n', '<space>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
-    buf_set_keymap('n', '<space>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
-    buf_set_keymap('n', '<space>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
-    buf_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
-    buf_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
-    buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
-    buf_set_keymap('n', '<space>e', '<cmd>lua vim.diagnostic.open_float(0, { scope = "line" })<CR>', opts)
-    buf_set_keymap('n', '[d', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts)
-    buf_set_keymap('n', ']d', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts)
-    buf_set_keymap('n', '<space>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts)
-    buf_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
-end
+        buf_set_keymap('n', 'gD', '<cmd>lua vim.lsp.buf.declaration()<CR>', opts)
+        buf_set_keymap('n', 'gd', '<cmd>lua vim.lsp.buf.definition()<CR>', opts)
+        buf_set_keymap('n', 'K', '<cmd>lua vim.lsp.buf.hover()<CR>', opts)
+        buf_set_keymap('n', 'gi', '<cmd>lua vim.lsp.buf.implementation()<CR>', opts)
+        buf_set_keymap('n', '<C-k>', '<cmd>lua vim.lsp.buf.signature_help()<CR>', opts)
+        buf_set_keymap('n', '<space>wa', '<cmd>lua vim.lsp.buf.add_workspace_folder()<CR>', opts)
+        buf_set_keymap('n', '<space>wr', '<cmd>lua vim.lsp.buf.remove_workspace_folder()<CR>', opts)
+        buf_set_keymap('n', '<space>wl', '<cmd>lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))<CR>', opts)
+        buf_set_keymap('n', '<space>D', '<cmd>lua vim.lsp.buf.type_definition()<CR>', opts)
+        buf_set_keymap('n', '<space>rn', '<cmd>lua vim.lsp.buf.rename()<CR>', opts)
+        buf_set_keymap('n', '<space>ca', '<cmd>lua vim.lsp.buf.code_action()<CR>', opts)
+        buf_set_keymap('n', 'gr', '<cmd>lua vim.lsp.buf.references()<CR>', opts)
+        buf_set_keymap('n', '<space>e', '<cmd>lua vim.diagnostic.open_float(0, { scope = "line" })<CR>', opts)
+        buf_set_keymap('n', '[d', '<cmd>lua vim.lsp.diagnostic.goto_prev()<CR>', opts)
+        buf_set_keymap('n', ']d', '<cmd>lua vim.lsp.diagnostic.goto_next()<CR>', opts)
+        buf_set_keymap('n', '<space>q', '<cmd>lua vim.lsp.diagnostic.set_loclist()<CR>', opts)
+        buf_set_keymap('n', '<space>f', '<cmd>lua vim.lsp.buf.formatting()<CR>', opts)
+    end
+})
 
-vim.lsp.handlers["textDocument/publishDiagnostics"] = vim.lsp.with(
-    vim.lsp.diagnostic.on_publish_diagnostics, {
-        focusable = false,
-        virtual_text = false,
-        underline = true,
-        signs = true,
-        update_in_insert = true
-    }
-)
-vim.lsp.handlers["textDocument/signatureHelp"] = vim.lsp.with(
-    vim.lsp.handlers.signature_help, { focusable = false }
-)
+vim.diagnostic.config({
+    focusable = false,
+    virtual_text = false,
+    underline = true,
+    signs = true,
+    update_in_insert = true
+})
 
-local capabilities = vim.lsp.protocol.make_client_capabilities()
-capabilities.textDocument.completion.completionItem.snippetSupport = true
 capabilities = require('cmp_nvim_lsp').default_capabilities(capabilities)
 
-local servers = { 'cssls', 'html', 'prismals', 'rnix', 'tsserver', 'yamlls' }
+local servers = { 'astro', 'clangd', 'cssls', 'html', 'tailwindcss', 'texlab', 'ts_ls', 'yamlls' }
 for _, lsp in ipairs(servers) do
-    nvim_lsp[lsp].setup {
+    vim.lsp.config(lsp, {
         capabilities = capabilities,
-        on_attach = on_attach,
         flags = { debounce_text_changes = 150 }
-    }
+    })
+    vim.lsp.enable(lsp)
 end
 
 -- nvim-cmp
@@ -197,15 +223,16 @@ cmp.setup {
 
 -- LSP/Omnisharp
 local pid = vim.fn.getpid()
-nvim_lsp.omnisharp.setup {
+vim.lsp.config("omnisharp", {
     capabilities = capabilities,
     on_attach = on_attach,
     flags = { debounce_text_changes = 150 },
     cmd = { "{{OMNISHARP_PATH}}", "--languageserver", "--hostPID", tostring(pid) }
-}
+})
+vim.lsp.enable("omnisharp")
 
 -- LSP/rust_analyzer
-nvim_lsp.rust_analyzer.setup {
+vim.lsp.config("rust_analyzer", {
     capabilities = capabilities,
     on_attach = on_attach,
     flags = { debounce_text_changes = 150 },
@@ -222,11 +249,11 @@ nvim_lsp.rust_analyzer.setup {
             }
         }
     }
-}
-
+})
+vim.lsp.enable("rust_analyzer")
 
 -- LSP/Diagnostics
-nvim_lsp.diagnosticls.setup {
+vim.lsp.config("diagnosticls", {
     capabilities = capabilities,
     on_attach = on_attach,
     flags = { debounce_text_changes = 150 },
@@ -262,7 +289,34 @@ nvim_lsp.diagnosticls.setup {
             vue = 'eslint'
         }
     }
-}
+})
+vim.lsp.enable("diagnosticls")
+
+-- LSP/nixd
+vim.lsp.config("nixd", {
+  cmd = { "nixd" },
+  filetypes = { "nix" },
+  root_markers = { "flake.nix", ".git" },
+  settings = {
+    nixd = {
+      nixpkgs = {
+        expr = "import <nixpkgs> { }",
+      },
+      formatting = {
+        command = { "nixfmt" },
+      },
+      options = {
+        nixos = {
+          expr = '(builtins.getFlake (toString ./.)).nixosConfigurations.{{HOSTNAME}}.options',
+        },
+        home_manager = {
+          expr = '(builtins.getFlake (builtins.toString ./.)).nixosConfigurations."{{USERNAME}}@{{HOSTNAME}}".options.home-manager.users.type.getSubOptions []',
+        },
+      },
+    },
+  },
+})
+vim.lsp.enable("nixd")
 
 -- LSP/Signatures
 require("lsp_signature").setup {
diff --git a/res/eww-wayland/eww.scss b/res/eww-wayland/eww.scss
deleted file mode 100644
index 08b2270..0000000
--- a/res/eww-wayland/eww.scss
+++ /dev/null
@@ -1,72 +0,0 @@
-$background: #1a1b26;
-$accent: #9d7cd8;
-$foreground: #c0caf5;
-
-* {
-  all: unset;
-}
-
-window {
-    background: transparent;
-}
-
-.bar {
-    margin: 5px 20px 0px 20px;
-}
-
-.widget {
-    background: $background;
-    color: $foreground;
-    font-family: "Noto Sans";
-    font-weight: 600;
-    font-size: 15px;
-    padding: 5px 15px;
-    border-radius: 50px;
-}
-
-.time {
-    .base {
-        font-weight: 700;
-    }
-    .extension {
-        font-weight: 500;
-        color: rgba($foreground, .7);
-    }
-}
-
-.workspaces {
-    padding: 5px 10px;
-    font-size: 22px;
-
-    button {
-        padding: 0px 2px;
-    }
-
-    .empty, .occupied {
-        color: $accent;
-    }
-}
-
-.widget.line-workspaces {
-    color: transparent;
-    padding: 0;
-    border-radius: 0;
-    font-size: 0;
-
-    button {
-        padding: 0 13px;
-    }
-
-    .empty {
-        background-color: $background;
-    }
-
-    .occupied {
-        background-color: $accent;
-    }
-
-    .focused {
-        background-color: $foreground;
-    }
-}
-
diff --git a/res/eww-wayland/eww.yuck b/res/eww-wayland/eww.yuck
deleted file mode 100644
index a5bb2d1..0000000
--- a/res/eww-wayland/eww.yuck
+++ /dev/null
@@ -1,58 +0,0 @@
-(defwindow mainbar :monitor 0
-                   :geometry (geometry :x "0%"
-                                       :y "0%"
-                                       :width "100%"
-                                       :height "30px"
-                                       :anchor "top center")
-                   :stacking "fg"
-                   :exclusive false
-                   :focusable false
-  (bar))
-
-(defpoll ptime :interval "1s"
-  `date +%H:%M`)
-(defpoll petimea :interval "1s"
-  `date "+%A, %d %B %Y  "`)
-(defpoll petimeb :interval "1s"
-  `date "+:%S"`)
-
-(deflisten ltitle :initial "" "./scripts/title.sh")
-(deflisten lworkspaces :initial "[]" "./scripts/workspaces.sh")
-(deflisten lcurrent_workspace :initial "1" "./scripts/active-workspace.sh")
-
-(defwidget bar []
-  (eventbox :onscroll "./scripts/scroll.sh {}"
-    (centerbox :orientation "h"
-               :class "bar"
-      (workspaces)
-      (title)
-      (time))))
-
-(defwidget workspaces []
-  (box :class "widget workspaces"
-       :halign "start"
-       :valign "center"
-       :vexpand true
-       :hexpand true
-    (for workspace in lworkspaces
-      (eventbox :cursor "hand"
-        (button :class "${workspace.id == lcurrent_workspace ? "focused" : (workspace.windows > 0 ? "occupied" : "empty")}"
-                :onclick "hyprctl dispatch workspace ${workspace.id}"
-          "${workspace.id == lcurrent_workspace ? "" : (workspace.windows > 0 ? "" : "")}")))))
-
-(defwidget title []
-  (literal :content ltitle))
-
-(defwidget time_extension [text]
-  (label :text text
-         :class "extension"))
-
-(defwidget time []
-  (box :orientation "horizontal"
-       :space-evenly false
-       :halign "end"
-       :class "widget time"
-    (time_extension :text petimea)
-    (label :text ptime
-           :class "base")
-    (time_extension :text petimeb)))
diff --git a/res/eww-wayland/scripts/title.sh b/res/eww-wayland/scripts/title.sh
deleted file mode 100755
index 9b19289..0000000
--- a/res/eww-wayland/scripts/title.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/usr/bin/env sh
-
-out () {
-    if [ -z "$1" ] || [ "$1" == "null" ]; then
-        echo ""
-    else
-        echo "(box :class \"widget title\" :halign \"center\" :valign \"center\" :vexpand true :hexpand true (label :text \"$1\"))"
-    fi
-}
-
-init=$(hyprctl activewindow -j | jq --raw-output .title)
-out "$init"
-
-socat -u UNIX-CONNECT:/tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - | stdbuf -o0 awk -F '>>|,' '/^activewindow>>/{print $3}' | while read -r line ; do
-    trunc=$(echo $line | cut -c-85)
-    out "$trunc"
-done
diff --git a/res/eww-wayland/scripts/workspaces.sh b/res/eww-wayland/scripts/workspaces.sh
deleted file mode 100755
index a496f8f..0000000
--- a/res/eww-wayland/scripts/workspaces.sh
+++ /dev/null
@@ -1,11 +0,0 @@
-#!/usr/bin/env sh
-
-spaces (){
-	WORKSPACE_WINDOWS=$(hyprctl workspaces -j | jq 'map({key: .id | tostring, value: .windows}) | from_entries')
-	seq 1 10 | jq --argjson windows "${WORKSPACE_WINDOWS}" --slurp -Mc 'map(tostring) | map({id: ., windows: ($windows[.]//0)})'
-}
-
-spaces
-socat -u UNIX-CONNECT:/tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - | while read -r line; do
-	spaces
-done
diff --git a/res/eww/eww.scss b/res/eww/eww.scss
index 08b2270..763e6fd 100644
--- a/res/eww/eww.scss
+++ b/res/eww/eww.scss
@@ -1,6 +1,6 @@
-$background: #1a1b26;
-$accent: #9d7cd8;
-$foreground: #c0caf5;
+$background: EWW_BACKGROUND;
+$accent: EWW_ACCENT;
+$foreground: EWW_TEXT;
 
 * {
   all: unset;
@@ -11,7 +11,7 @@ window {
 }
 
 .bar {
-    margin: 5px 20px 0px 20px;
+    margin: 5px 20px 5px 20px;
 }
 
 .widget {
@@ -22,6 +22,20 @@ window {
     font-size: 15px;
     padding: 5px 15px;
     border-radius: 50px;
+    box-shadow: rgba($foreground, .7) 0px 0px 2px;
+}
+
+.title {
+    margin: 0 5px;
+}
+
+.pill {
+    margin-right: 5px;
+    padding: 5px 10px;
+}
+
+.extended {
+    padding: 5px 15px;
 }
 
 .time {
@@ -70,3 +84,8 @@ window {
     }
 }
 
+.pill-icon {
+    color: $accent;
+    font-family: Material Symbols Outlined;
+    font-size: 18px;
+}
diff --git a/res/eww/eww.yuck b/res/eww/eww.yuck
index a0a433b..d72a2cc 100644
--- a/res/eww/eww.yuck
+++ b/res/eww/eww.yuck
@@ -1,42 +1,57 @@
-(defwindow linebar :monitor 0
-                   :geometry (geometry :x "30px"
-                                       :y "0%"
-                                       :width "100%"
-                                       :height "2px"
-                                       :anchor "top center")
-                   :stacking "fg"
-                   :windowtype "dock"
-                   :wm-ignore false
-  (wlinebar))
-
 (defwindow mainbar :monitor 0
+
                    :geometry (geometry :x "0%"
                                        :y "0%"
                                        :width "100%"
                                        :height "30px"
                                        :anchor "top center")
                    :stacking "fg"
-                   :windowtype "dock"
-                   :wm-ignore false
+                   :exclusive false
+                   :focusable false
   (bar))
 
-(defvar time-extended false)  ; for :run-while property of below variable
-                              ; when this turns true, the polling starts and
-                              ; var gets updated with given interval
+(defwindow mainbar-ext :monitor 1
+                   :geometry (geometry :x "0%"
+                                       :y "0%"
+                                       :width "100%"
+                                       :height "30px"
+                                       :anchor "top center")
+                   :stacking "fg"
+                   :exclusive false
+                   :focusable false
+  (bar))
 
-(defpoll ptime :interval "1s"
-               :run-while !time-extended
+(defvar bat-enabled _BAT_ENABLED_)
+(defvar bt-enabled _BT_ENABLED_)
+(defvar wifi-enabled _WIFI_ENABLED_)
+
+(defvar bat-extended true)
+(defvar bluetooth-extended false)
+(defvar network-extended false)
+(defvar time-extended false)
+
+(defpoll ptime   :interval "1s"
   `date +%H:%M`)
-(defpoll petimea :interval "1s"
-                 :run-while time-extended
+(defpoll petimea :interval "1s" :run-while time-extended
   `date "+%A, %d %B %Y  "`)
-(defpoll petimeb :interval "1s"
-                 :run-while time-extended
+(defpoll petimeb :interval "1s" :run-while time-extended
   `date "+:%S"`)
+(defpoll pbat_cap :interval "5s" :run-while bat-enabled
+  `cat /sys/class/power_supply/_BAT_PATH_/capacity`)
+(defpoll pbat_status :interval "1s" :run-while bat-enabled
+  `cat /sys/class/power_supply/_BAT_PATH_/status`)
+(defpoll wifi_ssid :interval "1s" :run-while wifi-enabled
+  `iwctl station wlan0 show | grep "Connected network" | awk '{print $3}'`)
+(defpoll wifi_strength :interval "1s" :run-while wifi-enabled
+  `iw dev wlan0 link | awk '/signal/ {gsub("-",""); print $2}'`)
+(defpoll bluetooth_device :interval "1s" :run-while bt-enabled
+  `bluetoothctl devices Connected | grep Device | cut -d" " -f3-`)
+(defpoll bluetooth_device_count :interval "1s" :run-while bt-enabled
+  `bluetoothctl devices Connected | wc -l`)
 
-(deflisten lworkspaces "./scripts/workspaces.sh")
-(deflisten llineworkspaces "./scripts/line-workspaces.sh")
-(deflisten ltitle "./scripts/title.sh")
+(deflisten ltitle :initial "" "./scripts/title.sh")
+(deflisten lworkspaces :initial "[]" "./scripts/workspaces.sh")
+(deflisten lcurrent_workspace :initial "1" "./scripts/active-workspace.sh")
 
 (defwidget bar []
   (eventbox :onscroll "./scripts/scroll.sh {}"
@@ -44,34 +59,107 @@
                :class "bar"
       (workspaces)
       (title)
-      (time))))
-
-(defwidget wlinebar []
-  (eventbox :onscroll "./scripts/scroll.sh {}"
-    (line_workspaces)))
+      (right_bar))))
 
 (defwidget workspaces []
-  (literal :content lworkspaces))
-
-(defwidget line_workspaces []
-  (literal :content llineworkspaces))
+  (box :class "widget workspaces"
+       :halign "start"
+       :valign "center"
+       :vexpand true
+       :hexpand true
+    (for workspace in lworkspaces
+      (eventbox :cursor "hand"
+        (button :class "${workspace.id == lcurrent_workspace ? "focused" : (workspace.windows > 0 ? "occupied" : "empty")}"
+                :onclick "hyprctl dispatch workspace ${workspace.id}"
+          "${workspace.id == lcurrent_workspace ? "" : (workspace.windows > 0 ? "" : "")}")))))
 
 (defwidget title []
   (literal :content ltitle))
 
 (defwidget time_extension [text]
-  (label :text text
-         :class "extension"))
+  (revealer :transition "slideleft"
+            :reveal time-extended
+            :duration 150
+    (label :text text
+           :class "extension")))
+
+(defwidget right_bar []
+  (box :orientation "horizontal"
+       :space-evenly false
+       :halign "end"
+    (box :visible {bt-enabled} (bluetooth))
+    (box :visible {wifi-enabled} (network))
+    (box :visible {bat-enabled} (battery))
+    (time)))
+
+(defwidget bluetooth []
+  (button :onclick `eww update bluetooth-extended=${bluetooth-extended ? "false" : "true"}`
+    (box :orientation "horizontal"
+         :class {"widget pill" + ((bluetooth-extended && bluetooth_device != "") ? " extended" : "")}
+         :spacing {(bluetooth-extended && bluetooth_device != "") ? 5 : 0}
+         :space-evenly false
+      (label :text { bluetooth_device == "" ? "" : ""}
+             :class "base pill-icon")
+      (revealer :transition "slideleft"
+                :reveal {bluetooth-extended && bluetooth_device != ""}
+                :duration 150
+        (label :text { bluetooth_device_count == "1" ? bluetooth_device : (bluetooth_device_count + " devices") }
+               :class "base")))))
+
+(defwidget network []
+  (button :onclick `eww update network-extended=${network-extended ? "false" : "true"}`
+    (box :orientation "horizontal"
+         :class {"widget pill" + ((network-extended && wifi_ssid != "") ? " extended" : "")}
+         :spacing {(network-extended && wifi_ssid != "") ? 5 : 0}
+         :space-evenly false
+      (label :text {
+          (wifi_ssid == "") ? ""
+        : (wifi_strength == "") ? ""
+        : (wifi_strength < 75) ? ""
+        : (wifi_strength < 65) ? ""
+        : (wifi_strength < 60) ? ""
+        : (wifi_strength < 50) ? ""
+        : ""}
+             :class "base pill-icon")
+      (revealer :transition "slideleft"
+                :reveal {network-extended && wifi_ssid != ""}
+                :duration 150
+        (label :text wifi_ssid
+               :class "base")))))
+
+(defwidget battery []
+  (button :onclick `eww update bat-extended=${bat-extended ? "false" : "true"}`
+    (box :orientation "horizontal"
+         :class {"widget pill" + (bat-extended ? " extended" : "")}
+         :spacing {bat-extended ? 3 : 0}
+         :space-evenly false
+      (label :text {
+          (pbat_status == "Charging" || pbat_status == "Full") ?
+            ( (pbat_cap < 20) ? ""
+            : (pbat_cap < 50) ? ""
+            : (pbat_cap < 100) ? ""
+            : "" )
+        : (pbat_cap < 10) ? ""
+        : (pbat_cap < 20) ? ""
+        : (pbat_cap < 50) ? ""
+        : (pbat_cap < 80) ? ""
+        : ""}
+             :class "base pill-icon")
+      (revealer :transition "slideleft"
+                :reveal bat-extended
+                :duration 150
+        (label :text {pbat_cap + "%"}
+               :class "base")))))
+
 
 (defwidget time []
   (button :onclick `eww update time-extended=${time-extended ? "false" : "true"}`
     (box :orientation "horizontal"
          :space-evenly false
-         :halign "end"
+         :hexpand true
          :class "widget time"
-      (time_extension :text {time-extended ? petimea : ""})
+      (time_extension :text petimea)
       (label :text ptime
              :class "base")
-      (time_extension :text {time-extended ? petimeb : ""})
-      )))
+      (time_extension :text petimeb))))
 
diff --git a/res/eww-wayland/scripts/active-workspace.sh b/res/eww/scripts/active-workspace.sh
similarity index 66%
rename from res/eww-wayland/scripts/active-workspace.sh
rename to res/eww/scripts/active-workspace.sh
index cbdf971..d4e6b87 100755
--- a/res/eww-wayland/scripts/active-workspace.sh
+++ b/res/eww/scripts/active-workspace.sh
@@ -2,5 +2,5 @@
 
 hyprctl monitors -j | jq '.[] | select(.focused) | .activeWorkspace.id'
 
-socat -u UNIX-CONNECT:/tmp/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - |
+socat -u UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - |
   stdbuf -o0 awk -F '>>|,' -e '/^workspace>>/ {print $2}' -e '/^focusedmon>>/ {print $3}'
diff --git a/res/eww/scripts/line-workspaces.sh b/res/eww/scripts/line-workspaces.sh
deleted file mode 100755
index 960c444..0000000
--- a/res/eww/scripts/line-workspaces.sh
+++ /dev/null
@@ -1,43 +0,0 @@
-#!/usr/bin/env sh
-
-# Checks if a list ($1) contains an element ($2)
-contains() {
-    for e in $1; do
-        [ "$e" -eq "$2" ] && echo 1 && return
-    done
-    echo 0
-}
-
-print_workspaces() {
-    buf=""
-    desktops=$(bspc query -D --names)
-    focused_desktop=$(bspc query -D -d focused --names)
-    occupied_desktops=$(bspc query -D -d .occupied --names)
-    urgent_desktops=$(bspc query -D -d .urgent --names)
-
-    for d in $desktops; do
-        if [ "$(contains "$focused_desktop" "$d")" -eq 1 ]; then
-            ws=$d
-            class="focused"
-        elif [ "$(contains "$occupied_desktops" "$d")" -eq 1 ]; then
-            ws=$d
-            class="occupied"
-        elif [ "$(contains "$urgent_desktops" "$d")" -eq 1 ]; then
-            ws=$d
-            class="urgent"
-        else
-            ws=$d
-            class="empty"
-        fi
-
-        buf="$buf (eventbox :cursor \"hand\" (button :class \"$class\" :onclick \"bspc desktop -f $ws\" \"\"))"
-    done
-
-    echo "(box :class \"widget line-workspaces\" :halign \"start\" :valign \"center\" :vexpand true :hexpand true $buf)"
-}
-
-# Listen to bspwm changes
-print_workspaces
-bspc subscribe desktop node_transfer | while read -r _ ; do
-    print_workspaces
-done
diff --git a/res/eww/scripts/scroll.sh b/res/eww/scripts/scroll.sh
deleted file mode 100755
index f76b6b0..0000000
--- a/res/eww/scripts/scroll.sh
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/usr/bin/env sh
-translated=$([ "$1" == "up" ] && echo "prev" || echo "next")
-bspc desktop -f $translated
diff --git a/res/eww/scripts/title.sh b/res/eww/scripts/title.sh
index 26664ba..108e0a5 100755
--- a/res/eww/scripts/title.sh
+++ b/res/eww/scripts/title.sh
@@ -1,10 +1,18 @@
 #!/usr/bin/env sh
 
-xtitle -s | while read -r line ; do
-    trunc=$(echo $line | cut -c-85)
-    if [ -z "$line" ]; then
+out () {
+    if [ -z "$1" ] || [ "$1" == "null" ]; then
         echo ""
     else
-        echo "(box :class \"widget title\" :halign \"center\" :valign \"center\" :vexpand true :hexpand true (label :text \"${trunc}\"))"
+        echo "(box :class \"widget title\" :halign \"center\" :valign \"center\" :vexpand true :hexpand true (label :text \"$1\"))"
     fi
+}
+
+init=$(hyprctl activewindow -j | jq --raw-output .title)
+trunc=$(echo $init | cut -c-60)
+out "$trunc"
+
+socat -u UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - | stdbuf -o0 awk -F '>>|,' '/^activewindow>>/{print $3}' | while read -r line ; do
+    trunc=$(echo $line | cut -c-60)
+    out "$trunc"
 done
diff --git a/res/eww/scripts/workspaces.sh b/res/eww/scripts/workspaces.sh
index 3eb9b52..963dbe8 100755
--- a/res/eww/scripts/workspaces.sh
+++ b/res/eww/scripts/workspaces.sh
@@ -1,47 +1,11 @@
 #!/usr/bin/env sh
 
-# Checks if a list ($1) contains an element ($2)
-contains() {
-    for e in $1; do
-        [ "$e" -eq "$2" ] && echo 1 && return
-    done
-    echo 0
+spaces (){
+	WORKSPACE_WINDOWS=$(hyprctl workspaces -j | jq 'map({key: .id | tostring, value: .windows}) | from_entries')
+	seq 1 10 | jq --argjson windows "${WORKSPACE_WINDOWS}" --slurp -Mc 'map(tostring) | map({id: ., windows: ($windows[.]//0)})'
 }
 
-print_workspaces() {
-    buf=""
-    desktops=$(bspc query -D --names)
-    focused_desktop=$(bspc query -D -d focused --names)
-    occupied_desktops=$(bspc query -D -d .occupied --names)
-    urgent_desktops=$(bspc query -D -d .urgent --names)
-
-    for d in $desktops; do
-        if [ "$(contains "$focused_desktop" "$d")" -eq 1 ]; then
-            ws=$d
-            icon=""
-            class="focused"
-        elif [ "$(contains "$occupied_desktops" "$d")" -eq 1 ]; then
-            ws=$d
-            icon=""
-            class="occupied"
-        elif [ "$(contains "$urgent_desktops" "$d")" -eq 1 ]; then
-            ws=$d
-            icon=""
-            class="urgent"
-        else
-            ws=$d
-            icon=""
-            class="empty"
-        fi
-
-        buf="$buf (eventbox :cursor \"hand\" (button :class \"$class\" :onclick \"bspc desktop -f $ws\" \"$icon\"))"
-    done
-
-    echo "(box :class \"widget workspaces\" :halign \"start\" :valign \"center\" :vexpand true :hexpand true $buf)"
-}
-
-# Listen to bspwm changes
-print_workspaces
-bspc subscribe desktop node_transfer | while read -r _ ; do
-    print_workspaces
+spaces
+socat -u UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock - | while read -r line; do
+	spaces
 done
diff --git a/res/theme.rasi b/res/theme.rasi
index fbf45e4..b7fd398 100644
--- a/res/theme.rasi
+++ b/res/theme.rasi
@@ -12,9 +12,9 @@ configuration {
 @theme "/dev/null"
 
 * {
-  bg:                              #12131b;
-  fg:                              #f3f6ff;
-  button:                          #ae58c8;
+  bg:                              CAT_BACKGROUND;
+  fg:                              CAT_TEXT;
+  button:                          CAT_ACCENT;
 
   background-color:                @bg;
   text-color:                      @fg;
@@ -30,7 +30,7 @@ prompt { enabled: false; }
 
 entry {
   placeholder:                    "Search";
-  placeholder-color:              #f3f6ff90;
+  placeholder-color:              CAT_PLACEHOLDER;
   transparency:                   "real";
   expand:                         true;
   font:                           "Noto Sans 32";
@@ -70,7 +70,7 @@ element-text {
   margin:                         0% 3% 0.5% 3%;
   background-color:               inherit;
   text-color:                     inherit;
-  font:                           "Noto Sans 12";
+  font:                           "Noto Sans Medium 12";
 }
 
 element-icon {
@@ -85,4 +85,5 @@ element-icon {
 element selected {
   background-color:               @button;
   border-radius:                  8px;
+  text-color:                     @bg;
 }
diff --git a/scripts/polybar.sh b/scripts/polybar.sh
deleted file mode 100755
index bac8319..0000000
--- a/scripts/polybar.sh
+++ /dev/null
@@ -1,4 +0,0 @@
-#!/bin/sh
-
-polybar top      >> ${XDG_RUNTIME_DIR}/bar-top.log 2>&1 &
-polybar scroller >> ${XDG_RUNTIME_DIR}/bar-scroller.log 2>&1 &
diff --git a/scripts/xinitrc b/scripts/xinitrc
deleted file mode 100755
index 44caff4..0000000
--- a/scripts/xinitrc
+++ /dev/null
@@ -1,11 +0,0 @@
-if test -z "$DBUS_SESSION_BUS_ADDRESS"; then
-    eval $(dbus-launch --exit-with-session --sh-syntax)
-fi
-systemctl --user import-environment DISPLAY XAUTHORITY
-
-if command -v dbus-update-activation-environment > /dev/null 2>&1; then
-    dbus-update-activation-environment DISPLAY XAUTHORITY
-fi
-
-xrdb ${XDG_CONFIG_HOME}/xorg/xresources
-exec ${XDG_CONFIG_HOME}/xorg/xsession
diff --git a/secrets.gcrypt/shared.json b/secrets.gcrypt/shared.json
new file mode 100644
index 0000000..21378e7
Binary files /dev/null and b/secrets.gcrypt/shared.json differ
diff --git a/secrets.nix b/secrets.nix
index f83332a..b1f55e5 100644
--- a/secrets.nix
+++ b/secrets.nix
@@ -1,17 +1,25 @@
 let
+  alyssum = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAp00i2DTwMk9i2WBEwpNTDA51TQJEqzpyCka6znmRzR";
   anemone = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEPFifSAybe97xDP/cq6AAjy7Fm0go0dtQ9ICK6JRUgc";
   blossom = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5wfPCcpkNR3ubr7cBV0UwVCDo/sMmV0aI/JOJTIxQj";
-  caramel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIPFJT1XYyjDZFHYT/8RdxAReKkeU8QfpLrmMjEeW/80";
-  sugarcane = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIImymDDLSOdLcsox8wxS9Z84fsbsz6Mi58OU0od2p/ZQ";
+  dandelion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFUk99ku7+eiIO7Q9sIPlPx3GiUljLv7W404W/zwrtzI";
+  hazel = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ6mi50ecrrMIn5C4QUyCjPHfSElz0mhevvFCznUzIrK";
 
   rin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPru5eTBvHJ4ZmrrzPRHCGM09wQP/ZHSaKYalDuBVO15";
 in {
-  "secrets/passwd.age".publicKeys = [ anemone blossom caramel sugarcane rin ];
-  "secrets/wpa_conf.age".publicKeys = [ blossom caramel rin ];
+  "secrets/passwd.age".publicKeys = [ alyssum anemone blossom rin ];
+  "secrets/passwd_smbcilly.age".publicKeys = [ alyssum rin ];
+  "secrets/passwd_smbkujira.age".publicKeys = [ alyssum rin ];
+  "secrets/wpa_conf.age".publicKeys = [ alyssum blossom rin ];
 
-  "secrets/acme_dns.age".publicKeys = [ caramel rin ];
-  "secrets/warden_admin.age".publicKeys = [ caramel rin ];
-  "secrets/wg_blossom.age".publicKeys = [ blossom rin ];
-  "secrets/wg_caramel.age".publicKeys = [ caramel rin ];
-  "secrets/wg_sugarcane.age".publicKeys = [ sugarcane rin ];
+  "secrets/acme_dns.age".publicKeys = [ alyssum dandelion hazel rin ];
+  "secrets/navidrome_env.age".publicKeys = [ alyssum dandelion rin ];
+  "secrets/slskd_env.age".publicKeys = [ anemone dandelion rin ];
+  "secrets/tailscale_auth.age".publicKeys = [ alyssum anemone blossom dandelion rin ];
+  "secrets/warden_admin.age".publicKeys = [ rin ];
+  "secrets/wg_anemone.age".publicKeys = [ anemone rin ];
+  "secrets/wg_dandelion.age".publicKeys = [ dandelion rin ];
+  "secrets/wg_hazel.age".publicKeys = [ hazel rin ];
+  "secrets/wg_hyacinth.age".publicKeys = [ blossom rin ];
+  "secrets/wg_caramel.age".publicKeys = [ rin ];
 }
diff --git a/secrets/acme_dns.age b/secrets/acme_dns.age
index 17f90a8..c440de6 100644
--- a/secrets/acme_dns.age
+++ b/secrets/acme_dns.age
@@ -1,7 +1,11 @@
 age-encryption.org/v1
--> ssh-ed25519 krYeuQ SBY9moNFVc8mdntk13DRWSIyoJfSuzsBrhzmaH8u51c
-5QU1vtRllrmYsArw6LSktuRLQ7QbrtNBKVrOG8d2pyk
--> ssh-ed25519 U9FXlg HR/A429gFyLaUq6QSyTYv8yK5syfJbLDFzmhGGTZt1M
-jCXRzzzp8vfB4n8pM6BAZr/IC9E+vBeeOm0AYGYBOe0
---- /vlh5vuiRyVyiQpn4PZ5zBeUNaQclSW5Y5z1mR43fFg
-�,S��=�;�9�}��J|����5�U�jB���{�j-��v���(�T7l���^�kɀQx�^?�`��/
�N���|���aq��x���I
\ No newline at end of file
+-> ssh-ed25519 kOMSPw vqjZO82kILUQaoD9EwOgnmXKD9IyscgtzP65BVKkGhs
+07f0vL5fSq+EVdJ4n3L/q0tGsh0SVLCueTzbrMQC2ok
+-> ssh-ed25519 bRFqeQ qZAsyhdIY/fg7weEBYfB/WwFBrr/fDRrjt0J/m+57W4
+FOWjbk7efoVdL9WxjWvaZ/0mJrQ4yj0fN/Fa3zztz84
+-> ssh-ed25519 ZAcXHw UHpAQ4nKoGGaZWXVj4UM6uBanOgDpBvG6XdoBvhz6y8
+xF1orqajQxp2QzU/e1sq8lMxz4AQ2Vr5a3wEU55QqyE
+-> ssh-ed25519 U9FXlg n/LPuRDZ7N0VbZYLNr86hH/yRuqd2zFC7Nnpooz8d0o
+aZig/wjd5vitGaJwQ89w2M7fj8fAiqTpdDOmLae74sM
+--- mXuALIh6k4n0cErsTFnwKemo/r2jFG7mGSTz2M8zXF8
+Zr2��.	��~M��P��XŹ1�)p�9R�9�ScLzhQ���O��0��H7���L�j�5�
�����\��l9�7���ܫn���>��
diff --git a/secrets/navidrome_env.age b/secrets/navidrome_env.age
new file mode 100644
index 0000000..7df364f
--- /dev/null
+++ b/secrets/navidrome_env.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw s/uDjoILzZ4meH5Thqdly/pPe2bTO7sKHPIsn7B/Ays
+Pg3ePdLimArZbzBJJkole/d6UjUafNayktjKqt9gqv4
+-> ssh-ed25519 bRFqeQ /yrku11wKk2gf24aPjSBZ1KBZXLOlSTOgvW13gjzC3M
+xTCWHdq5Vr02v9xDoEZqCcGLIdjZT9s29Gldoz27ow0
+-> ssh-ed25519 U9FXlg HhSqF8DRz/vW42Sf34fqGMIgj9Zpc5MeYNhqqsz7fBk
+4IzAURq50rY160/qAzo49cmhV7/skh7PGM8h9qI9WGE
+--- aSO1slFKfkECL6Gro84fMiDZ0QLLNbOrfiNegNK7ksc
+i'r��Ќ��l"�j^S�"_�UP��C��xs�1����M��w�ʍ�;#{a��}+��=��eԑ$�#s�z�Ki����J��D�?�>F��8k�Z(���;���)�[��b+�o�@�#2�L,����חL�<\��U���#����>13�p\��IQ)޽��@��p�,C��5�v8M%�NA	r7�ɀ�n��t
�'Ѕֲ��5+�bj��)�Ra�C�
\ No newline at end of file
diff --git a/secrets/passwd.age b/secrets/passwd.age
index 7d2a224..05ad906 100644
Binary files a/secrets/passwd.age and b/secrets/passwd.age differ
diff --git a/secrets/passwd_smbcilly.age b/secrets/passwd_smbcilly.age
new file mode 100644
index 0000000..41ad172
--- /dev/null
+++ b/secrets/passwd_smbcilly.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw CQaXT9/nw3NGD2/H/ctSQGXIoacgjfKQ24wkpEieLSQ
+i4xEXgWGQ7xgQyaDQQIeDuiCLjA6Le23qSnv8C1cbcI
+-> ssh-ed25519 U9FXlg GL4dCSCku/FA6ipb9XI1AxO4lhm2r/1lRAeqaGrB32o
++pPgqwnoPi3wJLobTimVMj0rng+XRapRG6jTYFXSsDM
+--- eVgn3ON19pqq+L832bqlbkHUQXdaTI+LfSL4bYfEdew
+�*�l\�W�!J7E/����"f@%\���[��j8fӶ��
\ No newline at end of file
diff --git a/secrets/passwd_smbkujira.age b/secrets/passwd_smbkujira.age
new file mode 100644
index 0000000..71b6bb8
--- /dev/null
+++ b/secrets/passwd_smbkujira.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw Kn+LPMoyOrVwI/nrGgnxgVA3D+tVY9Tccg/Yx/jL+E8
+IfWiSBh7KgNvgcHlcDzfdcB9nxm1zy12Ae7AGm39fdE
+-> ssh-ed25519 U9FXlg 6eIIGEIYDo02FBsgBnwbuOeR8t4xB6jSmLfIL73UCDg
+QOc0ddunQQcVEVD20DKKpn3wZWUSveFJSUTBnv+xnNk
+--- MjN2i0FNzbUpBGUDNgWGXrRsYl2gtsQX+JlzZV/fYdw
+T� <�R#d�Ć̎lLk�N���8�c�_N�)��T
\ No newline at end of file
diff --git a/secrets/slskd_env.age b/secrets/slskd_env.age
new file mode 100644
index 0000000..eded5d0
--- /dev/null
+++ b/secrets/slskd_env.age
@@ -0,0 +1,9 @@
+age-encryption.org/v1
+-> ssh-ed25519 ohyStA 3Do7MsCBX9ZgP6pIekvkRisFgF74jq2cKxrjUi2NlhM
+EdfLIUk40isfNBY4CKA0JjHc2RaCM/LJmvQJuue+aYs
+-> ssh-ed25519 bRFqeQ XcjdLy6CEELgdN133BkgTG0cUffU6N9nsapB3c9Swyc
++ILEkir7XMK/xLNrTs2R+pBoucIN7fVEBRZSZwBo7Fs
+-> ssh-ed25519 U9FXlg bqpdUcMN/bk7WlIruWmhj0hpFL/CliDHto/P/KaMdxk
+z6wKPbT1OAW7sDjeziwdqs6mf9Rk37xsU9pw4wYMOF4
+--- wNvTtQPOTxetOpazjBXo4fR3wPL7CVQq4R30gOj/qQw
+&P+�����S��y�=}��~1�C�����^.�?zL��H��R`akE��R��(4�R!�*l�!���A��~@VG����<��2��-K8H�Pu�2jS#WД�����l>@�a	.Mƞ���Hg[���$�Wˌ�[��"%N�,� rGN�mf�9F��k&~�OW�Z70���t�����?���eOf��A������z�,hq/�Z�&��Fy�5ɾ�BQw���/�"��J�S섘5�f}%B��PĮ�,
r�F`�Nm��n�C�Î��rJ���af� �i�?���0���pz�aV�[��y�j�X4��B>R,�tyO��IW!�(��n#�ܒj>�����58�9���d��0�����mi���%�t�C�R˄^I�r�M�")֙�S�&.)l�z�Өq����:�r���brE@�JǺsM����d��?�Sk
\ No newline at end of file
diff --git a/secrets/tailscale_auth.age b/secrets/tailscale_auth.age
new file mode 100644
index 0000000..be7af43
--- /dev/null
+++ b/secrets/tailscale_auth.age
@@ -0,0 +1,13 @@
+age-encryption.org/v1
+-> ssh-ed25519 kOMSPw judP6VmZDGErkHfUpCp3xTgJtWVmGv3/tZw3WGyhfhM
+10jxPIR6Qaf/iWLzbWOrFq9XBsm8OC3mcMrxEt+BYQ8
+-> ssh-ed25519 ohyStA Xc6TjSJYtJkK1VEauNJKn+RcTdwdkyJ0Sr+tbAJ8rGc
+vzQt4zMdktY5tNvfu9HsKBgJb52uM7x8bhF+WXwpWZ8
+-> ssh-ed25519 CUCjXQ r8WxaXpWtaBdMJ2ubaAwJ4ipSz/UtnMs0x3+eI8p0VU
+CdicUH7AE4E4XVHDAeYzQdsYMYA0sCLlt2P4eR24vvs
+-> ssh-ed25519 bRFqeQ E9sknPioO9leKqs8bFJDLrAMuRAJf0ZRyGMvy7O5wVA
+KX93oSqGHimM/PaeaoHq1aYVXGG1YsVMO2ihZaM8xVE
+-> ssh-ed25519 U9FXlg u7yG7cLylPUgu/Is4xx0BXVhX31vUtgStV5CYa8Cowg
+xAuGYZpMPVQpZYASXrMuqNE9wqqEG3kMLUNjLzPmL4g
+--- EoeqIMnX5tR3J51Cz2QEyjsgD/7h468bqjRmt3mOEjY
+��xHQ���)����k�)ĉB�~ە�֖Zv?����%lQx
OwZIs�ۄ�f4�D���ǔ�*�Otݳ�0.m[q�_[�����v���
\ No newline at end of file
diff --git a/secrets/warden_admin.age b/secrets/warden_admin.age
index ef48c4d..1c56924 100644
Binary files a/secrets/warden_admin.age and b/secrets/warden_admin.age differ
diff --git a/secrets/wg_anemone.age b/secrets/wg_anemone.age
new file mode 100644
index 0000000..3ed5b37
Binary files /dev/null and b/secrets/wg_anemone.age differ
diff --git a/secrets/wg_blossom.age b/secrets/wg_blossom.age
deleted file mode 100644
index f7f550e..0000000
--- a/secrets/wg_blossom.age
+++ /dev/null
@@ -1,8 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 CUCjXQ iM2w01v4y0Q3DVbpGtt6f3HiHMRw7Xr08JgTB6fe8x4
-WiBMVRZr1edBVfLAPAFT4GSEGoyn9jWzO92yysNM9Mo
--> ssh-ed25519 U9FXlg Bvlaqu4nEbjfBGgBFKDmD1cBbxH2+dyz1BHzegz1AS4
-+sf3rC0J2Ik1SNtpr52GxV6G6tzGLiwlvjXFWE3qrSw
---- yaZjH1jeXqPGiw1lIkH9uz6QJo/nM1lBezbpVlJDNUM
-��cg��j���"�
-U��"�^�����*��A��Dvl2�c�Rq).N�Lt�ZjCB��5��l^�0)�䥆.���
\ No newline at end of file
diff --git a/secrets/wg_caramel.age b/secrets/wg_caramel.age
index 37276ac..a85d63f 100644
--- a/secrets/wg_caramel.age
+++ b/secrets/wg_caramel.age
@@ -1,7 +1,6 @@
 age-encryption.org/v1
--> ssh-ed25519 krYeuQ vlK9Aa/Fhkj1jTAcccxKnSzj0jNfEoX5ymPhlaqIVSs
-Vb7lRsCmKM0Fvfb+NyNnNCjqCAQsndLNdA1nXFkiOrA
--> ssh-ed25519 U9FXlg H9ivqARf7cdfyBd4QnlqLiPNpfk2X/eK60K5//+7l1g
-oYgaHVWJ8xc+fmMTMvrXSt1DsVfbNF0z4V+N/C1vwXY
---- jtu3xxWFDWBtme5eM52EsMmOwKDss8EctnY7FpfQcI4
-��`��s�E��+XV�H�Gɯ�IZ�H{8��Ƣݙ���ۅ�o3c=9����B:gt������l	ё����vJ�>
+-> ssh-ed25519 U9FXlg VpFnvpTVZFSkKRpEgcmuT/WDLIP1ZySFLq2lRvrjq20
+7zQoSoIs1URmAYn2AdjvDTIY8GDYROcSxFq1bcl24Og
+--- iaQQUE1/Xj1vxto3d+Llyl6XGrSff5MGPxdCHW9EI40
+����Ʀ�`t��	�\� �
+b��peH���X�3�!�$�3]X�32�t~V�.=��>�$�x�B�KJ�AL:�DD�}5
\ No newline at end of file
diff --git a/secrets/wg_dandelion.age b/secrets/wg_dandelion.age
new file mode 100644
index 0000000..0229699
--- /dev/null
+++ b/secrets/wg_dandelion.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 bRFqeQ swv/p+w9+aytIkQ/6Yk1jouA+0M3rJabuiOz2rlpyAs
+wt+wnM1EEKAyDNefr9K4+DtZvHcOzz9Y1EBRFkA5Nv4
+-> ssh-ed25519 U9FXlg xxV/8JoorO4YWPbwSG7p306Pb2+aT10u9eNR69PhZAA
+rjOOuapa/h1tMYbdOc3Y/fPPzkNcYiamSk6rS/tbhtE
+--- UKvt/4aAyYHOk5bhAP55yxPhkxTE94/xEqIqpGF3yiE
+����5;_�E�DB�<k�J~��&�TD��z`/=t��ɲ�؈����;�y�)��%�LٕJ*@��
cx<;�ko��
\ No newline at end of file
diff --git a/secrets/wg_hazel.age b/secrets/wg_hazel.age
new file mode 100644
index 0000000..fa7fbb8
--- /dev/null
+++ b/secrets/wg_hazel.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 ZAcXHw eEKOjQqzqL9npB+C/wUahKJg58fedM6oxPKuKlMHpRo
+obx/pnoSM0uXYR7EC/yHYVs8gM/W74zoMijdWRpnYv8
+-> ssh-ed25519 U9FXlg o8QW/BHBKLHhahpcHf5ZrYIbCzilWVZvXr1nEChAqFM
+fgmtkUzJs2Oeq85JVl0HrHwBg/gjDQfzT5J+9Wyk8Kw
+--- yXs0fQOQfJ1NyPAPSr+1nm5/hVds5dhxW4WZagtMna0
+;�ǓוZ�I=Z��[�c�Ϗ7���&.�H�Fk��JUDN������i_N��TȊ�"��l�_G�o)f��s9&
\ No newline at end of file
diff --git a/secrets/wg_hyacinth.age b/secrets/wg_hyacinth.age
new file mode 100644
index 0000000..082940f
--- /dev/null
+++ b/secrets/wg_hyacinth.age
@@ -0,0 +1,7 @@
+age-encryption.org/v1
+-> ssh-ed25519 CUCjXQ ptHKlNvz+AmnB/Wt9XBBNyfOGeoPG5TbyrXv5993PDQ
+P0C17K+Kz8ocn0vzLf02aaYnxvRM/yjfRLMsBaJhsok
+-> ssh-ed25519 U9FXlg /M8ryJjXAdlWhvNHbQgKUxe/UtL7HqEs9RqNDQBW3SM
+p2d9OnOkU2Hx7+Kn+Z66qElFvczd3F4zVm5KXbOzYWY
+--- PVd8mrRk/t6qv/U32/AZk9YssRU1yn3CLPeyaEPBXi0
+��:�Dx[cyyۙc4�ɥ�/އ^�.��=�†�ȯo�G�VQdXf���^�@TRe���g���n����9UT�	
\ No newline at end of file
diff --git a/secrets/wg_sugarcane.age b/secrets/wg_sugarcane.age
deleted file mode 100644
index ef79954..0000000
--- a/secrets/wg_sugarcane.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 Hx37cw 6W7QYggFHAuAPxCBoTWdwSRxmJhtGHDgg3C2UJ73qgM
-Af4Gpj2kQsNWrMt4ZQ1ItmKsuSq7McE9Ckc9mAkotms
--> ssh-ed25519 U9FXlg +snitv62lCxu4sMz/iS8mz8I+5KUwtLO0jyAY1epr0s
-ePqUSmK3P3PVLo+IdWK3Gq+7b2kMkbJmpsyXqcWFAf8
---- oA8Y59o/iow4m2TjmFx5BvClendD1fpi2sRNtxnXz3Y
-�����(G��dm6��i����>�>�(~���B{b�3H��G�7֟[��qB:٬'���I��9���2Ѕ�J��d�}�
\ No newline at end of file
diff --git a/secrets/wpa_conf.age b/secrets/wpa_conf.age
index 17e93a9..555b594 100644
Binary files a/secrets/wpa_conf.age and b/secrets/wpa_conf.age differ
diff --git a/shells/cs/default.nix b/shells/cs/default.nix
deleted file mode 100644
index 8f7e42a..0000000
--- a/shells/cs/default.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-{
-  callPackage,
-  lib,
-  mkShell,
-  dotnetCorePackages
-}:
-mkShell {
-  nativeBuildInputs = [ (with dotnetCorePackages; combinePackages [ sdk_6_0 runtime_6_0 ]) ];
-  DOTNET_CLI_TELEMETRY_OPTOUT = 1;
-
-  passthru = {
-    osu = callPackage ./osu.nix {};
-  };
-}
diff --git a/shells/cs/osu.nix b/shells/cs/osu.nix
deleted file mode 100644
index cfaba27..0000000
--- a/shells/cs/osu.nix
+++ /dev/null
@@ -1,80 +0,0 @@
-# Flake for development on https://github.com/ppy/osu
-{
-  lib,
-  mkShell,
-  writeScript,
-  stdenv,
-  stdenvNoCC,
-
-  dotnetCorePackages,
-
-  alsa-lib,
-  ffmpeg_4,
-  icu,
-  lttng-ust,
-  numactl,
-  openssl,
-  SDL2
-}:
-let
-  baseBuild = "-f net5.0 -v minimal osu.Desktop -- $@";
-
-  deps = [
-    alsa-lib ffmpeg_4 icu lttng-ust numactl openssl SDL2 
-  ];
-
-  fixSdl = writeScript "osu-fixsdl" ''
-    ln -sft osu.Desktop/bin/Debug/net5.0/linux-x64/ ${SDL2}/lib/libSDL2${stdenv.hostPlatform.extensions.sharedLibrary}
-    ln -sft osu.Desktop/bin/Release/net5.0/linux-x64/ ${SDL2}/lib/libSDL2${stdenv.hostPlatform.extensions.sharedLibrary}
-  '';
-  buildScript = writeScript "osu-build" ''
-    rm -f osu.Desktop/bin/Debug/net5.0/linux-x64/libSDL2.so
-    dotnet build -c Debug -r linux-x64 ${baseBuild} && ${fixSdl}
-  '';
-  buildReleaseScript = writeScript "osu-build-rel" ''
-    rm -f osu.Desktop/bin/Release/net5.0/linux-x64/libSDL2.so
-    dotnet build -c Release -r linux-x64 /property:Version=$OSU_VERSION ${baseBuild} && ${fixSdl}
-  '';
-  publishScript = writeScript "osu-publish" ''
-    rm -f osu.Desktop/bin/Release/net5.0/linux-x64/libSDL2.so
-    dotnet publish -c Release -r linux-x64 --self-contained false ${baseBuild} && ${fixSdl}
-  '';
-  publishWinScript = writeScript "osu-publish-win" ''
-    dotnet publish -c Release -r win-x64 --self-contained false -o build-win ${baseBuild}
-  '';
-  runScript = writeScript "osu-run" ''
-    ${buildScript} && dotnet run --no-build -c Debug -f net5.0 -r linux-x64 -p osu.Desktop -v minimal -- $@
-  '';
-  runReleaseScript = writeScript "osu-run-rel" ''
-    ${buildReleaseScript} && dotnet run --no-build -c Release -f net5.0 -r linux-x64 -p osu.Desktop -v minimal -- $@
-  '';
-
-  scripts = stdenvNoCC.mkDerivation {
-    pname = "osu-scripts";
-    version = "1.0.0";
-    dontUnpack = true;
-    installPhase = ''
-      mkdir $out
-      cp ${fixSdl} $out/osu-fixsdl
-      cp ${buildScript} $out/osu-build
-      cp ${buildReleaseScript} $out/osu-build-rel
-      cp ${publishScript} $out/osu-publish
-      cp ${publishWinScript} $out/osu-publish-win
-      cp ${runScript} $out/osu-run
-      cp ${runReleaseScript} $out/osu-run-rel
-    '';
-  };
-in mkShell {
-  nativeBuildInputs = [
-    icu
-
-    (with dotnetCorePackages; combinePackages [ sdk_5_0 runtime_5_0 ])
-  ];
-
-  DOTNET_CLI_TELEMETRY_OPTOUT = 1;
-  DRI_PRIME = 1;
-  LD_LIBRARY_PATH = lib.makeLibraryPath deps;
-  shellHook = ''
-    export PATH="${scripts}:$PATH"
-  '';
-}
diff --git a/shells/default.nix b/shells/default.nix
deleted file mode 100644
index d4a08da..0000000
--- a/shells/default.nix
+++ /dev/null
@@ -1,7 +0,0 @@
-{ callPackage, inputs }: {
-  cs = callPackage ./cs {};
-  flutter = callPackage ./flutter {};
-  js = callPackage ./js {};
-  php = callPackage ./php {};
-  rust = callPackage ./rust { inherit inputs; };
-}
diff --git a/shells/flutter/default.nix b/shells/flutter/default.nix
deleted file mode 100644
index 0f49c4d..0000000
--- a/shells/flutter/default.nix
+++ /dev/null
@@ -1,53 +0,0 @@
-{
-  lib,
-  mkShell,
-
-  flutter,
-  clang,
-  cmake,
-  ninja,
-  pkg-config,
-
-  atk,
-  cairo,
-  gdk-pixbuf,
-  glib,
-  gtk3,
-  harfbuzz,
-  libGL,
-  pango,
-  wayland,
-  xorg,
-}:
-let
-  makeIncludePath = lib.makeSearchPathOutput "include" "include";
-
-  includePath = makeIncludePath [
-    xorg.xorgproto
-    xorg.libX11.dev
-  ];
-in mkShell {
-  nativeBuildInputs = [
-    flutter
-    clang
-    cmake
-    ninja
-    pkg-config
-  ];
-
-  C_INCLUDE_PATH = includePath;
-  CPLUS_INCLUDE_PATH = includePath;
-
-  LD_LIBRARY_PATH = lib.makeLibraryPath "/lib" [
-    atk
-    cairo
-    gdk-pixbuf
-    glib
-    gtk3
-    harfbuzz
-    libGL
-    pango
-    wayland
-    xorg.libX11
-  ];
-}
diff --git a/shells/js/default.nix b/shells/js/default.nix
deleted file mode 100644
index a8e7610..0000000
--- a/shells/js/default.nix
+++ /dev/null
@@ -1,19 +0,0 @@
-{
-  mkShell,
-
-  nodejs-18_x,
-  nodePackages,
-  watchman
-}:
-mkShell {
-  buildInputs = [
-    nodejs-18_x
-    watchman
-
-    nodePackages.pnpm
-  ];
-
-  shellHook = ''
-    export PATH="$(readlink -f ./node_modules/.bin):$PATH"
-  '';
-}
diff --git a/shells/php/default.nix b/shells/php/default.nix
deleted file mode 100644
index f0777dd..0000000
--- a/shells/php/default.nix
+++ /dev/null
@@ -1,16 +0,0 @@
-{
-  callPackage,
-  mkShell,
-  php80,
-  php80Packages,
-}:
-mkShell {
-  buildInputs = [
-    php80
-    php80Packages.composer
-  ];
-
-  passthru = {
-    osu-web = callPackage ./osu-web.nix {};
-  };
-}
diff --git a/shells/php/osu-web.nix b/shells/php/osu-web.nix
deleted file mode 100644
index 582979b..0000000
--- a/shells/php/osu-web.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-# Flake for development on https://github.com/ppy/osu-web
-{
-  mkShell,
-  nodejs-14_x,
-  nodePackages,
-  php80,
-  php80Packages,
-  python3
-}:
-let
-  phpPkg = php80.withExtensions ({ enabled, all }:
-    enabled ++ [ all.intl all.redis ]
-  );
-in mkShell {
-  buildInputs = [
-    nodejs-14_x
-    nodePackages.yarn
-    phpPkg
-    php80Packages.composer
-    python3
-  ];
-
-  shellHook = ''
-    export PATH="$(readlink -f ./node_modules/.bin):$PATH"
-  '';
-}
diff --git a/shells/rust/default.nix b/shells/rust/default.nix
deleted file mode 100644
index 65f1877..0000000
--- a/shells/rust/default.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  inputs,
-  mkShell,
-
-  pkg-config
-}:
-let
-  overlays = [ (import inputs.rust-overlay) ];
-  pkgs = import inputs.nixpkgs {
-    inherit system overlays;
-  };
-
-  toolchain = pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain;
-
-  rustPlatform = pkgs.makeRustPlatform {
-    inherit (toolchain) cargo rustc;
-  };
-in mkShell {
-  nativeBuildInputs = [
-    toolchain
-    pkg-config
-  ];
-
-  RUST_SRC_PATH = "${pkgs.rust.packages.stable.rustPlatform.rustLibSrc}";
-}
diff --git a/update.sh b/update.sh
new file mode 100755
index 0000000..6167e8c
--- /dev/null
+++ b/update.sh
@@ -0,0 +1,32 @@
+#!/usr/bin/env -S nix shell 'nixpkgs#git' 'nixpkgs#curl' -c bash
+
+update_kernel() {
+    previous_ver=$(cat packages/linux-lava/sources.nix | grep "version =" | sed --expression='s/[^0-9.]//g')
+    kernel_ver=$(curl -s https://www.kernel.org/finger_banner | grep -m1 stable | awk '{print $NF}')
+
+    if [ "$previous_ver" = "$kernel_ver" ]; then
+        return
+    fi
+
+    kernel_major=$(cut -d '.' -f 1 <<< "$kernel_ver")
+    kernel_mmver=$(cut -d '.' -f 1,2 <<< "$kernel_ver")
+
+    hash_mm=$(nix-prefetch-url "https://cdn.kernel.org/pub/linux/kernel/v${kernel_major}.x/linux-${kernel_mmver}.tar.xz")
+    hash_patch=$(nix-prefetch-url "https://cdn.kernel.org/pub/linux/kernel/v${kernel_major}.x/patch-${kernel_ver}.xz")
+
+    sed -i "/version =/c\  version = \"${kernel_ver}\";" packages/linux-lava/sources.nix
+    sed -i "/kernelHash =/c\  kernelHash = \"${hash_mm}\";" packages/linux-lava/sources.nix
+    sed -i "/kernelPatchHash =/c\  kernelPatchHash = \"${hash_patch}\";" packages/linux-lava/sources.nix
+
+    git add packages/linux-lava/sources.nix
+    git commit -m "packages/linux-lava: bump to ${kernel_ver}"
+}
+
+bump_inputs() {
+    nix flake update
+    git add flake.lock
+    git commit -m "flake: bump inputs"
+}
+
+bump_inputs
+update_kernel
diff --git a/users/hana/default.nix b/users/hana/default.nix
index 482323f..69558ea 100644
--- a/users/hana/default.nix
+++ b/users/hana/default.nix
@@ -1,4 +1,5 @@
 { config, lib, modules, pkgs, ... }: {
+  programs.nh.flake = "/persist/hana/flakes";
   programs.zsh.enable = true;
   users.users.hana = {
     isNormalUser = true;
@@ -7,19 +8,21 @@
     uid = 1002;
     hashedPassword = "$y$j9T$3xCNDudmfrIu5VfQQoDkj/$ugzJWq0gORN9jnhDsREu31CkL3zwniQu6KoLbmg6Wr/";
     openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPru5eTBvHJ4ZmrrzPRHCGM09wQP/ZHSaKYalDuBVO15 rin@blossom"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ5l9t8dc6mPsKKYqZlPKvhOdyqz+DS5UOcvHuh3uVGt @strawberry"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPru5eTBvHJ4ZmrrzPRHCGM09wQP/ZHSaKYalDuBVO15 rin@anemone"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILhP8yi/CdACtql3I4j0xI+r0KV4AVCb265Bd/RTFBu4 hana@dandelion"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ5l9t8dc6mPsKKYqZlPKvhOdyqz+DS5UOcvHuh3uVGt cilly@hibiscus"
     ];
   };
 
-  home-manager.users.hana = { config, enableGUI, lib, pkgs, ... }: {
+  home-manager.users.hana = { config, lib, pkgs, ... }: {
     home = {
       username = "hana";
       homeDirectory = "/home/hana";
-      stateVersion = "23.11";
+      stateVersion = "24.11";
     };
 
     imports = with modules.user; [
+      comma
       direnv
       git
       neovim-minimal
diff --git a/users/rin/default.nix b/users/rin/default.nix
index 78bdd09..a70d716 100644
--- a/users/rin/default.nix
+++ b/users/rin/default.nix
@@ -1,13 +1,14 @@
-{ config, lib, modules, pkgs, ... }: {
+{ config, modules, pkgs, ... }: {
+  programs.nh.flake = "/home/rin/Projects/flakes";
   programs.zsh.enable = true;
   users.users.rin = {
     isNormalUser = true;
-    extraGroups = [ "adbusers" "audio" "corectrl" "libvirtd" "networkmanager" "video" "wheel" ];
+    extraGroups = [ "adbusers" "audio" "corectrl" "dialout" "docker" "libvirtd" "networkmanager" "video" "wheel" "wireshark" ];
     shell = pkgs.zsh;
     uid = 1001;
-    passwordFile = config.age.secrets.passwd.path;
+    hashedPasswordFile = config.age.secrets.passwd.path;
   };
-  home-manager.users.rin = { config, enableGUI, lib, pkgs, ... }: {
+  home-manager.users.rin = { config, lib, pkgs, ... }: {
     home = {
       username = "rin";
       homeDirectory = "/home/rin";
@@ -19,27 +20,35 @@
       ./packages.nix
       sessionVariables
 
+      catppuccin
+      comma
       direnv
       git
       gpg
       neovim
       npm
-      pass
       zsh
-    ] ++ lib.optionals enableGUI [
+    # HACK: include all gui for now due to infinite recursion (inability to dynamically control imports)
+    # ] ++ lib.optionals config.me.gui [
+    ] ++ [
       theming
       xdg
 
+      hypridle
+      hyprlock
       kitty
       mpv
       obs
-      rofi-wayland
+      rofi
 
       dunst
-      eww-wayland
+      eww
+
+      spicetify
     ];
 
     services.mpris-proxy.enable = true;
+    home.packages = [ pkgs.wl-clipboard ];
 
     home.file.".local/bin/ipc-bridge.exe".source = builtins.fetchurl {
       url = "https://github.com/0e4ef622/wine-discord-ipc-bridge/releases/download/v0.0.1/winediscordipcbridge.exe";
diff --git a/users/rin/packages.nix b/users/rin/packages.nix
index 2dd65a1..3fe0129 100644
--- a/users/rin/packages.nix
+++ b/users/rin/packages.nix
@@ -1,64 +1,70 @@
-{ config, enableGUI, inputs, pkgs, ... }: {
+{ config, inputs, pkgs, ... }:
+let
+  dotnet-combined = (with pkgs.dotnetCorePackages; combinePackages [
+      dotnet_10.sdk
+      aspnetcore_10_0-bin
+  ]);
+in {
   programs.firefox = {
     enable = true;
-    package = pkgs.firefox.override { extraNativeMessagingHosts = [ pkgs.passff-host ]; };
+    nativeMessagingHosts = [];
   };
 
   home.packages = with pkgs; [
     dconf
-    fd
     ffmpeg
     gnupg
     kitty
-    nodejs-18_x
+    nodejs_latest
     pamixer
-    qmk
-    ripgrep
-    rnix-lsp
+    pnpm
     unrar
-    weechat
     yt-dlp
-
-    nodePackages_latest.pnpm
-  ] ++ lib.optionals enableGUI [
-    discord-canary
-    element-desktop
+  ] ++ lib.optionals (config.me.environment == "desktop") [
+    krita
+    lutris
+    mangohud
+    inputs.nix-gaming.packages.x86_64-linux.osu-lazer-bin
+    qmk
+    tetrio-desktop
+    tor-browser
+    virt-manager
+    winetricks
+  ] ++ lib.optionals config.me.gui [
+    android-studio
+    brightnessctl
+    drawio
+    evince
     eww
     feh
+    feishin
+    file-roller
     gamescope
-    gimp
-    gnome.file-roller
-    gnome.zenity
+    gimp3
     grim
-    #kotatogram-desktop
-    krita
     lm_sensors
-    lutris
-    insomnia
     maim
-    mangohud
-    me.tetrio-desktop-plus
-    inputs.nix-gaming.packages.x86_64-linux.osu-lazer-bin
-    #inputs.nix-gaming.packages.x86_64-linux.wine-osu
+    me.psensor
+    obsidian
     pavucontrol
-    prismlauncher
-    psensor
+    (prismlauncher.override {
+      jdks = [
+        jdk21
+        temurin-bin-25
+      ];
+    })
     qbittorrent
     rivalcfg
     screenkey
     slurp
     swaybg
-    tor-browser-bundle-bin
+    texliveFull
     transmission-remote-gtk
-    virt-manager
-    winetricks
-    (vscode-with-extensions.override {
-      vscodeExtensions = with vscode-extensions; [
-        ms-vsliveshare.vsliveshare
-        vscodevim.vim
-    ];
-    })
-    xclip
-    xorg.xgamma
+    vesktop
+    zathura
+    zenity
+
+    (vscode.fhsWithPackages (_: [ dotnet-combined ]))
+    dotnet-combined
   ];
 }
diff --git a/users/rin/powercordMediaKeyPatchPatch.patch b/users/rin/powercordMediaKeyPatchPatch.patch
deleted file mode 100644
index d43290c..0000000
--- a/users/rin/powercordMediaKeyPatchPatch.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --git a/src/patcher.js b/src/patcher.js
-index d1609554029..780740d7423 100644
---- a/src/patcher.js
-+++ b/src/patcher.js
-@@ -22,7 +22,8 @@ console.log('Hello from Powercord!');
- 
- let disableMediaHandling = false;
- try {
--  settings = require(join(__dirname, '../settings/pc-general.json'));
-+  const { SETTINGS_FOLDER } = require('./fake_node_modules/powercord/constants');
-+  settings = require(join(SETTINGS_FOLDER, 'pc-general.json'));
-   disableMediaHandling = settings.disableMediaHandling;
- } catch (e) {}
-