wiiiiips

clan.nix

@@ -1,7 +1,4 @@
 {
-  baseNixosModules,
-  lib,
-}: {
   meta = {
     name = "arda";
     domain = "arda";
@@ -11,60 +8,60 @@
   directory = ./.;
 
   inventory.machines = {
-    aule = {
+    # aule = {
-      name = "aule";
+    #   name = "aule";
-      description = "Planned build server.";
+    #   description = "Planned build server.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = ["planned" "build"];
+    #   tags = ["planned" "build"];
-    };
+    # };
-    mandos = {
+    # mandos = {
-      name = "mandos";
+    #   name = "mandos";
-      description = "Living room Steam box.";
+    #   description = "Living room Steam box.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = ["gaming" "living-room"];
+    #   tags = ["gaming" "living-room"];
-    };
+    # };
-    manwe = {
+    # manwe = {
-      name = "manwe";
+    #   name = "manwe";
-      description = "Main desktop.";
+    #   description = "Main desktop.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = ["desktop"];
+    #   tags = ["desktop"];
-    };
+    # };
-    melkor = {
+    # melkor = {
-      name = "melkor";
+    #   name = "melkor";
-      description = "Planned machine with no defined role yet.";
+    #   description = "Planned machine with no defined role yet.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = [];
+    #   tags = [];
-    };
+    # };
-    orome = {
+    # orome = {
-      name = "orome";
+    #   name = "orome";
-      description = "Work laptop.";
+    #   description = "Work laptop.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = ["laptop" "work"];
+    #   tags = ["laptop" "work"];
-    };
+    # };
-    tulkas = {
+    # tulkas = {
-      name = "tulkas";
+    #   name = "tulkas";
-      description = "Steam Deck.";
+    #   description = "Steam Deck.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = ["gaming" "handheld"];
+    #   tags = ["gaming" "handheld"];
-    };
+    # };
     ulmo = {
       name = "ulmo";
       description = "Primary self-hosted services machine.";
       machineClass = "nixos";
       tags = ["server" "services"];
     };
-    varda = {
+    # varda = {
-      name = "varda";
+    #   name = "varda";
-      description = "Planned machine with no defined role yet.";
+    #   description = "Planned machine with no defined role yet.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = [];
+    #   tags = [];
-    };
+    # };
-    yavanna = {
+    # yavanna = {
-      name = "yavanna";
+    #   name = "yavanna";
-      description = "Planned machine with no defined role yet.";
+    #   description = "Planned machine with no defined role yet.";
-      machineClass = "nixos";
+    #   machineClass = "nixos";
-      tags = [];
+    #   tags = [];
-    };
+    # };
   };
 
   inventory.instances = {
@@ -79,7 +76,7 @@
 
       roles.default.settings = {
         user = "chris";
-        groups = [ "wheel" ];
+        groups = ["wheel"];
         prompt = true;
         share = true;
       };
@@ -87,53 +84,10 @@
   };
 
   machines = {
-    mandos = {
+    # mandos = {};
-      imports = baseNixosModules ++ [
+    # manwe = {};
-        {
+    # orome = {};
-          networking.hostName = lib.mkDefault "mandos";
+    # tulkas = {};
-        }
+    ulmo = {};
-        ./machines/mandos/configuration.nix
-        ./users/chris/mandos.nix
-      ];
-    };
-
-    manwe = {
-      imports = baseNixosModules ++ [
-        {
-          networking.hostName = lib.mkDefault "manwe";
-        }
-        ./machines/manwe/configuration.nix
-        ./users/chris/manwe.nix
-      ];
-    };
-
-    orome = {
-      imports = baseNixosModules ++ [
-        {
-          networking.hostName = lib.mkDefault "orome";
-        }
-        ./machines/orome/configuration.nix
-        ./users/chris/orome.nix
-      ];
-    };
-
-    tulkas = {
-      imports = baseNixosModules ++ [
-        {
-          networking.hostName = lib.mkDefault "tulkas";
-        }
-        ./machines/tulkas/configuration.nix
-        ./users/chris/tulkas.nix
-      ];
-    };
-
-    ulmo = {
-      imports = baseNixosModules ++ [
-        {
-          networking.hostName = lib.mkDefault "ulmo";
-        }
-        ./machines/ulmo/configuration.nix
-      ];
-    };
   };
 }

flake.lock

@@ -184,11 +184,11 @@
         "rust-analyzer-src": "rust-analyzer-src"
       },
       "locked": {
-        "lastModified": 1774250935,
+        "lastModified": 1774423251,
-        "narHash": "sha256-mWID0WFgTnd9hbEeaPNX+YYWF70JN3r7zBouEqERJOE=",
+        "narHash": "sha256-g/PP8G9WcP4vtZVOBNYwfGxLnwLQoTERHnef8irAMeQ=",
         "owner": "nix-community",
         "repo": "fenix",
-        "rev": "64d7705e8c37d650cfb1aa99c24a8ce46597f29e",
+        "rev": "b70d7535088cd8a9e4322c372a475f66ffa18adf",
         "type": "github"
       },
       "original": {
@@ -445,11 +445,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1773992301,
+        "lastModified": 1774387289,
-        "narHash": "sha256-lm1qy9P463cblBAFC2g8VaALR1Gje1oyYXCPtiEumus=",
+        "narHash": "sha256-Z/0IfVHrb0lEdv1WcHEe/ni4utBMR2GXZIktzYcTDSU=",
         "owner": "himmelblau-idm",
         "repo": "himmelblau",
-        "rev": "fcb8966990c24f97fe224fa0c8977fe730d4cf50",
+        "rev": "b2eccc7cb188253e49bffdddd743d01f52ab9625",
         "type": "github"
       },
       "original": {
@@ -465,11 +465,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774210133,
+        "lastModified": 1774379316,
-        "narHash": "sha256-yeiWCY9aAUUJ3ebMVjs0UZXRnT5x90MCtpbpOWiXrvM=",
+        "narHash": "sha256-0nGNxWDUH2Hzlj/R3Zf4FEK6fsFNB/dvewuboSRZqiI=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "c6fe2944ad9f2444b2d767c4a5edee7c166e8a95",
+        "rev": "1eb0549a1ab3fe3f5acf86668249be15fa0e64f7",
         "type": "github"
       },
       "original": {
@@ -499,6 +499,21 @@
         "type": "github"
       }
     },
+    "import-tree": {
+      "locked": {
+        "lastModified": 1773693634,
+        "narHash": "sha256-BtZ2dtkBdSUnFPPFc+n0kcMbgaTxzFNPv2iaO326Ffg=",
+        "owner": "vic",
+        "repo": "import-tree",
+        "rev": "c41e7d58045f9057880b0d85e1152d6a4430dbf1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "vic",
+        "repo": "import-tree",
+        "type": "github"
+      }
+    },
     "jovian": {
       "inputs": {
         "nix-github-actions": "nix-github-actions",
@@ -507,11 +522,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774168156,
+        "lastModified": 1774333446,
-        "narHash": "sha256-+pwZSARdlM2RQQ6V0q76+WMKW9aNIcxkSOIThcz/f0A=",
+        "narHash": "sha256-jeAUd4mfLle7Zw8F3lDdXvw2cmeP3FgVphHq2XuEKbs=",
         "owner": "Jovian-Experiments",
         "repo": "Jovian-NixOS",
-        "rev": "939caad56508542d0f19cab963e2bc693f5f2831",
+        "rev": "79b45622eff2ae0437d7a712610044bbc7b87fa2",
         "type": "github"
       },
       "original": {
@@ -645,11 +660,11 @@
         "systems": "systems_2"
       },
       "locked": {
-        "lastModified": 1774060651,
+        "lastModified": 1774407052,
-        "narHash": "sha256-sZiam+rmNcOZGnlbnqDD9oTwfMdQUM+uQmFqqSoe194=",
+        "narHash": "sha256-rUkn7Bo3PAlpcZl8+0FDsTwFyDwvS4xwMT9+RJ+XJoE=",
         "owner": "Infinidoge",
         "repo": "nix-minecraft",
-        "rev": "46727bd27d32d63069ed26a690554373ae2b4702",
+        "rev": "70daf1f48885f0b4a70797076cd2ff5d9139b46e",
         "type": "github"
       },
       "original": {
@@ -752,11 +767,11 @@
     },
     "nixpkgs_5": {
       "locked": {
-        "lastModified": 1774259547,
+        "lastModified": 1774449288,
-        "narHash": "sha256-5EQ1TL+R/tcsoGas1oALp5Tj2ACfSul+pfrrxP72xC0=",
+        "narHash": "sha256-ukB6NS45Oi62fQM4RpZfx3dpqxIu66ADCCFl6h72Fjo=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "b3f8d82c4c685fb6f3080745dab8f07606ae50d3",
+        "rev": "cd0256cd8c537170cf24827fa821efb57aed9f40",
         "type": "github"
       },
       "original": {
@@ -816,11 +831,11 @@
     },
     "nixpkgs_9": {
       "locked": {
-        "lastModified": 1774273680,
+        "lastModified": 1773840656,
-        "narHash": "sha256-a++tZ1RQsDb1I0NHrFwdGuRlR5TORvCEUksM459wKUA=",
+        "narHash": "sha256-9tpvMGFteZnd3gRQZFlRCohVpqooygFuy9yjuyRL2C0=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "fdc7b8f7b30fdbedec91b71ed82f36e1637483ed",
+        "rev": "9cf7092bdd603554bd8b63c216e8943cf9b12512",
         "type": "github"
       },
       "original": {
@@ -865,11 +880,11 @@
         "systems": "systems_3"
       },
       "locked": {
-        "lastModified": 1774224548,
+        "lastModified": 1774375131,
-        "narHash": "sha256-g45WZAZHNc7wJBkK4IdB5dq0Bh0JE7G0gcY2H5DFi44=",
+        "narHash": "sha256-d22VIgsDXagQQWnAnebYeQWGHlmF81YRwuGCzAgNZAQ=",
         "owner": "notashelf",
         "repo": "nvf",
-        "rev": "edfb73fa4ced576f587d259a70a513b4152f8cea",
+        "rev": "d847d401bea4dcb1478d02a61a3209fa8512f71d",
         "type": "github"
       },
       "original": {
@@ -911,6 +926,7 @@
         "grub2-themes": "grub2-themes",
         "himmelblau": "himmelblau",
         "home-manager": "home-manager",
+        "import-tree": "import-tree",
         "jovian": "jovian",
         "mydia": "mydia",
         "nix-minecraft": "nix-minecraft",
@@ -922,6 +938,7 @@
         "plasma-manager": "plasma-manager",
         "sops-nix": "sops-nix_2",
         "stylix": "stylix",
+        "systems": "systems_5",
         "terranix": "terranix",
         "zen-browser": "zen-browser"
       }
@@ -929,11 +946,11 @@
     "rust-analyzer-src": {
       "flake": false,
       "locked": {
-        "lastModified": 1774221325,
+        "lastModified": 1774376228,
-        "narHash": "sha256-aEIdkqB8gtQZtEbogdUb5iyfcZpKIlD3FkG8ANu73/I=",
+        "narHash": "sha256-7oA0u4aghFjjIcIDKZ26NUpXH7hVXGPC0sI1OfK7NUk=",
         "owner": "rust-lang",
         "repo": "rust-analyzer",
-        "rev": "b42b63f390a4dab14e6efa34a70e67f5b087cc62",
+        "rev": "eabb84b771420b8396ab4bb4747694302d9be277",
         "type": "github"
       },
       "original": {
@@ -969,11 +986,11 @@
         "nixpkgs": "nixpkgs_9"
       },
       "locked": {
-        "lastModified": 1774154798,
+        "lastModified": 1774303811,
-        "narHash": "sha256-zsTuloDSdKf+PrI1MsWx5z/cyGEJ8P3eERtAfdP8Bmg=",
+        "narHash": "sha256-fhG4JAcLgjKwt+XHbjs8brpWnyKUfU4LikLm3s0Q/ic=",
         "owner": "Mic92",
         "repo": "sops-nix",
-        "rev": "3e0d543e6ba6c0c48117a81614e90c6d8c425170",
+        "rev": "614e256310e0a4f8a9ccae3fa80c11844fba7042",
         "type": "github"
       },
       "original": {
@@ -1089,13 +1106,28 @@
         "type": "github"
       }
     },
+    "systems_6": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "terranix": {
       "inputs": {
         "flake-parts": "flake-parts_5",
         "nixpkgs": [
           "nixpkgs"
         ],
-        "systems": "systems_5"
+        "systems": "systems_6"
       },
       "locked": {
         "lastModified": 1773700838,
@@ -1221,11 +1253,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1774242250,
+        "lastModified": 1774352774,
-        "narHash": "sha256-pchbnY7KVnH26g4O3LZO8vpshInqNj937gAqlPob1Mk=",
+        "narHash": "sha256-gibUM0pSnLxEeuFrYA8T1oEaixk+fjQpqXbYaxcEX/4=",
         "owner": "0xc000022070",
         "repo": "zen-browser-flake",
-        "rev": "f19c3e6683c2d2f3fcfcb88fb691931a104bc47c",
+        "rev": "a0f3d47dbd8f8618a1920d5a5ca09b7993415895",
         "type": "github"
       },
       "original": {

flake.nix

@@ -1,11 +1,17 @@
 {
   description = "Nixos config flake";
 
+  nixConfig = {
+    warn-dirty = false;
+    extra-experimental-features = ["nix-command" "flakes" "pipe-operators"];
+  };
+
   inputs = {
     flake-parts = {
       url = "github:hercules-ci/flake-parts";
       inputs.nixpkgs-lib.follows = "clan-core/nixpkgs";
     };
+    import-tree.url = "github:vic/import-tree";
 
     clan-core = {
       url = "https://git.clan.lol/clan/clan-core/archive/main.tar.gz";
@@ -13,6 +19,7 @@
     };
 
     nixpkgs.follows = "clan-core/nixpkgs";
+    systems.url = "github:nix-systems/default";
 
     home-manager = {
       url = "github:nix-community/home-manager";
@@ -25,21 +32,9 @@
       inputs.home-manager.follows = "home-manager";
     };
 
-    # Legacy ISO flow removed in favor of Clan install workflows.
-    # nixos-generators = {
-    #   url = "github:nix-community/nixos-generators";
-    #   inputs.nixpkgs.follows = "nixpkgs";
-    # };
-
     # neovim
     nvf.url = "github:notashelf/nvf";
 
-    # Unused input retained as a comment for easy recovery.
-    # nixos-boot.url = "github:Melkor333/nixos-boot";
-
-    # Unused input retained as a comment for easy recovery.
-    # firefox.url = "github:nix-community/flake-firefox-nightly";
-
     stylix.url = "github:nix-community/stylix";
 
     # Rust toolchain
@@ -78,15 +73,6 @@
       url = "github:vinceliuice/grub2-themes";
     };
 
-    # Unused input retained as a comment for easy recovery.
-    # nixos-wsl = {
-    #   url = "github:nix-community/nixos-wsl";
-    #   inputs = {
-    #     nixpkgs.follows = "nixpkgs";
-    #     flake-compat.follows = "";
-    #   };
-    # };
-
     terranix = {
       url = "github:terranix/terranix";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -98,23 +84,41 @@
     };
   };
 
-  outputs = inputs@{flake-parts, ...}:
+  outputs = inputs @ {
+    flake-parts,
+    nixpkgs,
+    systems,
+    ...
+  }:
     flake-parts.lib.mkFlake {inherit inputs;} {
-      systems = [
+      systems = import systems;
-        "x86_64-linux"
+      clan = import ./clan.nix;
-        "aarch64-linux"
+
-        "x86_64-darwin"
+      imports = with inputs; [
-        "aarch64-darwin"
+        flake-parts.flakeModules.modules
+        clan-core.flakeModules.default
       ];
 
-      imports = [
+      perSystem = {system, ...}: {
-        inputs.clan-core.flakeModules.default
+        _module.args = {
-        inputs.home-manager.flakeModules.home-manager
+          pkgs = import nixpkgs {
-        ./lib/default.nix
+            inherit system;
-        ./machines/default.nix
+
-        ./packages/default.nix
+            overlays = with inputs; [
-        ./shells/default/default.nix
+              fenix.overlays.default
-        ./users/default.nix
+              nix-minecraft.overlay
-      ];
+              flux.overlays.default
+            ];
+
+            config = {
+              allowUnfree = true;
+              permittedInsecurePackages = [
+                # I think this is because of zen
+                "qtwebengine-5.15.19"
+              ];
+            };
+          };
+        };
+      };
     };
 }

lib/default.nix

@@ -7,34 +7,6 @@
   inherit (lib) mkOption types;
   namespace = "sneeuwvlok";
 
-  channelConfig = {
-    allowUnfree = true;
-    permittedInsecurePackages = [
-      # Due to *arr stack
-      "dotnet-sdk-6.0.428"
-      "aspnetcore-runtime-6.0.36"
-
-      # I think this is because of zen
-      "qtwebengine-5.15.19"
-
-      # For Nheko, the matrix client
-      "olm-3.2.16"
-    ];
-  };
-
-  systemOverlays = with inputs; [
-    fenix.overlays.default
-    nix-minecraft.overlay
-    flux.overlays.default
-  ];
-
-  mkPkgs = system:
-    import inputs.nixpkgs {
-      inherit system;
-      overlays = systemOverlays;
-      config = channelConfig;
-    };
-
   sharedContext = {
     inherit inputs namespace;
     erosanixLib = inputs.erosanix.lib;
@@ -54,11 +26,6 @@
       inputs.nvf.nixosModules.default
       inputs.sops-nix.nixosModules.sops
       {
-        nixpkgs = {
-          config = channelConfig;
-          overlays = systemOverlays;
-        };
-
         home-manager = {
           useGlobalPkgs = true;
           useUserPackages = true;
@@ -67,7 +34,7 @@
         };
       }
     ]
-    ++ [ ../modules/nixos ];
+    ++ [../modules/nixos];
 in {
   imports = [
     ./options

machines/ulmo/configuration.nix

@@ -1,276 +1,301 @@
-{...}: {
+{
+  pkgs,
+  inputs,
+  ...
+}: {
   imports = [
     ./disks.nix
     ./hardware.nix
+    ../../modules/nixos
   ];
 
+  sneeuwvlok.application.steam.enable = true;
+
   nixpkgs.hostPlatform = "x86_64-linux";
+  system.stateVersion = "23.11";
 
-  networking = {
+  boot = {
-    interfaces.enp2s0 = {
+    kernelPackages = pkgs.linuxPackages_latest;
-      ipv6.addresses = [
-        {
-          address = "2a0d:6e00:1dc9:0::dead:beef";
-          prefixLength = 64;
-        }
-      ];
 
-      useDHCP = true;
+    loader = {
+      systemd-boot.enable = false;
+      efi.canTouchEfiVariables = true;
+      grub = {
+        enable = true;
+        efiSupport = true;
+        efiInstallAsRemovable = false;
+        device = "nodev"; # INFO: https://discourse.nixos.org/t/question-about-grub-and-nodev
+      };
     };
 
-    defaultGateway = {
+    supportedFilesystems = ["nfs"];
-      address = "192.168.1.1";
-      interface = "enp2s0";
-    };
-
-    defaultGateway6 = {
-      address = "fe80::1";
-      interface = "enp2s0";
-    };
   };
 
-  # virtualisation = {
+  # sneeuwvlok.application.steam.enable = true;
-  #   containers.enable = true;
+
-  #   podman = {
+  # networking = {
-  #     enable = true;
+  #   interfaces.enp2s0 = {
-  #     dockerCompat = true;
+  #     ipv6.addresses = [
+  #       {
+  #         address = "2a0d:6e00:1dc9:0::dead:beef";
+  #         prefixLength = 64;
+  #       }
+  #     ];
+
+  #     useDHCP = true;
   #   };
 
-  #   oci-containers = {
+  #   defaultGateway = {
-  #     backend = "podman";
+  #     address = "192.168.1.1";
-  #     containers = {
+  #     interface = "enp2s0";
-  #       homey = {
+  #   };
-  #         image = "ghcr.io/athombv/homey-shs:latest";
+
-  #         autoStart = true;
+  #   defaultGateway6 = {
-  #         privileged = true;
+  #     address = "fe80::1";
-  #         volumes = [
+  #     interface = "enp2s0";
-  #           "/home/chris/.homey-shs:/homey/user"
-  #         ];
-  #         ports = [
-  #           "4859:4859"
-  #         ];
-  #       };
-  #     };
   #   };
   # };
 
-  sneeuwvlok = {
+  # # virtualisation = {
-    services = {
+  # #   containers.enable = true;
-      backup.borg.enable = true;
+  # #   podman = {
+  # #     enable = true;
+  # #     dockerCompat = true;
+  # #   };
 
-      authentication.zitadel = {
+  # #   oci-containers = {
-        enable = true;
+  # #     backend = "podman";
+  # #     containers = {
+  # #       homey = {
+  # #         image = "ghcr.io/athombv/homey-shs:latest";
+  # #         autoStart = true;
+  # #         privileged = true;
+  # #         volumes = [
+  # #           "/home/chris/.homey-shs:/homey/user"
+  # #         ];
+  # #         ports = [
+  # #           "4859:4859"
+  # #         ];
+  # #       };
+  # #     };
+  # #   };
+  # # };
 
-        organization = {
+  # # sneeuwvlok = {
-          nix = {
+  # #   services = {
-            user = {
+  # #     backup.borg.enable = true;
-              chris = {
-                email = "chris@kruining.eu";
-                firstName = "Chris";
-                lastName = "Kruining";
 
-                roles = ["ORG_OWNER"];
+  # #     authentication.zitadel = {
-                instanceRoles = ["IAM_OWNER"];
+  # #       enable = true;
-              };
 
-              kaas = {
+  # #       organization = {
-                email = "chris+kaas@kruining.eu";
+  # #         nix = {
-                firstName = "Kaas";
+  # #           user = {
-                lastName = "Kruining";
+  # #             chris = {
-              };
+  # #               email = "chris@kruining.eu";
-            };
+  # #               firstName = "Chris";
+  # #               lastName = "Kruining";
 
-            project = {
+  # #               roles = ["ORG_OWNER"];
-              ulmo = {
+  # #               instanceRoles = ["IAM_OWNER"];
-                projectRoleCheck = true;
+  # #             };
-                projectRoleAssertion = true;
-                hasProjectCheck = true;
 
-                role = {
+  # #             kaas = {
-                  jellyfin = {
+  # #               email = "chris+kaas@kruining.eu";
-                    group = "jellyfin";
+  # #               firstName = "Kaas";
-                  };
+  # #               lastName = "Kruining";
-                  jellyfin_admin = {
+  # #             };
-                    group = "jellyfin";
+  # #           };
-                  };
-                };
 
-                assign = {
+  # #           project = {
-                  chris = ["jellyfin" "jellyfin_admin"];
+  # #             ulmo = {
-                  kaas = ["jellyfin"];
+  # #               projectRoleCheck = true;
-                };
+  # #               projectRoleAssertion = true;
+  # #               hasProjectCheck = true;
 
-                application = {
+  # #               role = {
-                  jellyfin = {
+  # #                 jellyfin = {
-                    redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"];
+  # #                   group = "jellyfin";
-                    grantTypes = ["authorizationCode"];
+  # #                 };
-                    responseTypes = ["code"];
+  # #                 jellyfin_admin = {
-                  };
+  # #                   group = "jellyfin";
+  # #                 };
+  # #               };
 
-                  forgejo = {
+  # #               assign = {
-                    redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"];
+  # #                 chris = ["jellyfin" "jellyfin_admin"];
-                    grantTypes = ["authorizationCode"];
+  # #                 kaas = ["jellyfin"];
-                    responseTypes = ["code"];
+  # #               };
-                  };
 
-                  vaultwarden = {
+  # #               application = {
-                    redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"];
+  # #                 jellyfin = {
-                    grantTypes = ["authorizationCode"];
+  # #                   redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"];
-                    responseTypes = ["code"];
+  # #                   grantTypes = ["authorizationCode"];
-                    exportMap = {
+  # #                   responseTypes = ["code"];
-                      client_id = "SSO_CLIENT_ID";
+  # #                 };
-                      client_secret = "SSO_CLIENT_SECRET";
-                    };
-                  };
 
-                  matrix = {
+  # #                 forgejo = {
-                    redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"];
+  # #                   redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"];
-                    grantTypes = ["authorizationCode"];
+  # #                   grantTypes = ["authorizationCode"];
-                    responseTypes = ["code"];
+  # #                   responseTypes = ["code"];
-                  };
+  # #                 };
 
-                  mydia = {
+  # #                 vaultwarden = {
-                    redirectUris = ["http://localhost:2010/auth/oidc/callback"];
+  # #                   redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"];
-                    grantTypes = ["authorizationCode"];
+  # #                   grantTypes = ["authorizationCode"];
-                    responseTypes = ["code"];
+  # #                   responseTypes = ["code"];
-                  };
+  # #                   exportMap = {
+  # #                     client_id = "SSO_CLIENT_ID";
+  # #                     client_secret = "SSO_CLIENT_SECRET";
+  # #                   };
+  # #                 };
 
-                  grafana = {
+  # #                 matrix = {
-                    redirectUris = ["http://localhost:9001/login/generic_oauth"];
+  # #                   redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"];
-                    grantTypes = ["authorizationCode"];
+  # #                   grantTypes = ["authorizationCode"];
-                    responseTypes = ["code"];
+  # #                   responseTypes = ["code"];
-                  };
+  # #                 };
-                };
-              };
 
-              convex = {
+  # #                 mydia = {
-                projectRoleCheck = true;
+  # #                   redirectUris = ["http://localhost:2010/auth/oidc/callback"];
-                projectRoleAssertion = true;
+  # #                   grantTypes = ["authorizationCode"];
-                hasProjectCheck = true;
+  # #                   responseTypes = ["code"];
+  # #                 };
 
-                application = {
+  # #                 grafana = {
-                  scry = {
+  # #                   redirectUris = ["http://localhost:9001/login/generic_oauth"];
-                    redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"];
+  # #                   grantTypes = ["authorizationCode"];
-                    grantTypes = ["authorizationCode"];
+  # #                   responseTypes = ["code"];
-                    responseTypes = ["code"];
+  # #                 };
-                  };
+  # #               };
-                };
+  # #             };
-              };
-            };
 
-            action = {
+  # #             convex = {
-              flattenRoles = {
+  # #               projectRoleCheck = true;
-                script = ''
+  # #               projectRoleAssertion = true;
-                  (ctx, api) => {
+  # #               hasProjectCheck = true;
-                    if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) {
-                      return;
-                    }
 
-                    const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role));
+  # #               application = {
+  # #                 scry = {
+  # #                   redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"];
+  # #                   grantTypes = ["authorizationCode"];
+  # #                   responseTypes = ["code"];
+  # #                 };
+  # #               };
+  # #             };
+  # #           };
 
-                    api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles }));
+  # #           action = {
-                  };
+  # #             flattenRoles = {
-                '';
+  # #               script = ''
-              };
+  # #                 (ctx, api) => {
-            };
+  # #                   if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) {
+  # #                     return;
+  # #                   }
 
-            triggers = [
+  # #                   const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role));
-              {
-                flowType = "customiseToken";
-                triggerType = "preUserinfoCreation";
-                actions = ["flattenRoles"];
-              }
-              {
-                flowType = "customiseToken";
-                triggerType = "preAccessTokenCreation";
-                actions = ["flattenRoles"];
-              }
-            ];
-          };
-        };
-      };
 
-      communication.matrix.enable = true;
+  # #                   api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles }));
+  # #                 };
+  # #               '';
+  # #             };
+  # #           };
 
-      development.forgejo.enable = true;
+  # #           triggers = [
+  # #             {
+  # #               flowType = "customiseToken";
+  # #               triggerType = "preUserinfoCreation";
+  # #               actions = ["flattenRoles"];
+  # #             }
+  # #             {
+  # #               flowType = "customiseToken";
+  # #               triggerType = "preAccessTokenCreation";
+  # #               actions = ["flattenRoles"];
+  # #             }
+  # #           ];
+  # #         };
+  # #       };
+  # #     };
 
-      networking.ssh.enable = true;
+  # #     communication.matrix.enable = true;
-      networking.caddy.hosts = {
-        # Expose amarht cloud stuff like this until I have a proper solution
-        "auth.amarth.cloud" = ''
-          reverse_proxy http://192.168.1.223:9092
-        '';
 
-        "amarth.cloud" = ''
+  # #     development.forgejo.enable = true;
-          reverse_proxy http://192.168.1.223:8080
-        '';
-      };
 
-      media.enable = true;
+  # #     networking.ssh.enable = true;
-      media.glance.enable = true;
+  # #     networking.caddy.hosts = {
-      media.mydia.enable = true;
+  # #       # Expose amarht cloud stuff like this until I have a proper solution
-      media.nfs.enable = true;
+  # #       "auth.amarth.cloud" = ''
-      media.jellyfin.enable = true;
+  # #         reverse_proxy http://192.168.1.223:9092
-      media.servarr = {
+  # #       '';
-        radarr = {
-          enable = true;
-          port = 2001;
-          rootFolders = [
-            "/var/media/movies"
-          ];
-        };
 
-        sonarr = {
+  # #       "amarth.cloud" = ''
-          enable = true;
+  # #         reverse_proxy http://192.168.1.223:8080
-          # debug = true;
+  # #       '';
-          port = 2002;
+  # #     };
-          rootFolders = [
-            "/var/media/series"
-          ];
-        };
 
-        lidarr = {
+  # #     media.enable = true;
-          enable = true;
+  # #     media.glance.enable = true;
-          debug = true;
+  # #     media.mydia.enable = true;
-          port = 2003;
+  # #     media.nfs.enable = true;
-          rootFolders = [
+  # #     media.jellyfin.enable = true;
-            "/var/media/music"
+  # #     media.servarr = {
-          ];
+  # #       radarr = {
-        };
+  # #         enable = true;
+  # #         port = 2001;
+  # #         rootFolders = [
+  # #           "/var/media/movies"
+  # #         ];
+  # #       };
 
-        prowlarr = {
+  # #       sonarr = {
-          enable = true;
+  # #         enable = true;
-          # debug = true;
+  # #         # debug = true;
-          port = 2004;
+  # #         port = 2002;
-        };
+  # #         rootFolders = [
-      };
+  # #           "/var/media/series"
+  # #         ];
+  # #       };
 
-      observability = {
+  # #       lidarr = {
-        grafana.enable = true;
+  # #         enable = true;
-        prometheus.enable = true;
+  # #         debug = true;
-        loki.enable = true;
+  # #         port = 2003;
-        promtail.enable = true;
+  # #         rootFolders = [
-        # uptime-kuma.enable = true;
+  # #           "/var/media/music"
-      };
+  # #         ];
+  # #       };
 
-      security.vaultwarden = {
+  # #       prowlarr = {
-        enable = true;
+  # #         enable = true;
-        database = {
+  # #         # debug = true;
-          # type = "sqlite";
+  # #         port = 2004;
-          # file = "/var/lib/vaultwarden/state.db";
+  # #       };
+  # #     };
 
-          type = "postgresql";
+  # #     observability = {
-          host = "localhost";
+  # #       grafana.enable = true;
-          port = 5432;
+  # #       prometheus.enable = true;
-          sslMode = "disabled";
+  # #       loki.enable = true;
-        };
+  # #       promtail.enable = true;
-      };
+  # #       # uptime-kuma.enable = true;
-    };
+  # #     };
 
-    editor = {
+  # #     security.vaultwarden = {
-      nano.enable = true;
+  # #       enable = true;
-    };
+  # #       database = {
-  };
+  # #         # type = "sqlite";
+  # #         # file = "/var/lib/vaultwarden/state.db";
 
-  system.stateVersion = "23.11";
+  # #         type = "postgresql";
+  # #         host = "localhost";
+  # #         port = 5432;
+  # #         sslMode = "disabled";
+  # #       };
+  # #     };
+  # #   };
+
+  # #   editor = {
+  # #     nano.enable = true;
+  # #   };
+  # # };
 }

modules/home/application/bitwarden/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.bitwarden;
+  cfg = config.sneeuwvlok.application.bitwarden;
 in
 {
-  options.${namespace}.application.bitwarden = {
+  options.sneeuwvlok.application.bitwarden = {
     enable = mkEnableOption "enable bitwarden";
   };
 

modules/home/application/chrome/default.nix

@@ -1,11 +1,16 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.chrome;
+  cfg = config.sneeuwvlok.application.chrome;
-in
+in {
-{
+  options.sneeuwvlok.application.chrome = {
-  options.${namespace}.application.chrome = {
     enable = mkEnableOption "enable chrome";
   };
 

modules/home/application/discord/default.nix

@@ -1,15 +1,20 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.discord;
+  cfg = config.sneeuwvlok.application.discord;
-in
+in {
-{
+  options.sneeuwvlok.application.discord = {
-  options.${namespace}.application.discord = {
     enable = mkEnableOption "enable discord (vesktop)";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ vesktop ];
+    home.packages = with pkgs; [vesktop];
   };
 }

modules/home/application/ladybird/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.ladybird;
+  cfg = config.sneeuwvlok.application.ladybird;
 in
 {
-  options.${namespace}.application.ladybird = {
+  options.sneeuwvlok.application.ladybird = {
     enable = mkEnableOption "enable ladybird";
   };
 

modules/home/application/matrix/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.matrix;
+  cfg = config.sneeuwvlok.application.matrix;
 in
 {
-  options.${namespace}.application.matrix = {
+  options.sneeuwvlok.application.matrix = {
     enable = mkEnableOption "enable Matrix client (Fractal)";
   };
 

modules/home/application/obs/default.nix

@@ -1,11 +1,16 @@
-{ config, lib, pkgs, namespace, osConfig ? {}, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  osConfig ? {},
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.obs;
+  cfg = config.sneeuwvlok.application.obs;
-in
+in {
-{
+  options.sneeuwvlok.application.obs = {
-  options.${namespace}.application.obs = {
     enable = mkEnableOption "enable obs";
   };
 

modules/home/application/onlyoffice/default.nix

@@ -8,9 +8,9 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.onlyoffice;
+  cfg = config.sneeuwvlok.application.onlyoffice;
 in {
-  options.${namespace}.application.onlyoffice = {
+  options.sneeuwvlok.application.onlyoffice = {
     enable = mkEnableOption "enable onlyoffice";
   };
 

modules/home/application/signal/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.signal;
+  cfg = config.sneeuwvlok.application.signal;
 in
 {
-  options.${namespace}.application.signal = {
+  options.sneeuwvlok.application.signal = {
     enable = mkEnableOption "enable signal";
   };
 

modules/home/application/steam/default.nix

@@ -1,16 +1,21 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.steam;
+  cfg = config.sneeuwvlok.application.steam;
-in
+in {
-{
+  options.sneeuwvlok.application.steam = {
-  options.${namespace}.application.steam = {
     enable = mkEnableOption "enable steam";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ protonup-ng ];
+    home.packages = with pkgs; [protonup-ng];
 
     home.sessionVariables = {
       STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";

modules/home/application/studio/default.nix

@@ -2,13 +2,13 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.studio;
+  cfg = config.sneeuwvlok.application.studio;
   studioPackage = pkgs.callPackage (repoRoot + "/packages/studio/package.nix") {
     inherit erosanixLib;
   };
 in
 {
-  options.${namespace}.application.studio = {
+  options.sneeuwvlok.application.studio = {
     enable = mkEnableOption "enable Bricklink Studio";
   };
 

modules/home/application/teamspeak/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.teamspeak;
+  cfg = config.sneeuwvlok.application.teamspeak;
 in
 {
-  options.${namespace}.application.teamspeak = {
+  options.sneeuwvlok.application.teamspeak = {
     enable = mkEnableOption "enable teamspeak";
   };
 

modules/home/application/thunderbird/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.thunderbird;
+  cfg = config.sneeuwvlok.application.thunderbird;
 in
 {
-  options.${namespace}.application.thunderbird = {
+  options.sneeuwvlok.application.thunderbird = {
     enable = mkEnableOption "enable thunderbird";
   };
 

modules/home/application/zen/default.nix

@@ -1,11 +1,15 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.application.zen;
+  cfg = config.sneeuwvlok.application.zen;
-in
+in {
-{
+  options.sneeuwvlok.application.zen = {
-  options.${namespace}.application.zen = {
     enable = mkEnableOption "enable zen";
   };
 
@@ -50,8 +54,7 @@ in
           install_url = "https://addons.mozilla.org/firefox/downloads/latest/${builtins.toString id}/latest.xpi";
           installation_mode = "force_installed";
         };
-      in
+      in {
-      {
         ublock_origin = 4531307;
         ghostry = 4562168;
         bitwarden = 4562769;

modules/home/default.nix

@@ -1,9 +1,14 @@
-{ pkgs, config, lib, namespace, ... }:
+{
-let
+  pkgs,
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (lib) mkOption;
   inherit (lib.types) enum;
 
-  cfg = config.${namespace}.defaults;
+  cfg = config.sneeuwvlok.defaults;
 in {
   imports = [
     ./application
@@ -17,30 +22,30 @@ in {
     ./themes
   ];
 
-  options.${namespace}.defaults = {
+  options.sneeuwvlok.defaults = {
     editor = mkOption {
-      type = enum [ "nano" "nvim" "zed" ];
+      type = enum ["nano" "nvim" "zed"];
       default = "nano";
       description = "Default editor for text manipulation";
       example = "nvim";
     };
 
     shell = mkOption {
-      type = enum [ "fish" "zsh" "bash" ];
+      type = enum ["fish" "zsh" "bash"];
       default = "zsh";
       description = "Default shell";
       example = "zsh";
     };
 
     terminal = mkOption {
-      type = enum [ "ghostty" "alacritty" ];
+      type = enum ["ghostty" "alacritty"];
       default = "ghostty";
       description = "Default terminal";
       example = "ghostty";
     };
 
     browser = mkOption {
-      type = enum [ "chrome" "ladybird" "zen" ];
+      type = enum ["chrome" "ladybird" "zen"];
       default = "zen";
       description = "Default terminal";
       example = "zen";

modules/home/desktop/plasma/default.nix

@@ -2,11 +2,11 @@
 let
   inherit (lib) mkIf;
 
-  cfg = config.${namespace}.desktop.plasma;
+  cfg = config.sneeuwvlok.desktop.plasma;
-  osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; };
+  osCfg = osConfig.sneeuwvlok.desktop.plasma or { enable = false; };
 in
 {
-  options.${namespace}.desktop.plasma = {
+  options.sneeuwvlok.desktop.plasma = {
 
   };
 

modules/home/development/dotnet/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.development.dotnet;
+  cfg = config.sneeuwvlok.development.dotnet;
 in
 {
-  options.${namespace}.development.dotnet = {
+  options.sneeuwvlok.development.dotnet = {
     enable = mkEnableOption "Enable dotnet development tools";
   };
 

modules/home/development/javascript/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.development.javascript;
+  cfg = config.sneeuwvlok.development.javascript;
 in
 {
-  options.${namespace}.development.javascript = {
+  options.sneeuwvlok.development.javascript = {
     enable = mkEnableOption "Enable javascript development tools";
   };
 

modules/home/development/rust/default.nix

@@ -1,15 +1,19 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.development.rust;
+  cfg = config.sneeuwvlok.development.rust;
-in
+in {
-{
+  options.sneeuwvlok.development.rust = {
-  options.${namespace}.development.rust = {
     enable = mkEnableOption "Enable rust development tools";
   };
 
-  config = mkIf cfg.enable {
+  config =
-
+    mkIf cfg.enable {
-  };
+    };
 }

modules/home/editor/nano/default.nix

@@ -1,16 +1,21 @@
-{ config, options, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  options,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.editor.nano;
+  cfg = config.sneeuwvlok.editor.nano;
-in
+in {
-{
+  options.sneeuwvlok.editor.nano = {
-  options.${namespace}.editor.nano = {
     enable = mkEnableOption "nano";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ nano ];
+    home.packages = with pkgs; [nano];
 
     # programs.nano = {
     #   enable = true;

modules/home/editor/nvim/default.nix

@@ -1,15 +1,20 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.editor.nvim;
+  cfg = config.sneeuwvlok.editor.nvim;
-in
+in {
-{
   # imports = [
   #   inputs.nvf.nixosModules.default
   # ];
 
-  options.${namespace}.editor.nvim = {
+  options.sneeuwvlok.editor.nvim = {
     enable = mkEnableOption "enable nvim via nvf on user level";
   };
 

modules/home/editor/zed/default.nix

@@ -1,9 +1,9 @@
 { config, lib, pkgs, namespace, ... }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.editor.zed;
+  cfg = config.sneeuwvlok.editor.zed;
 in {
-  options.${namespace}.editor.zed = {
+  options.sneeuwvlok.editor.zed = {
     enable = mkEnableOption "zed";
   };
 

modules/home/game/minecraft/default.nix

@@ -1,15 +1,20 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.game.minecraft;
+  cfg = config.sneeuwvlok.game.minecraft;
-in
+in {
-{
+  options.sneeuwvlok.game.minecraft = {
-  options.${namespace}.game.minecraft = {
     enable = mkEnableOption "enable minecraft";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ prismlauncher ];
+    home.packages = with pkgs; [prismlauncher];
   };
 }

modules/home/shell/default.nix

@@ -2,7 +2,7 @@
 let
   inherit (lib) mkIf mkMerge mkEnableOption mkDefault;
 
-  cfg = config.${namespace}.shell;
+  cfg = config.sneeuwvlok.shell;
 in
 {
   imports = [
@@ -10,13 +10,13 @@ in
     ./zsh
   ];
 
-  options.${namespace}.shell = {
+  options.sneeuwvlok.shell = {
     corePkgs.enable = mkEnableOption "core shell packages";
   };
 
   config = mkMerge [
     (mkIf (cfg.corePkgs.enable) {
-      ${namespace}.shell.toolset = mkDefault {
+      sneeuwvlok.shell.toolset = mkDefault {
         bat.enable = true;
         btop.enable = true;
         eza.enable = true;

modules/home/shell/toolset/bat/default.nix

@@ -1,16 +1,20 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.bat;
+  cfg = config.sneeuwvlok.shell.toolset.bat;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.bat = {
-  options.${namespace}.shell.toolset.bat = {
     enable = mkEnableOption "cat replacement";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ bat ];
+    home.packages = with pkgs; [bat];
 
     programs.bat = {
       enable = true;

modules/home/shell/toolset/btop/default.nix

@@ -1,17 +1,21 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
   inherit (lib.strings) concatStringsSep;
 
-  cfg = config.${namespace}.shell.toolset.btop;
+  cfg = config.sneeuwvlok.shell.toolset.btop;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.btop = {
-  options.${namespace}.shell.toolset.btop = {
     enable = mkEnableOption "system-monitor";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ btop ];
+    home.packages = with pkgs; [btop];
 
     programs.btop = {
       enable = true;

modules/home/shell/toolset/eza/default.nix

@@ -1,16 +1,20 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.eza;
+  cfg = config.sneeuwvlok.shell.toolset.eza;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.eza = {
-  options.${namespace}.shell.toolset.eza = {
     enable = mkEnableOption "system-monitor";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ eza ];
+    home.packages = with pkgs; [eza];
 
     programs.eza = {
       enable = true;

modules/home/shell/toolset/fzf/default.nix

@@ -1,16 +1,20 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.fzf;
+  cfg = config.sneeuwvlok.shell.toolset.fzf;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.fzf = {
-  options.${namespace}.shell.toolset.fzf = {
     enable = mkEnableOption "TUI Fuzzy Finder.";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ fzf ];
+    home.packages = with pkgs; [fzf];
 
     programs.fzf = {
       enable = true;

modules/home/shell/toolset/git/default.nix

@@ -7,9 +7,9 @@
 }: let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.shell.toolset.git;
+  cfg = config.sneeuwvlok.shell.toolset.git;
 in {
-  options.${namespace}.shell.toolset.git = {
+  options.sneeuwvlok.shell.toolset.git = {
     enable = mkEnableOption "version-control system";
   };
 

modules/home/shell/toolset/gnugpg/default.nix

@@ -1,11 +1,15 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.gnupg;
+  cfg = config.sneeuwvlok.shell.toolset.gnupg;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.gnupg = {
-  options.${namespace}.shell.toolset.gnupg = {
     enable = mkEnableOption "cryptographic suite";
   };
 

modules/home/shell/toolset/just/default.nix

@@ -1,15 +1,19 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.shell.toolset.just;
+  cfg = config.sneeuwvlok.shell.toolset.just;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.just = {
-  options.${namespace}.shell.toolset.just = {
     enable = mkEnableOption "version-control system";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ just gum ];
+    home.packages = with pkgs; [just gum];
   };
 }

modules/home/shell/toolset/starship/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.starship;
+  cfg = config.sneeuwvlok.shell.toolset.starship;
 in
 {
-  options.${namespace}.shell.toolset.starship = {
+  options.sneeuwvlok.shell.toolset.starship = {
     enable = mkEnableOption "fancy pansy shell prompt";
   };
 

modules/home/shell/toolset/tmux/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.tmux;
+  cfg = config.sneeuwvlok.shell.toolset.tmux;
 in
 {
-  options.${namespace}.shell.toolset.tmux = { 
+  options.sneeuwvlok.shell.toolset.tmux = { 
     enable = mkEnableOption "terminal multiplexer"; 
   };
 

modules/home/shell/toolset/yazi/default.nix

@@ -1,16 +1,20 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.yazi;
+  cfg = config.sneeuwvlok.shell.toolset.yazi;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.yazi = {
-  options.${namespace}.shell.toolset.yazi = {
     enable = mkEnableOption "cli file browser";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ yazi ];
+    home.packages = with pkgs; [yazi];
 
     programs.yazi = {
       enable = true;

modules/home/shell/toolset/zellij/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.zellij;
+  cfg = config.sneeuwvlok.shell.toolset.zellij;
 in
 {
-  options.${namespace}.shell.toolset.zellij = {
+  options.sneeuwvlok.shell.toolset.zellij = {
     enable = mkEnableOption "terminal multiplexer";
   };
 

modules/home/shell/toolset/zoxide/default.nix

@@ -1,16 +1,20 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.toolset.zoxide;
+  cfg = config.sneeuwvlok.shell.toolset.zoxide;
-in
+in {
-{
+  options.sneeuwvlok.shell.toolset.zoxide = {
-  options.${namespace}.shell.toolset.zoxide = {
     enable = mkEnableOption "cd replacement";
   };
 
   config = mkIf cfg.enable {
-    home.packages = with pkgs; [ zoxide ];
+    home.packages = with pkgs; [zoxide];
 
     programs.zoxide = {
       enable = true;

modules/home/shell/zsh/default.nix

@@ -2,15 +2,15 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.zsh;
+  cfg = config.sneeuwvlok.shell.zsh;
 in
 {
-  options.${namespace}.shell.zsh = {
+  options.sneeuwvlok.shell.zsh = {
     enable = mkEnableOption "enable ZSH";
   };
 
   config = mkIf cfg.enable {
-    # ${namespace}.shell = {
+    # sneeuwvlok.shell = {
     #   zsh.enable = true;
     # };
 

modules/home/terminal/alacritty/default.nix

@@ -1,11 +1,14 @@
-{ config, lib, namespace, ... }:
+{
-let
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.terminal.alacritty;
+  cfg = config.sneeuwvlok.terminal.alacritty;
-in
+in {
-{
+  options.sneeuwvlok.terminal.alacritty = {
-  options.${namespace}.terminal.alacritty = {
     enable = mkEnableOption "enable alacritty";
   };
 

modules/home/terminal/ghostty/default.nix

@@ -1,11 +1,14 @@
-{ config, lib, namespace, ... }:
+{
-let
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.terminal.ghostty;
+  cfg = config.sneeuwvlok.terminal.ghostty;
-in
+in {
-{
+  options.sneeuwvlok.terminal.ghostty = {
-  options.${namespace}.terminal.ghostty = {
     enable = mkEnableOption "enable ghostty";
   };
 
@@ -13,10 +16,10 @@ in
     programs.ghostty = {
       enable = true;
       settings = {
-        command = config.${namespace}.defaults.shell;
+        command = config.sneeuwvlok.defaults.shell;
         background-blur-radius = 20;
         theme = "dark:stylix,light:stylix";
-        window-theme = (config.${namespace}.themes.polarity or "dark");
+        window-theme = config.sneeuwvlok.themes.polarity or "dark";
         background-opacity = 0.8;
         minimum-contrast = 1.1;
       };

modules/home/themes/default.nix

@@ -1,24 +1,30 @@
-{ config, lib, pkgs, namespace, osConfig ? {}, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  osConfig ? {},
+  ...
+}: let
   inherit (lib) mkIf mkDefault;
   inherit (lib.options) mkOption mkEnableOption;
   inherit (lib.types) nullOr enum;
 
-  cfg = config.${namespace}.themes;
+  cfg = config.sneeuwvlok.themes;
-  osCfg = osConfig.${namespace}.theming;
+  osCfg = osConfig.sneeuwvlok.theming;
 in {
-  options.${namespace}.themes = {
+  options.sneeuwvlok.themes = {
     enable = mkEnableOption "Theming (Stylix)";
 
     theme = mkOption {
-      type = nullOr (enum [ "everforest" "catppuccin-latte" "chalk" ]);
+      type = nullOr (enum ["everforest" "catppuccin-latte" "chalk"]);
       default = "everforest";
       description = "The theme to set the system to";
       example = "everforest";
     };
 
     polarity = mkOption {
-      type = nullOr (enum [ "dark" "light" ]);
+      type = nullOr (enum ["dark" "light"]);
       default = "dark";
       description = "determine if system is in dark or light mode";
     };
@@ -33,7 +39,7 @@ in {
       polarity = cfg.polarity;
 
       targets.qt.platform = mkDefault "kde";
-      targets.zen-browser.profileNames = [ "Chris" ];
+      targets.zen-browser.profileNames = ["Chris"];
 
       fonts = {
         serif = {

modules/nixos/application/default.nix

@@ -1,5 +0,0 @@
-{
-  imports = [
-    ./steam
-  ];
-}

modules/nixos/application/steam.nix

@@ -0,0 +1,29 @@
+{
+  lib,
+  pkgs,
+  config,
+  ...
+}: let
+  inherit (lib) mkIf mkEnableOption;
+
+  cfg = config.sneeuwvlok.application.steam;
+in {
+  options.sneeuwvlok.application.steam = {
+    enable = mkEnableOption "enable steam";
+  };
+  config = mkIf cfg.enable {
+    environment.systemPackages = with pkgs; [steam];
+
+    programs = {
+      steam = {
+        enable = true;
+        remotePlay.openFirewall = true;
+        dedicatedServer.openFirewall = true;
+        localNetworkGameTransfers.openFirewall = true;
+        extraCompatPackages = with pkgs; [
+          proton-ge-bin
+        ];
+      };
+    };
+  };
+}

modules/nixos/application/steam/default.nix

@@ -1,64 +0,0 @@
-{
-  inputs,
-  config,
-  lib,
-  pkgs,
-  namespace,
-  ...
-}: let
-  inherit (lib) mkIf mkEnableOption;
-
-  cfg = config.${namespace}.application.steam;
-in {
-  options.${namespace}.application.steam = {
-    enable = mkEnableOption "enable steam";
-  };
-
-  config = mkIf cfg.enable {
-    # environment.systemPackages = with pkgs; [ steam ];
-
-    programs = {
-      steam = {
-        enable = true;
-        remotePlay.openFirewall = true;
-        dedicatedServer.openFirewall = true;
-        localNetworkGameTransfers.openFirewall = true;
-
-        extraCompatPackages = with pkgs; [
-          proton-ge-bin
-        ];
-
-        # package = pkgs.steam.override {
-        #   extraEnv = {
-        #     DXVK_HUD = "compiler";
-        #     MANGOHUD = true;
-        #   };
-        # };
-
-        # gamescopeSession = {
-        #   enable = true;
-        #   args = ["--immediate-flips"];
-        # };
-      };
-
-      # https://github.com/FeralInteractive/gamemode
-      # gamemode = {
-      #   enable = true;
-      #   enableRenice = true;
-      #   settings = {};
-      # };
-
-      # gamescope = {
-      #   enable = true;
-      #   capSysNice = true;
-      #   env = {
-      #     DXVK_HDR = "1";
-      #     ENABLE_GAMESCOPE_WSI = "1";
-      #     WINE_FULLSCREEN_FSR = "1";
-      #     WLR_RENDERER = "vulkan";
-      #   };
-      #   args = ["--hdr-enabled"];
-      # };
-    };
-  };
-}

modules/nixos/boot/default.nix

@@ -1,14 +1,18 @@
-{ lib, namespace, config, pkgs, ... }:
+{
-let
+  lib,
+  namespace,
+  config,
+  pkgs,
+  ...
+}: let
   inherit (lib) mkIf mkMerge mkDefault mkOption;
   inherit (lib.types) enum bool;
 
-  cfg = config.${namespace}.boot;
+  cfg = config.sneeuwvlok.boot;
-in
+in {
-{
+  options.sneeuwvlok.boot = {
-  options.${namespace}.boot = {
     type = mkOption {
-      type = enum [ "bios" "uefi" ];
+      type = enum ["bios" "uefi"];
       default = "uefi";
     };
 
@@ -24,7 +28,7 @@ in
   };
 
   config = mkMerge [
-    ({
+    {
       boot = {
         kernelPackages = pkgs.linuxPackages_latest;
 
@@ -39,9 +43,9 @@ in
           };
         };
 
-        supportedFilesystems = [ "nfs" ];
+        supportedFilesystems = ["nfs"];
       };
-    })
+    }
 
     (mkIf (cfg.type == "bios") {
       boot.loader.grub.efiSupport = false;
@@ -87,7 +91,7 @@ in
         theme = mkDefault "pixels";
         themePackages = with pkgs; [
           (adi1090x-plymouth-themes.override {
-            selected_themes = [ "pixels" ];
+            selected_themes = ["pixels"];
           })
         ];
       };

modules/nixos/default.nix

@@ -1,14 +1,15 @@
 {
   imports = [
-    ./application
+    ./application/steam.nix
-    ./boot
+    ./boot/default.nix
-    ./desktop
+    ./editor/nano/default.nix
-    ./editor
+    ./editor/nvim/default.nix
-    ./hardware
+    ./hardware/audio/default.nix
-    ./home-manager
+    ./home-manager/default.nix
-    ./nix
     ./services
-    ./shells
+    ./system/networking
-    ./system
+    ./system/security/boot
+    ./system/security/sops
+    ./system/security/sudo
   ];
 }

modules/nixos/desktop/cosmic/default.nix

@@ -7,13 +7,13 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.desktop.cosmic;
+  cfg = config.sneeuwvlok.desktop.cosmic;
 in {
-  options.${namespace}.desktop.cosmic = {
+  options.sneeuwvlok.desktop.cosmic = {
     enable =
       mkEnableOption "Enable Cosmic desktop"
       // {
-        default = config.${namespace}.desktop.use == "cosmic";
+        default = config.sneeuwvlok.desktop.use == "cosmic";
       };
   };
 

modules/nixos/desktop/default.nix

@@ -7,7 +7,7 @@
   inherit (lib) mkIf mkOption mkEnableOption mkMerge;
   inherit (lib.types) nullOr enum;
 
-  cfg = config.${namespace}.desktop;
+  cfg = config.sneeuwvlok.desktop;
 in {
   imports = [
     ./cosmic
@@ -16,7 +16,7 @@ in {
     ./plasma
   ];
 
-  options.${namespace}.desktop = {
+  options.sneeuwvlok.desktop = {
     use = mkOption {
       type = nullOr (enum ["plasma" "gamescope" "gnome" "cosmic"]);
       default = null;
@@ -33,7 +33,7 @@ in {
     }
 
     # (mkIf (cfg.use != null) {
-    #   ${namespace}.desktop.${cfg.use}.enable = true;
+    #   sneeuwvlok.desktop.${cfg.use}.enable = true;
     # })
   ];
 }

modules/nixos/desktop/gamescope/default.nix

@@ -1,18 +1,23 @@
-{ lib, config, namespace, ... }:
+{
-let
+  lib,
+  config,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption mkForce;
 
-  cfg = config.${namespace}.desktop.gamescope;
+  cfg = config.sneeuwvlok.desktop.gamescope;
-in
+in {
-{
+  options.sneeuwvlok.desktop.gamescope = {
-  options.${namespace}.desktop.gamescope = {
+    enable =
-    enable = mkEnableOption "Enable Steamdeck ui" // {
+      mkEnableOption "Enable Steamdeck ui"
-      default = (config.${namespace}.desktop.use == "gamescope");
+      // {
-    };
+        default = config.sneeuwvlok.desktop.use == "gamescope";
+      };
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.desktop.plasma.enable = true;
+    sneeuwvlok.desktop.plasma.enable = true;
 
     services.displayManager.sddm.enable = mkForce false;
     services.displayManager.gdm.enable = mkForce false;

modules/nixos/desktop/gnome/default.nix

@@ -1,16 +1,22 @@
-{ lib, config, namespace, ... }:
+{
-let
+  lib,
+  config,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.desktop.gnome;
+  cfg = config.sneeuwvlok.desktop.gnome;
-in
+in {
-{
+  options.sneeuwvlok.desktop.gnome = {
-  options.${namespace}.desktop.gnome = {
+    enable =
-    enable = mkEnableOption "Enable Gnome" // {
+      mkEnableOption "Enable Gnome"
-      default = (config.${namespace}.desktop.use == "gnome");
+      // {
-    };
+        default = config.sneeuwvlok.desktop.use == "gnome";
+      };
   };
 
-  config = mkIf cfg.enable {
+  config =
-  };
+    mkIf cfg.enable {
+    };
 }

modules/nixos/desktop/plasma/default.nix

@@ -1,14 +1,20 @@
-{ pkgs, lib, config, namespace, ... }:
+{
-let
+  pkgs,
+  lib,
+  config,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.desktop.plasma;
+  cfg = config.sneeuwvlok.desktop.plasma;
-in
+in {
-{
+  options.sneeuwvlok.desktop.plasma = {
-  options.${namespace}.desktop.plasma = {
+    enable =
-    enable = mkEnableOption "Enable KDE Plasma" // {
+      mkEnableOption "Enable KDE Plasma"
-      default = (config.${namespace}.desktop.use == "plasma");
+      // {
-    };
+        default = config.sneeuwvlok.desktop.use == "plasma";
+      };
   };
 
   config = mkIf cfg.enable {

modules/nixos/editor/nano/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.editor.nano;
+  cfg = config.sneeuwvlok.editor.nano;
 in
 {
-  options.${namespace}.editor.nano = {
+  options.sneeuwvlok.editor.nano = {
     enable = mkEnableOption "nano";
   };
 

modules/nixos/editor/nvim/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.editor.nvim;
+  cfg = config.sneeuwvlok.editor.nvim;
 in
 {
-  options.${namespace}.editor.nvim = {
+  options.sneeuwvlok.editor.nvim = {
     enable = mkEnableOption "enable nvim via nvf on system level";
   };
 

modules/nixos/hardware/audio/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.has.audio;
+  cfg = config.sneeuwvlok.hardware.has.audio;
 in
 {
-  options.${namespace}.hardware.has.audio = mkEnableOption "Enable bluetooth";
+  options.sneeuwvlok.hardware.has.audio = mkEnableOption "Enable bluetooth";
 
   config = mkIf cfg {
     environment.systemPackages = with pkgs; [

modules/nixos/hardware/bluetooth/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.has.bluetooth;
+  cfg = config.sneeuwvlok.hardware.has.bluetooth;
 in
 {
-  options.${namespace}.hardware.has.bluetooth = mkEnableOption "Enable bluetooth";
+  options.sneeuwvlok.hardware.has.bluetooth = mkEnableOption "Enable bluetooth";
 
   config = mkIf cfg {
     hardware.bluetooth = {

modules/nixos/hardware/gpu/amd/default.nix

@@ -1,14 +1,18 @@
-{ pkgs, lib, namespace, config, ... }:
+{
-let
+  pkgs,
+  lib,
+  namespace,
+  config,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.has.gpu;
+  cfg = config.sneeuwvlok.hardware.has.gpu;
-in
+in {
-{
+  options.sneeuwvlok.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration";
-  options.${namespace}.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration";
 
   config = mkIf cfg.amd {
-    services.xserver.videoDrivers = [ "amd" ];
+    services.xserver.videoDrivers = ["amd"];
 
     hardware = {
       graphics = {

modules/nixos/hardware/gpu/nvidia.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.has.gpu.nvidia;
+  cfg = config.sneeuwvlok.hardware.has.gpu.nvidia;
 in
 {
-  options.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
+  options.sneeuwvlok.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
 
   config = mkIf cfg {
     services.xserver.videoDrivers = [ "nvidia" ];

modules/nixos/hardware/gpu/nvidia/default.nix

@@ -1,14 +1,18 @@
-{ pkgs, lib, namespace, config, ... }:
+{
-let
+  pkgs,
+  lib,
+  namespace,
+  config,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.has.gpu;
+  cfg = config.sneeuwvlok.hardware.has.gpu;
-in
+in {
-{
+  options.sneeuwvlok.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
-  options.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
 
   config = mkIf cfg.nvidia {
-    services.xserver.videoDrivers = [ "nvidia" ];
+    services.xserver.videoDrivers = ["nvidia"];
 
     hardware = {
       graphics = {

modules/nixos/hardware/keyboard/voyager.nix

@@ -1,11 +1,15 @@
-{ lib, config, pkgs, namespace, ... }:
+{
-let
+  lib,
+  config,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.hardware.keyboard.voyager;
+  cfg = config.sneeuwvlok.hardware.keyboard.voyager;
-in
+in {
-{
+  options.sneeuwvlok.hardware.keyboard.voyager = {
-  options.${namespace}.hardware.keyboard.voyager = {
     enble = mkEnableOption "Enable tools for ZSA Voyager";
   };
 

modules/nixos/nix/default.nix

@@ -1,9 +1,13 @@
-{ pkgs, lib, namespace, config, ... }:
-let
-  cfg = config.${namespace}.nix;
-in
 {
-  options.${namespace}.nix = {};
+  pkgs,
+  lib,
+  namespace,
+  config,
+  ...
+}: let
+  cfg = config.sneeuwvlok.nix;
+in {
+  options.sneeuwvlok.nix = {};
 
   config = {
     programs.git.enable = true;
@@ -14,9 +18,9 @@ in
       extraOptions = "experimental-features = nix-command flakes pipe-operators";
 
       settings = {
-        experimental-features = [ "nix-command" "flakes" "pipe-operators" ];
+        experimental-features = ["nix-command" "flakes" "pipe-operators"];
-        allowed-users = [ "@wheel" ];
+        allowed-users = ["@wheel"];
-        trusted-users = [ "@wheel" ];
+        trusted-users = ["@wheel"];
 
         auto-optimise-store = true;
         connect-timeout = 5;

modules/nixos/services/authentication/authelia/default.nix

@@ -8,14 +8,14 @@
   inherit (lib) mkIf mkEnableOption;
 
   user = "authelia-testing";
-  cfg = config.${namespace}.services.authentication.authelia;
+  cfg = config.sneeuwvlok.services.authentication.authelia;
 in {
-  options.${namespace}.services.authentication.authelia = {
+  options.sneeuwvlok.services.authentication.authelia = {
     enable = mkEnableOption "Authelia";
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services.networking.caddy = {
+    sneeuwvlok.services.networking.caddy = {
       hosts = {
         "auth.kruining.eu".extraConfig = ''
           reverse_proxy http://127.0.0.1:9091

modules/nixos/services/authentication/himmelblau/default.nix

@@ -6,9 +6,9 @@
 }: let
   inherit (lib) mkEnableOption mkIf;
 
-  cfg = config.${namespace}.services.authentication.himmelblau;
+  cfg = config.sneeuwvlok.services.authentication.himmelblau;
 in {
-  options.${namespace}.services.authentication.himmelblau = {
+  options.sneeuwvlok.services.authentication.himmelblau = {
     enable = mkEnableOption "enable azure entra ID authentication";
   };
 

modules/nixos/services/authentication/zitadel/default.nix

@@ -3,12 +3,12 @@ let
   inherit (lib) mkIf mkEnableOption mkOption types toUpper toSentenceCase nameValuePair mapAttrs mapAttrs' concatMapAttrs concatMapStringsSep filterAttrsRecursive listToAttrs imap0 head drop length literalExpression attrNames;
   inherit (sneeuwvlokLib.strings) toSnakeCase;
 
-  cfg = config.${namespace}.services.authentication.zitadel;
+  cfg = config.sneeuwvlok.services.authentication.zitadel;
 
   database = "zitadel";
 in
 {
-  options.${namespace}.services.authentication.zitadel = {
+  options.sneeuwvlok.services.authentication.zitadel = {
     enable = mkEnableOption "Zitadel";
 
     organization = mkOption {
@@ -537,7 +537,7 @@ in
     };
   in
   mkIf cfg.enable {
-    ${namespace}.services = {
+    sneeuwvlok.services = {
       persistance.postgresql.enable = true;
 
       networking.caddy = {

modules/nixos/services/backup/borg/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.backup.borg;
+  cfg = config.sneeuwvlok.services.backup.borg;
 in
 {
-  options.${namespace}.services.backup.borg = {
+  options.sneeuwvlok.services.backup.borg = {
     enable = mkEnableOption "Borg Backup";
   };
 

modules/nixos/services/communication/matrix/default.nix

@@ -8,7 +8,7 @@
   inherit (builtins) toString toJSON;
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.communication.matrix;
+  cfg = config.sneeuwvlok.services.communication.matrix;
 
   domain = "kruining.eu";
   fqn = "matrix.${domain}";
@@ -17,12 +17,12 @@
   database = "synapse";
   keyFile = "/var/lib/element-call/key";
 in {
-  options.${namespace}.services.communication.matrix = {
+  options.sneeuwvlok.services.communication.matrix = {
     enable = mkEnableOption "Matrix server (Synapse)";
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services = {
+    sneeuwvlok.services = {
       persistance.postgresql.enable = true;
       # virtualisation.podman.enable = true;
 

modules/nixos/services/development/forgejo/default.nix

@@ -8,10 +8,10 @@
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption mkOption;
 
-  cfg = config.${namespace}.services.development.forgejo;
+  cfg = config.sneeuwvlok.services.development.forgejo;
   domain = "git.amarth.cloud";
 in {
-  options.${namespace}.services.development.forgejo = {
+  options.sneeuwvlok.services.development.forgejo = {
     enable = mkEnableOption "Forgejo";
 
     port = mkOption {
@@ -25,7 +25,7 @@ in {
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services = {
+    sneeuwvlok.services = {
       persistance.postgresql.enable = true;
       virtualisation.podman.enable = true;
 

modules/nixos/services/games/minecraft/default.nix

@@ -8,9 +8,9 @@
   inherit (lib) mkIf mkEnableOption mkOption;
   inherit (lib.types) str;
 
-  cfg = config.${namespace}.services.games.minecraft;
+  cfg = config.sneeuwvlok.services.games.minecraft;
 in {
-  options.${namespace}.services.games.minecraft = {
+  options.sneeuwvlok.services.games.minecraft = {
     enable = mkEnableOption "Minecraft";
 
     user = mkOption {

modules/nixos/services/games/openrct.nix

@@ -1,11 +1,15 @@
-{ config, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.games.openrct;
+  cfg = config.sneeuwvlok.services.games.openrct;
-in
+in {
-{
+  options.sneeuwvlok.services.games.openrct = {
-  options.${namespace}.services.games.openrct = {
     enable = mkEnableOption "OpenRCT2";
   };
 
@@ -16,7 +20,7 @@ in
 
     systemd.services.openrct = {
       enable = true;
-      after = [ "network.target"];
+      after = ["network.target"];
       description = "OpenRCT2 Server";
       serviceConfig = {
         Type = "";

modules/nixos/services/games/palworld/default.nix

@@ -6,9 +6,9 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.games.palworld;
+  cfg = config.sneeuwvlok.services.games.palworld;
 in {
-  options.${namespace}.services.games.palworld = {
+  options.sneeuwvlok.services.games.palworld = {
     enable = mkEnableOption "Palworld";
   };
 

modules/nixos/services/media/default.nix

@@ -8,7 +8,7 @@
   inherit (lib) mkIf mkEnableOption mkOption;
   inherit (lib.types) str;
 
-  cfg = config.${namespace}.services.media;
+  cfg = config.sneeuwvlok.services.media;
 in {
   imports = [
     ./glance
@@ -19,7 +19,7 @@ in {
     ./servarr
   ];
 
-  options.${namespace}.services.media = {
+  options.sneeuwvlok.services.media = {
     enable = mkEnableOption "Enable media services";
 
     user = mkOption {

modules/nixos/services/media/glance/default.nix

@@ -6,14 +6,14 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.media.glance;
+  cfg = config.sneeuwvlok.services.media.glance;
 in {
-  options.${namespace}.services.media.glance = {
+  options.sneeuwvlok.services.media.glance = {
     enable = mkEnableOption "Enable Glance";
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services.networking.caddy.hosts = {
+    sneeuwvlok.services.networking.caddy.hosts = {
       "https://${config.networking.hostName}:443" = ''
         reverse_proxy http://[::1]:2000
       '';

modules/nixos/services/media/jellyfin/default.nix

@@ -9,14 +9,14 @@
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption mkOption types;
 
-  cfg = config.${namespace}.services.media.jellyfin;
+  cfg = config.sneeuwvlok.services.media.jellyfin;
 in {
-  options.${namespace}.services.media.jellyfin = {
+  options.sneeuwvlok.services.media.jellyfin = {
     enable = mkEnableOption "Enable jellyfin server";
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services.networking.caddy = {
+    sneeuwvlok.services.networking.caddy = {
       hosts = {
         "jellyfin.kruining.eu" = ''
           reverse_proxy http://[::1]:8096

modules/nixos/services/media/mydia/default.nix

@@ -6,9 +6,9 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.media.mydia;
+  cfg = config.sneeuwvlok.services.media.mydia;
 in {
-  options.${namespace}.services.media.mydia = {
+  options.sneeuwvlok.services.media.mydia = {
     enable = mkEnableOption "Enable Mydia";
   };
 

modules/nixos/services/media/nextcloud/default.nix

@@ -8,9 +8,9 @@
   inherit (lib) mkIf mkEnableOption mkOption;
   inherit (lib.types) str;
 
-  cfg = config.${namespace}.services.media.nextcloud;
+  cfg = config.sneeuwvlok.services.media.nextcloud;
 in {
-  options.${namespace}.services.media.nextcloud = {
+  options.sneeuwvlok.services.media.nextcloud = {
     enable = mkEnableOption "Nextcloud";
 
     user = mkOption {
@@ -25,7 +25,7 @@ in {
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services.networking.caddy = {
+    sneeuwvlok.services.networking.caddy = {
       hosts."cloud.kruining.eu" = ''
         php_fastcgi unix//run/phpfpm/nextcloud.sock {
           env front_controller_active true

modules/nixos/services/media/nfs/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.media.nfs;
+  cfg = config.sneeuwvlok.services.media.nfs;
 in
 {
-  options.${namespace}.services.media.nfs = {
+  options.sneeuwvlok.services.media.nfs = {
     enable = mkEnableOption "Enable NFS";
   };
 

modules/nixos/services/media/servarr/default.nix

@@ -9,11 +9,11 @@
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption mkOption types;
 
-  cfg = config.${namespace}.services.media.servarr;
+  cfg = config.sneeuwvlok.services.media.servarr;
   servarr = import ./lib.nix {inherit lib;};
   anyEnabled = cfg |> lib.attrNames |> lib.length |> (l: l > 0);
 in {
-  options.${namespace}.services.media = {
+  options.sneeuwvlok.services.media = {
     servarr = mkOption {
       type = types.attrsOf (types.submodule ({name, ...}: {
         options = {

modules/nixos/services/networking/caddy/default.nix

@@ -8,14 +8,14 @@
   inherit (builtins) length;
   inherit (lib) mkIf mkEnableOption mkOption types attrNames mapAttrs;
 
-  cfg = config.${namespace}.services.networking.caddy;
+  cfg = config.sneeuwvlok.services.networking.caddy;
   hasHosts = (cfg.hosts |> attrNames |> length) > 0;
   caddyPackage = pkgs.caddy.withPlugins {
     plugins = ["github.com/corazawaf/coraza-caddy/v2@v2.1.0"];
     hash = "sha256-rsDnTunR8C7hVOX5aKcba+iFYHbpWek65DZgbMxOdTs=";
   };
 in {
-  options.${namespace}.services.networking.caddy = {
+  options.sneeuwvlok.services.networking.caddy = {
     enable = mkEnableOption "enable caddy" // {default = true;};
 
     hosts = mkOption {

modules/nixos/services/networking/ssh/default.nix

@@ -1,12 +1,15 @@
-{ config, lib, namespace, ... }:
+{
-let
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (lib.modules) mkIf;
   inherit (lib.options) mkEnableOption;
 
-  cfg = config.${namespace}.services.networking.ssh;
+  cfg = config.sneeuwvlok.services.networking.ssh;
-in
+in {
-{
+  options.sneeuwvlok.services.networking.ssh = {
-  options.${namespace}.services.networking.ssh = {
     enable = mkEnableOption "enable ssh";
   };
 
@@ -14,10 +17,10 @@ in
     services.openssh = {
       enable = true;
       openFirewall = true;
-      ports = [ 22 ];
+      ports = [22];
       settings = {
         PasswordAuthentication = true;
-        AllowUsers = [ "chris" "root" ];
+        AllowUsers = ["chris" "root"];
         UseDns = true;
         UsePAM = true;
         PermitRootLogin = "prohibit-password";

modules/nixos/services/networking/wireguard/default.nix

@@ -8,10 +8,10 @@
   inherit (builtins) length;
   inherit (lib) mkIf mkEnableOption mkOption types attrNames attrsToList listToAttrs;
 
-  cfg = config.${namespace}.services.networking.wireguard;
+  cfg = config.sneeuwvlok.services.networking.wireguard;
   hasPeers = (cfg.peer |> attrNames |> length) > 0;
 in {
-  options.${namespace}.services.networking.wireguard = {
+  options.sneeuwvlok.services.networking.wireguard = {
     # enable = mkEnableOption "enable wireguard" // {default = true;};
 
     peer = mkOption {

modules/nixos/services/observability/grafana/default.nix

@@ -8,12 +8,12 @@
   inherit (lib.modules) mkIf;
   inherit (lib.options) mkEnableOption;
 
-  cfg = config.${namespace}.services.observability.grafana;
+  cfg = config.sneeuwvlok.services.observability.grafana;
 
   db_user = "grafana";
   db_name = "grafana";
 in {
-  options.${namespace}.services.observability.grafana = {
+  options.sneeuwvlok.services.observability.grafana = {
     enable = mkEnableOption "enable Grafana";
   };
 

modules/nixos/services/observability/loki/default.nix

@@ -1,12 +1,16 @@
-{ pkgs, config, lib, namespace, ... }:
+{
-let
+  pkgs,
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (lib.modules) mkIf;
   inherit (lib.options) mkEnableOption;
 
-  cfg = config.${namespace}.services.observability.loki;
+  cfg = config.sneeuwvlok.services.observability.loki;
-in
+in {
-{
+  options.sneeuwvlok.services.observability.loki = {
-  options.${namespace}.services.observability.loki = {
     enable = mkEnableOption "enable Grafana Loki";
   };
 
@@ -44,6 +48,6 @@ in
       };
     };
 
-    networking.firewall.allowedTCPPorts = [ 9003 ];
+    networking.firewall.allowedTCPPorts = [9003];
   };
 }

modules/nixos/services/observability/prometheus/default.nix

@@ -3,10 +3,10 @@ let
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.observability.prometheus;
+  cfg = config.sneeuwvlok.services.observability.prometheus;
 in
 {
-  options.${namespace}.services.observability.prometheus = {
+  options.sneeuwvlok.services.observability.prometheus = {
     enable = mkEnableOption "enable Prometheus";
   };
 

modules/nixos/services/observability/promtail/default.nix

@@ -8,9 +8,9 @@
   inherit (lib.modules) mkIf;
   inherit (lib.options) mkEnableOption;
 
-  cfg = config.${namespace}.services.observability.promtail;
+  cfg = config.sneeuwvlok.services.observability.promtail;
 in {
-  options.${namespace}.services.observability.promtail = {
+  options.sneeuwvlok.services.observability.promtail = {
     enable = mkEnableOption "enable Grafana Promtail";
   };
 

modules/nixos/services/observability/uptime-kuma/default.nix

@@ -1,12 +1,16 @@
-{ pkgs, config, lib, namespace, ... }:
+{
-let
+  pkgs,
+  config,
+  lib,
+  namespace,
+  ...
+}: let
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.observability.uptime-kuma;
+  cfg = config.sneeuwvlok.services.observability.uptime-kuma;
-in
+in {
-{
+  options.sneeuwvlok.services.observability.uptime-kuma = {
-  options.${namespace}.services.observability.uptime-kuma = {
     enable = mkEnableOption "enable uptime kuma";
   };
 
@@ -20,6 +24,6 @@ in
       };
     };
 
-    networking.firewall.allowedTCPPorts = [ 9006 ];
+    networking.firewall.allowedTCPPorts = [9006];
   };
 }

modules/nixos/services/persistance/postgesql/default.nix

@@ -7,9 +7,9 @@
 }: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.persistance.postgresql;
+  cfg = config.sneeuwvlok.services.persistance.postgresql;
 in {
-  options.${namespace}.services.persistance.postgresql = {
+  options.sneeuwvlok.services.persistance.postgresql = {
     enable = mkEnableOption "Postgresql";
   };
 

modules/nixos/services/security/vaultwarden/default.nix

@@ -10,7 +10,7 @@
   inherit (builtins) toString;
   inherit (lib) mkIf mkEnableOption mkOption types getAttrs toUpper concatMapAttrsStringSep;
 
-  cfg = config.${namespace}.services.security.vaultwarden;
+  cfg = config.sneeuwvlok.services.security.vaultwarden;
 
   databaseProviderSqlite = types.submodule ({...}: {
     options = {
@@ -78,7 +78,7 @@
       // (urlOptions |> getAttrs ["protocol" "host" "port"]);
   });
 in {
-  options.${namespace}.services.security.vaultwarden = {
+  options.sneeuwvlok.services.security.vaultwarden = {
     enable = mkEnableOption "enable vaultwarden";
 
     database = mkOption {
@@ -93,7 +93,7 @@ in {
   };
 
   config = mkIf cfg.enable {
-    ${namespace}.services.networking.caddy.hosts = {
+    sneeuwvlok.services.networking.caddy.hosts = {
       "vault.kruining.eu" = ''
         encode zstd gzip
 

modules/nixos/services/virtualisation/podman/default.nix

@@ -1,11 +1,16 @@
-{ config, options, lib, pkgs, namespace, ... }:
+{
-let
+  config,
+  options,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.services.virtualisation.podman;
+  cfg = config.sneeuwvlok.services.virtualisation.podman;
-in
+in {
-{
+  options.sneeuwvlok.services.virtualisation.podman = {
-  options.${namespace}.services.virtualisation.podman = {
     enable = mkEnableOption "enable podman";
   };
 

modules/nixos/shells/default.nix

@@ -1,2 +0,0 @@
-{...}: {
-}

modules/nixos/shells/zsh/default.nix

@@ -1,11 +1,16 @@
-{ inputs, config, lib, pkgs, namespace, ... }:
+{
-let
+  inputs,
+  config,
+  lib,
+  pkgs,
+  namespace,
+  ...
+}: let
   inherit (lib) mkIf mkEnableOption;
 
-  cfg = config.${namespace}.shell.zsh;
+  cfg = config.sneeuwvlok.shell.zsh;
-in
+in {
-{
+  options.sneeuwvlok.shell.zsh = {
-  options.${namespace}.shell.zsh = {
     enable = mkEnableOption "enable zsh shell";
   };
 

modules/nixos/system/default.nix

@@ -1,6 +0,0 @@
-{
-  imports = [
-    ./networking
-    ./security
-  ];
-}

modules/nixos/system/networking/default.nix

@@ -2,10 +2,10 @@
 let
   inherit (lib) mkDefault;
 
-  cfg = config.${namespace}.system.networking;
+  cfg = config.sneeuwvlok.system.networking;
 in 
 {
-  options.${namespace}.system.networking = {};
+  options.sneeuwvlok.system.networking = {};
 
   config = {
     systemd.services.NetworkManager-wait-online.enable = false;

modules/nixos/system/security/boot/default.nix

@@ -1,13 +1,16 @@
-{ config, namespace, inputs, ... }:
-let
-  cfg = config.${namespace}.system.security.boot;
-in
 {
-  options.${namespace}.system.security.boot = {};
+  config,
+  namespace,
+  inputs,
+  ...
+}: let
+  cfg = config.sneeuwvlok.system.security.boot;
+in {
+  options.sneeuwvlok.system.security.boot = {};
 
   config = {
     boot = {
-      kernelModules = [ "tcp_bbr" ];
+      kernelModules = ["tcp_bbr"];
       kernel.sysctl = {
         ## TCP hardening
         # Prevent bogus ICMP errors from filling up logs.

modules/nixos/system/security/default.nix

@@ -1,29 +1,28 @@
-{ config, namespace, inputs, ... }:
+{...}: {
-let
+  flake.modules.nixos.sneeuwvlok.system.security = {
-  cfg = config.${namespace}.system.security;
+    config,
-in
+    namespace,
-{
+    inputs,
-  imports = [
+    ...
-    ./boot
+  }: let
-    ./sops
+    cfg = config.sneeuwvlok.system.security;
-    ./sudo
+  in {
-  ];
+    options.sneeuwvlok.system.security = {};
 
-  options.${namespace}.system.security = {};
+    config = {
+      security = {
+        acme.acceptTerms = true;
+        polkit.enable = true;
 
-  config = {
+        pam = {
-    security = {
+          u2f = {
-      acme.acceptTerms = true;
+            enable = true;
-      polkit.enable = true;
+            settings.cue = true;
-
+          };
-      pam = {
-        u2f = {
-          enable = true;
-          settings.cue = true;
         };
       };
-    };
 
-    programs.gnupg.agent.enable = true;
+      programs.gnupg.agent.enable = true;
+    };
   };
 }

modules/nixos/system/security/sops/default.nix

@@ -1,12 +1,16 @@
-{ pkgs, config, namespace, repoRoot, ... }:
-let
-  cfg = config.${namespace}.system.security.sops;
-in
 {
-  options.${namespace}.system.security.sops = {};
+  pkgs,
+  config,
+  namespace,
+  repoRoot,
+  ...
+}: let
+  cfg = config.sneeuwvlok.system.security.sops;
+in {
+  options.sneeuwvlok.system.security.sops = {};
 
   config = {
-    environment.systemPackages = with pkgs; [ sops ];
+    environment.systemPackages = with pkgs; [sops];
 
     sops = {
       defaultSopsFormat = "yaml";

modules/nixos/system/security/sudo/default.nix

@@ -1,9 +1,9 @@
 { config, namespace, ... }:
 let
-  cfg = config.${namespace}.system.security.sudo;
+  cfg = config.sneeuwvlok.system.security.sudo;
 in
 {
-  options.${namespace}.system.security.sudo = {};
+  options.sneeuwvlok.system.security.sudo = {};
 
   config = {
     security = {

packages/default.nix

@@ -1,24 +0,0 @@
-{
-  config,
-  lib,
-  mkPkgs,
-  ...
-}: {
-  imports = [
-    ./studio
-    ./vaultwarden
-  ];
-
-  perSystem = {system, ...}: let
-    pkgs = mkPkgs system;
-  in {
-    _module.args.pkgs = pkgs;
-
-    clan.pkgs = pkgs;
-  };
-
-  flake.overlays.default = lib.composeManyExtensions [
-    config.flake.overlays."package/studio"
-    config.flake.overlays."package/vaultwarden"
-  ];
-}