about summary refs log tree commit diff
path: root/modules/common
diff options
context:
space:
mode:
authorAzat Bahawi <azat@bahawi.net>2024-04-21 02:15:42 +0300
committerAzat Bahawi <azat@bahawi.net>2024-04-21 02:15:42 +0300
commite6ed60548397627bf10f561f9438201dbba0a36e (patch)
treef9a84c5957d2cc4fcd148065ee9365a0c851ae1c /modules/common
parent2024-04-18 (diff)
2024-04-21
Diffstat (limited to 'modules/common')
-rw-r--r--modules/common/alacritty.nix36
-rw-r--r--modules/common/aria2.nix33
-rw-r--r--modules/common/ark.nix64
-rw-r--r--modules/common/bat.nix26
-rw-r--r--modules/common/common/default.nix14
-rw-r--r--modules/common/common/documentation.nix28
-rw-r--r--modules/common/common/locale.nix6
-rw-r--r--modules/common/common/networking.nix4
-rw-r--r--modules/common/common/nix.nix125
-rw-r--r--modules/common/common/stylix.nix61
-rw-r--r--modules/common/common/users.nix15
-rw-r--r--modules/common/console.nix10
-rw-r--r--modules/common/curl.nix38
-rw-r--r--modules/common/default.nix29
-rw-r--r--modules/common/direnv.nix23
-rw-r--r--modules/common/documentation.nix40
-rw-r--r--modules/common/editorconfig.nix133
-rw-r--r--modules/common/emacs/default.nix278
-rw-r--r--modules/common/emacs/doom/config.el249
-rw-r--r--modules/common/emacs/doom/init.el99
-rw-r--r--modules/common/emacs/doom/packages.el12
-rw-r--r--modules/common/eza.nix23
-rw-r--r--modules/common/git.nix173
-rw-r--r--modules/common/gnupg.nix72
-rw-r--r--modules/common/home-manager.nix (renamed from modules/common/common/home-manager.nix)11
-rw-r--r--modules/common/htop.nix54
-rw-r--r--modules/common/kernel.nix40
-rw-r--r--modules/common/locale.nix46
-rw-r--r--modules/common/mpv.nix156
-rw-r--r--modules/common/networking.nix131
-rw-r--r--modules/common/nix.nix150
-rw-r--r--modules/common/nmap.nix80
-rw-r--r--modules/common/openssh.nix72
-rw-r--r--modules/common/password-store.nix35
-rw-r--r--modules/common/profiles/default.nix52
-rw-r--r--modules/common/profiles/dev/containers.nix57
-rw-r--r--modules/common/profiles/dev/default.nix84
-rw-r--r--modules/common/profiles/dev/gdbinit41
-rw-r--r--modules/common/profiles/dev/ghci.conf35
-rw-r--r--modules/common/profiles/dev/pystartup.py121
-rw-r--r--modules/common/profiles/dev/sql.nix105
-rw-r--r--modules/common/profiles/email.nix123
-rw-r--r--modules/common/profiles/headful.nix57
-rw-r--r--modules/common/profiles/headless.nix25
-rw-r--r--modules/common/qutebrowser.nix342
-rw-r--r--modules/common/secrets.nix (renamed from modules/common/common/secrets.nix)1
-rw-r--r--modules/common/security.nix31
-rw-r--r--modules/common/services.nix10
-rw-r--r--modules/common/shell/default.nix (renamed from modules/common/common/shell/default.nix)2
-rw-r--r--modules/common/shell/functions.bash (renamed from modules/common/common/shell/functions.bash)0
-rw-r--r--modules/common/stylix.nix105
-rw-r--r--modules/common/subversion.nix55
-rw-r--r--modules/common/systemd.nix43
-rw-r--r--modules/common/tmp.nix18
-rw-r--r--modules/common/tmux.nix57
-rw-r--r--modules/common/users.nix34
-rw-r--r--modules/common/vim/default.nix47
-rw-r--r--modules/common/vim/rc.vim169
-rw-r--r--modules/common/vscode.nix244
-rw-r--r--modules/common/wget.nix37
-rw-r--r--modules/common/xdg.nix (renamed from modules/common/common/xdg.nix)39
-rw-r--r--modules/common/zathura.nix80
62 files changed, 770 insertions, 3610 deletions
diff --git a/modules/common/alacritty.nix b/modules/common/alacritty.nix
deleted file mode 100644
index 704ce79..0000000
--- a/modules/common/alacritty.nix
+++ /dev/null
@@ -1,36 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.alacritty;
-in
-{
-  options.nixfiles.modules.alacritty.enable = mkEnableOption "Alacritty terminal emulator";
-
-  config = mkIf cfg.enable {
-    hm.programs.alacritty = {
-      enable = true;
-      settings = {
-        window = {
-          padding = with config.stylix.fonts.sizes; {
-            x = terminal;
-            y = terminal;
-          };
-          dynamic_padding = false;
-          decorations = "Full";
-          startup_mode = "Maximized";
-        };
-        selection.save_to_clipboard = true;
-        cursor = {
-          style = {
-            shape = "Block";
-            blinking = "On";
-          };
-          vi_mode_style = {
-            shape = "Block";
-            blinking = "Off";
-          };
-        };
-      };
-    };
-  };
-}
diff --git a/modules/common/aria2.nix b/modules/common/aria2.nix
deleted file mode 100644
index cdf1c4f..0000000
--- a/modules/common/aria2.nix
+++ /dev/null
@@ -1,33 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.aria2;
-in
-{
-  options.nixfiles.modules.aria2.enable = mkEnableOption "aria2";
-
-  config = mkIf cfg.enable {
-    hm.programs.aria2 = {
-      enable = true;
-
-      settings = {
-        bt-max-peers = 128;
-        bt-save-metadata = true;
-        continue = true;
-        enable-dht = true;
-        enable-peer-exchange = true;
-        enable-rpc = false;
-        follow-torrent = true;
-        log-level = "info";
-        max-connection-per-server = 16;
-        max-overall-upload-limit = "1K";
-        max-tries = 5;
-        max-upload-limit = "1K";
-        seed-ratio = 0.1;
-        seed-time = 0.1;
-        stream-piece-selector = "default";
-        timeout = 60;
-      };
-    };
-  };
-}
diff --git a/modules/common/ark.nix b/modules/common/ark.nix
new file mode 100644
index 0000000..84ff6db
--- /dev/null
+++ b/modules/common/ark.nix
@@ -0,0 +1,64 @@
+{
+  config,
+  inputs,
+  lib,
+  ...
+}:
+with lib;
+let
+  cfg = config.nixfiles.modules.ark;
+in
+{
+  imports = [
+    inputs.impermanence.nixosModules.impermanence
+    (mkAliasOptionModule [ "ark" ] [
+      "nixfiles"
+      "modules"
+      "ark"
+    ])
+  ];
+
+  options.nixfiles.modules.ark =
+    let
+      mkListOfAnythingOption = mkOption {
+        type = with types; listOf anything; # Assumed to be matching with the upstream type.
+        default = [ ];
+      };
+    in
+    {
+      enable = mkEnableOption "persistent storage support via impermanence";
+
+      path = mkOption {
+        type = types.str;
+        default = "/ark";
+      };
+
+      directories = mkListOfAnythingOption;
+      files = mkListOfAnythingOption;
+      # hm = {
+      #   directories = mkListOfAnythingOption;
+      #   files = mkListOfAnythingOption;
+      # };
+    };
+
+  config = mkIf cfg.enable {
+    environment.persistence.${cfg.path} = {
+      hideMounts = true;
+      enableDebugging = false;
+      inherit (cfg) directories files;
+    };
+
+    # NOTE We can't reliably[1] use this, so for the time being, this will stay
+    # commented out. Probably forever.
+    #
+    # [1]: https://github.com/nix-community/impermanence/issues/18
+    #
+    # hm = {
+    #   imports = [inputs.impermanence.nixosModules.home-manager.impermanence];
+    #   home.persistence."${cfg.path}/${config.my.home}" = {
+    #     allowOther = false;
+    #     inherit (cfg.hm) directories files;
+    #   };
+    # };
+  };
+}
diff --git a/modules/common/bat.nix b/modules/common/bat.nix
deleted file mode 100644
index a95d67d..0000000
--- a/modules/common/bat.nix
+++ /dev/null
@@ -1,26 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.bat;
-in
-{
-  options.nixfiles.modules.bat.enable = mkEnableOption "bat, an alternative to cat";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules.common.shell.aliases = {
-      baj = "bat --language=json --tabs 2";
-      bay = "bat --language=yaml --tabs 2";
-      bas = "bat --language=syslog";
-      less = "bat";
-    };
-
-    hm.programs.bat = {
-      enable = true;
-      config = {
-        style = "plain";
-        tabs = "4";
-        wrap = "never";
-      };
-    };
-  };
-}
diff --git a/modules/common/common/default.nix b/modules/common/common/default.nix
deleted file mode 100644
index 62e4a95..0000000
--- a/modules/common/common/default.nix
+++ /dev/null
@@ -1,14 +0,0 @@
-_: {
-  imports = [
-    ./documentation.nix
-    ./home-manager.nix
-    ./locale.nix
-    ./networking.nix
-    ./nix.nix
-    ./secrets.nix
-    ./shell
-    ./stylix.nix
-    ./users.nix
-    ./xdg.nix
-  ];
-}
diff --git a/modules/common/common/documentation.nix b/modules/common/common/documentation.nix
deleted file mode 100644
index 2202e11..0000000
--- a/modules/common/common/documentation.nix
+++ /dev/null
@@ -1,28 +0,0 @@
-{
-  config,
-  lib,
-  this,
-  ...
-}:
-with lib;
-{
-  config = mkMerge [
-    (mkIf this.isHeadful {
-      hm.manual = {
-        html.enable = false;
-        json.enable = false;
-        manpages.enable = true;
-      };
-
-      documentation = {
-        enable = true;
-        doc.enable = false;
-        info.enable = false;
-      };
-    })
-    (mkIf this.isHeadless {
-      hm.manual.manpages.enable = false;
-      documentation.enable = false;
-    })
-  ];
-}
diff --git a/modules/common/common/locale.nix b/modules/common/common/locale.nix
deleted file mode 100644
index bcb577a..0000000
--- a/modules/common/common/locale.nix
+++ /dev/null
@@ -1,6 +0,0 @@
-_: {
-  hm.home.language = {
-    collate = "C";
-    messages = "C";
-  };
-}
diff --git a/modules/common/common/networking.nix b/modules/common/common/networking.nix
deleted file mode 100644
index 2e19162..0000000
--- a/modules/common/common/networking.nix
+++ /dev/null
@@ -1,4 +0,0 @@
-{ pkgs, ... }:
-{
-  environment.systemPackages = with pkgs; [ myip ];
-}
diff --git a/modules/common/common/nix.nix b/modules/common/common/nix.nix
deleted file mode 100644
index fdb0125..0000000
--- a/modules/common/common/nix.nix
+++ /dev/null
@@ -1,125 +0,0 @@
-{
-  config,
-  inputs,
-  lib,
-  localUsername ? lib.my.username,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-{
-  _module.args =
-    let
-      importNixpkgs =
-        nixpkgs:
-        import nixpkgs {
-          inherit (config.nixpkgs) config;
-          inherit (this) system;
-        };
-    in
-    rec {
-      pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure!
-      pkgsMaster = importNixpkgs inputs.nixpkgs-master;
-      pkgsStable = importNixpkgs inputs.nixpkgs-stable;
-      pkgsRev =
-        rev: hash:
-        importNixpkgs (
-          pkgs.fetchFromGitHub {
-            owner = "NixOS";
-            repo = "nixpkgs";
-            inherit rev hash;
-          }
-        );
-      pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head";
-    };
-
-  nixpkgs.overlays = with inputs; [
-    self.overlays.default
-    (_: _: { })
-  ];
-
-  nix =
-    let
-      notSelfInputs = filterAttrs (n: _: n != "self") inputs;
-    in
-    {
-      settings = {
-        # https://nixos.org/manual/nix/unstable/contributing/experimental-features.html#currently-available-experimental-features
-        # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc
-        experimental-features = concatStringsSep " " [
-          "flakes"
-          "nix-command"
-          "recursive-nix"
-          "repl-flake"
-        ];
-
-        keep-derivations = if this.isHeadful then "true" else "false";
-        keep-outputs = if this.isHeadful then "true" else "false";
-
-        flake-registry = "${inputs.flake-registry}/flake-registry.json";
-
-        warn-dirty = false;
-
-        keep-going = true;
-
-        substituters = [
-          "https://azahi.cachix.org"
-          "https://nix-community.cachix.org"
-        ];
-        trusted-public-keys = [
-          "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s="
-          "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
-        ];
-
-        trusted-users = [
-          "root"
-          localUsername
-        ];
-      };
-
-      nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [
-        "nixfiles=${config.my.home}/src/nixfiles"
-      ];
-
-      registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // {
-        nixfiles.flake = inputs.self;
-      };
-    };
-
-  environment = {
-    systemPackages =
-      with pkgs;
-      optionals this.isHeadful [
-        nix-top
-        nix-tree
-        nixfiles
-      ];
-    variables.NIXFILES = "${config.my.home}/src/nixfiles";
-  };
-
-  hm = {
-    # Used primarily in conjunction with the "nixfiles" script.
-    home.file.".nix-defexpr/default.nix".text =
-      let
-        hostname = strings.escapeNixIdentifier this.hostname;
-      in
-      optionalString this.isHeadful ''
-        let
-          self = builtins.getFlake "nixfiles";
-          configurations = self.nixosConfigurations;
-          local = configurations.${hostname};
-        in rec {
-          inherit self;
-          inherit (self) inputs lib;
-          inherit (lib) my;
-          this = my.configurations.${hostname};
-          inherit (local) config;
-          inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
-          pretty = expr: lib.trace (lib.generators.toPretty {} expr) {};
-        } // configurations // local._module.args
-      '';
-
-    programs.bash.shellAliases.nix = "nix --verbose --print-build-logs";
-  };
-}
diff --git a/modules/common/common/stylix.nix b/modules/common/common/stylix.nix
deleted file mode 100644
index f1b8f81..0000000
--- a/modules/common/common/stylix.nix
+++ /dev/null
@@ -1,61 +0,0 @@
-{ lib, pkgs, ... }:
-with lib;
-{
-  imports = [
-    (mkAliasOptionModule [ "colors" ] [
-      "lib"
-      "stylix"
-      "colors"
-    ])
-  ];
-
-  options.nixfiles.modules.common.stylix.fonts.extraPackages = mkOption {
-    description = "Font packages.";
-    default = with pkgs; [
-      font-awesome
-      noto-fonts
-      noto-fonts-emoji
-      sarasa-gothic
-      source-han-mono
-      source-han-sans
-      source-han-serif
-      twitter-color-emoji
-    ];
-    readOnly = true;
-  };
-
-  # Styling and color binding can be sourced from here[1].
-  #
-  # [1]: https://github.com/tinted-theming/base24/blob/master/styling.md
-  config.stylix = {
-    image = pkgs.fetchurl {
-      url = "https://upload.wikimedia.org/wikipedia/commons/a/a5/Bonaparte_ante_la_Esfinge%2C_por_Jean-Léon_Gérôme.jpg";
-      sha256 = "sha256-qWv52oT8cF9K4ZoeawmR3jgoGB2ARfjbKKc12IljUcM=";
-    };
-
-    base16Scheme = "${pkgs.base16-schemes}/share/themes/tomorrow.yaml";
-
-    fonts = {
-      monospace = {
-        package = pkgs.iosevka;
-        name = "Iosevka";
-      };
-
-      serif = {
-        package = pkgs.iosevka-bin.override { variant = "Etoile"; };
-        name = "Iosevka Etoile";
-      };
-
-      sansSerif = {
-        package = pkgs.iosevka-bin.override { variant = "Aile"; };
-        name = "Iosevka Aile";
-      };
-
-      sizes = {
-        desktop = 10;
-        applications = 10;
-        terminal = 12;
-      };
-    };
-  };
-}
diff --git a/modules/common/common/users.nix b/modules/common/common/users.nix
deleted file mode 100644
index dc1b32e..0000000
--- a/modules/common/common/users.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-  lib,
-  localUsername ? lib.my.username,
-  ...
-}:
-with lib;
-{
-  imports = [
-    (mkAliasOptionModule [ "my" ] [
-      "users"
-      "users"
-      localUsername
-    ])
-  ];
-}
diff --git a/modules/common/console.nix b/modules/common/console.nix
new file mode 100644
index 0000000..330310c
--- /dev/null
+++ b/modules/common/console.nix
@@ -0,0 +1,10 @@
+{ config, pkgs, ... }:
+{
+  stylix.targets.console.enable = false;
+
+  console = {
+    earlySetup = true;
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-v16b.psf.gz";
+    useXkbConfig = config.services.xserver.enable;
+  };
+}
diff --git a/modules/common/curl.nix b/modules/common/curl.nix
deleted file mode 100644
index 6895262..0000000
--- a/modules/common/curl.nix
+++ /dev/null
@@ -1,38 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.curl;
-in
-{
-  options.nixfiles.modules.curl.enable = mkEnableOption "cURL";
-
-  config = mkIf cfg.enable {
-    hm.xdg.configFile.".curlrc".text = ''
-      connect-timeout = 60
-      progress-bar
-      remote-time
-      show-error
-    '';
-
-    environment.systemPackages = with pkgs; [
-      curl
-      (writeShellScriptBin "0x0" ''
-        url="https://0x0.st"
-        form="file=@"
-
-        if [ -t 0 ] && [ -n "$1" ]; then
-            form="$form$1"
-        else
-            form="$form-"
-        fi
-
-        ${getExe curl} --form "$form" "$url"
-      '')
-    ];
-  };
-}
diff --git a/modules/common/default.nix b/modules/common/default.nix
index 92f719d..ef9fb18 100644
--- a/modules/common/default.nix
+++ b/modules/common/default.nix
@@ -1,28 +1 @@
-_: {
-  imports = [
-    ./alacritty.nix
-    ./aria2.nix
-    ./bat.nix
-    ./common
-    ./curl.nix
-    ./direnv.nix
-    ./editorconfig.nix
-    ./emacs
-    ./eza.nix
-    ./git.nix
-    ./gnupg.nix
-    ./htop.nix
-    ./mpv.nix
-    ./nmap.nix
-    ./openssh.nix
-    ./password-store.nix
-    ./profiles
-    ./qutebrowser.nix
-    ./subversion.nix
-    ./tmux.nix
-    ./vim
-    ./vscode.nix
-    ./wget.nix
-    ./zathura.nix
-  ];
-}
+{ lib, ... }: with lib; { imports = attrValues (modulesIn ./.); }
diff --git a/modules/common/direnv.nix b/modules/common/direnv.nix
deleted file mode 100644
index ececad8..0000000
--- a/modules/common/direnv.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.direnv;
-in
-{
-  options.nixfiles.modules.direnv.enable = mkEnableOption "direnv";
-
-  config = mkIf cfg.enable {
-    hm = {
-      home.sessionVariables.DIRENV_LOG_FORMAT = "";
-
-      programs.direnv = {
-        enable = true;
-        config.global = {
-          strict_env = true;
-          warn_timeout = "1h";
-        };
-        nix-direnv.enable = true;
-      };
-    };
-  };
-}
diff --git a/modules/common/documentation.nix b/modules/common/documentation.nix
new file mode 100644
index 0000000..20856cb
--- /dev/null
+++ b/modules/common/documentation.nix
@@ -0,0 +1,40 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib;
+{
+  config = {
+    hm.manual = {
+      manpages.enable = this.isHeadful;
+      html.enable = false;
+      json.enable = false;
+    };
+
+    documentation = {
+      enable = this.isHeadful;
+      dev.enable = true;
+      doc.enable = false;
+      info.enable = false;
+      nixos.enable = true;
+
+      man.man-db.manualPages =
+        (pkgs.buildEnv {
+          name = "man-paths";
+          paths = with config; environment.systemPackages ++ hm.home.packages;
+          pathsToLink = [ "/share/man" ];
+          extraOutputsToInstall = [ "man" ];
+          ignoreCollisions = true;
+        }).overrideAttrs
+          (_: _: { __contentAddressed = true; });
+    };
+
+    environment.sessionVariables = {
+      MANOPT = "--no-hyphenation";
+      MANPAGER = "${getExe pkgs.less} -+F";
+    };
+  };
+}
diff --git a/modules/common/editorconfig.nix b/modules/common/editorconfig.nix
deleted file mode 100644
index 5dfe845..0000000
--- a/modules/common/editorconfig.nix
+++ /dev/null
@@ -1,133 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.editorconfig;
-in
-{
-  options.nixfiles.modules.editorconfig.enable = mkEnableOption "Editorconfig";
-
-  config = mkIf cfg.enable {
-    hm.editorconfig = {
-      enable = true;
-      settings = {
-        "*" = {
-          charset = "utf-8";
-          end_of_line = "lf";
-          indent_size = 2;
-          indent_style = "space";
-          insert_final_newline = true;
-          max_line_length = 80;
-          trim_trailing_whitespace = true;
-        };
-
-        # https://google.github.io/styleguide/cppguide.html#Spaces_vs._Tabs
-        "*.{c,cc,cpp,cxx,h,hh,hpp,hxx}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://go.dev/doc/effective_go#formatting
-        "{*.go,go.mod}" = {
-          indent_size = 2;
-          indent_style = "tab";
-        };
-
-        # https://google.github.io/styleguide/pyguide.html#s3.4-indentation
-        # https://peps.python.org/pep-0008/#indentation
-        "*.py" = {
-          indent_size = 4;
-          indent_style = "space";
-        };
-
-        # https://google.github.io/styleguide/shellguide.html#s5-formatting
-        "*.{sh,bash}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://www.haskell.org/onlinereport/haskell2010/haskellch10.html#x17-17800010.3
-        # https://en.wikibooks.org/wiki/Haskell/Indentation
-        "*.hs" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://google.github.io/styleguide/lispguide.xml#Formatting
-        "*.{lisp,cl,rkt,scm,el}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://github.com/ziglang/zig/wiki/FAQ#why-does-zig-fmt-use-spaces-instead-of-tabs
-        "*.zig" = {
-          indent_size = 4;
-          indent_style = "space";
-        };
-
-        "*.{asm,s,S}" = {
-          indent_size = 4;
-          indent_style = "spaces";
-        };
-
-        # https://www.gnu.org/software/make/manual/html_node/Rule-Syntax.html
-        "{Makefile*,*.mk}" = {
-          indent_size = 4;
-          indent_style = "tab";
-        };
-
-        # https://cmake-format.readthedocs.io/en/latest/configopts.html#tab-size
-        # https://cmake-format.readthedocs.io/en/latest/configopts.html#use-tabchars
-        "{CMakeLists.txt,*.cmake}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://github.com/NixOS/rfcs/pull/166
-        "*.nix" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://nickel-lang.org/user-manual/syntax
-        "*.ncl" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://developer.hashicorp.com/terraform/language/syntax/style
-        "*.{tf,hcl}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        "*.{json,jsn}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://yaml.org/spec/1.2.2/#61-indentation-spaces
-        "*.{yaml,yml}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        "*.{toml,tml}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://google.github.io/styleguide/htmlcssguide.html#Indentation
-        "*.{html,css}" = {
-          indent_size = 2;
-          indent_style = "space";
-        };
-
-        # https://latexindentpl.readthedocs.io/en/latest/sec-default-user-local.html
-        "*.{tex,cls}" = {
-          indent_size = 4;
-          indent_style = "tab";
-        };
-      };
-    };
-  };
-}
diff --git a/modules/common/emacs/default.nix b/modules/common/emacs/default.nix
deleted file mode 100644
index 4c43fd5..0000000
--- a/modules/common/emacs/default.nix
+++ /dev/null
@@ -1,278 +0,0 @@
-{
-  config,
-  inputs,
-  lib,
-  localUsername ? lib.my.username,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.emacs;
-in
-{
-  options.nixfiles.modules.emacs.enable = mkEnableOption "GNU Emacs";
-
-  config = mkIf cfg.enable {
-    secrets.authinfo = {
-      file = "${inputs.self}/secrets/authinfo";
-      owner = localUsername;
-    };
-
-    nixfiles.modules = {
-      git.client.enable = true;
-      gnupg.enable = true;
-      password-store.enable = true;
-      profiles.dev.enable = true;
-      profiles.email.enable = true;
-    };
-
-    hm = {
-      stylix.targets.emacs.enable = false;
-
-      xdg.configFile =
-        mapAttrs
-          (
-            _: value:
-            value
-            // {
-              onChange = with config.hm.programs; ''
-                export EMACSDIR="''${XDG_CONFIG_HOME:-$HOME/.config}/emacs"
-                export DOOMDIR="''${XDG_CONFIG_HOME:-$HOME/.config}/doom"
-
-                if [[ ! -d "$EMACSDIR/.git" ]]; then
-                  ${getExe git.package} clone --depth=1 --branch=master \
-                    "https://github.com/doomemacs/doomemacs" "$EMACSDIR"
-                fi
-
-                if [[ ! -d "$DOOMDIR/snippets" ]]; then
-                  mkdir -p "$DOOMDIR/snippets"
-                fi
-
-                if [[ -x "$EMACSDIR/bin/doom" ]]; then
-                  if [[ ! -d "$EMACSDIR/.local" ]]; then
-                    PATH="''${PATH:-/bin:/usr/bin:/usr/local/bin}:${emacs.package}/bin:${git.package}/bin" \
-                      "$EMACSDIR/bin/doom" install --force --verbose
-                  fi
-
-                  PATH="''${PATH:-/bin:/usr/bin:/usr/local/bin}:${emacs.package}/bin:${git.package}/bin" \
-                    "$EMACSDIR/bin/doom" sync -e --gc --force --verbose
-                fi
-              '';
-            }
-          )
-          {
-            "doom/init.el".source = ./doom/init.el;
-            "doom/packages.el".source = ./doom/packages.el;
-            "doom/config.el" = {
-              text = concatLines [
-                (
-                  let
-                    extraBins =
-                      with pkgs;
-                      [
-                        (aspellWithDicts (
-                          p: with p; [
-                            en
-                            ru
-                          ]
-                        )) # :checkers (spell +aspell)
-                        asmfmt # :editor format
-                        cargo # :lang rust
-                        clang-tools # :lang (cc +lsp) :editor format
-                        cmake-format # :lang cc :editor format
-                        cmigemo # :lang japanese
-                        config.hm.programs.emacs.package # !doom
-                        config.nix.package # !doom
-                        delve # :lang go :tools debugger
-                        dockerfile-language-server-nodejs # :tools (docker +lsp)
-                        dockfmt # :tools docker :editor format
-                        editorconfig-core-c # :tools editorconfig
-                        fd # doom!
-                        gcc # :lang cc
-                        ghc # :lang haskell
-                        gnuplot # :lang (org +gnuplot)
-                        gnutar # :tools tree-sitter
-                        gnutls # doom! :app irc
-                        go # :lang go
-                        godef # :lang go
-                        gomodifytags # :lang go
-                        gopls # :lang (go +lsp)
-                        gore # :lang go
-                        gotests # :lang go
-                        gotools # :lang go
-                        graphviz # :lang (org +roam2) :lang plantuml
-                        gzip # :tools tree-sitter
-                        haskellPackages.cabal-fmt # :lang haskell :editor format
-                        haskellPackages.cabal-install # :lang haskell
-                        haskellPackages.haskell-language-server # :lang (haskell +lsp)
-                        haskellPackages.hoogle # :lang haskell
-                        haskellPackages.ormolu # :lang haskell :editor format
-                        html-tidy # :lang web :editor format
-                        jdk # :lang java :lang plantuml :checkers grammar
-                        languagetool # :checkers grammar
-                        libxml2 # :lang data :editor format
-                        markdownlint-cli # :lang markdown
-                        nil # :lang (nix +lsp)
-                        nixfmt # :lang nix :editor format
-                        nls # :lang (nickel +lsp)
-                        nodePackages.bash-language-server # :lang (sh +lsp)
-                        nodePackages.eslint # :lang (json +lsp)
-                        nodePackages.js-beautify # :lang web
-                        nodePackages.prettier # :editor format
-                        nodePackages.stylelint # :lang web
-                        nodePackages.vscode-css-languageserver-bin # lang (web +lsp)
-                        nodePackages.vscode-html-languageserver-bin # lang (web +lsp)
-                        nodePackages.vscode-json-languageserver-bin # lang (json +lsp)
-                        nodejs # :tools debugger
-                        pandoc # :lang org markdown latex
-                        pinentry-emacs # doom!
-                        pipenv # :lang python
-                        poetry # :lang python
-                        pre-commit # :tools magit
-                        python3 # :lang python
-                        python3Packages.black # :lang python :editor format
-                        python3Packages.isort # :lang python :editor format
-                        python3Packages.nose # :lang python
-                        python3Packages.pyflakes # :lang python :editor format
-                        python3Packages.pytest # :lang python
-                        python3Packages.python-lsp-server # :lang python :editor format
-                        ripgrep # doom!
-                        rust-analyzer # :lang (rust +lsp)
-                        rustc # :lang rust
-                        rustfmt # :lang rust
-                        shellcheck # :lang sh
-                        shfmt # :lang sh :editor format
-                        sops
-                        sqlite # :lang (org +roam2) :tools lookup
-                        terraform-ls # :tools (terraform +lsp)
-                        texlab # lang (tex +lsp)
-                        texlive.combined.scheme-full # :lang org tex
-                        unzip # :tools debugger
-                        wordnet # :tools (lookup +dictionary +offline)
-                        yaml-language-server # :lang (yaml +lsp)
-                        zig # :lang zig :editor format
-                        zls # :lang (zig +lsp)
-                        zstd # :emacs undo
-                      ]
-                      ++ (
-                        # GDB doesn't support[1] Apple Silicon.
-                        #
-                        # [1]: https://inbox.sourceware.org/gdb/6b48224b-9e2e-518d-793b-df4fc5514884@arm.com/
-                        if (this.system != "aarch64-darwin") then
-                          [ gdb ] # :tools debugger
-                        else
-                          [ lldb ] # :tools debugger
-                      );
-
-                    parinferRustLibrary =
-                      if (hasSuffix "linux" this.system) then
-                        "${pkgs.parinfer-rust}/lib/libparinfer_rust.so"
-                      else
-                        "${pkgs.parinfer-rust}/lib/libparinfer_rust.dylib";
-                  in
-                  ''
-                    ;; Integrate packages which are required by various modules
-                    ;; without polluting the user's profile.
-                    (setq exec-path (append exec-path '(${concatMapStringsSep " " (x: ''"${x}/bin"'') extraBins})))
-                    (setenv "PATH" (concat (getenv "PATH") ":${concatMapStringsSep ":" (x: "${x}/bin") extraBins}"))
-
-                    ;; HACK Explicitly load specific Emacs packages from Nixpkgs.
-                    ;; For some reason providing them as "extraPackages" doesn't
-                    ;; work.
-                    (add-to-list 'load-path "${pkgs.mu.mu4e}/share/emacs/site-lisp/mu4e")
-                    (add-to-list 'load-path "${pkgs.emacsPackages.vterm}/share/emacs/site-lisp/elpa/vterm-${pkgs.emacsPackages.vterm.version}")
-
-                    (appendq! auth-sources '(("${config.secrets.authinfo.path}")))
-
-                    ;; :input japanese
-                    (setq migemo-dictionary "${pkgs.cmigemo}/share/migemo/utf-8/migemo-dict"
-                          migemo-options '("--quiet" "--emacs")
-                          skk-large-jisyo "${pkgs.skk-dicts}/share/SKK-JISYO.L"
-                          skk-show-inline t)
-
-                    ;; :editor parinfer
-                    (setq parinfer-rust-auto-download nil
-                          parinfer-rust-library "${parinferRustLibrary}")
-
-                    ;; :lang (org +roam2) :email mu4e
-                    (setq emacsql-sqlite-executable "${getExe pkgs.emacsql-sqlite}")
-
-                    ;; :lang plantuml
-                    (setq plantuml-jar-path "${pkgs.plantuml}/lib/plantuml.jar"
-                          plantuml-executable-path "${getExe' pkgs.plantuml "plantuml"}"
-                          org-plantuml-jar-path plantuml-jar-path
-                          org-plantuml-executable-path plantuml-executable-path)
-
-                    ;; :app irc
-                    (setq circe-default-nick "${my.username}"
-                          circe-default-realname "${my.email}"
-                          circe-default-user circe-default-nick)
-                  ''
-                )
-                (with config.stylix.fonts; ''
-                  (setq doom-font "${monospace.name}-${toString sizes.terminal}"
-                        doom-serif-font "${serif.name}-${toString sizes.terminal}"
-                        doom-variable-pitch-font "${sansSerif.name}-${toString sizes.terminal}")
-                '')
-                (
-                  with config.hm.accounts.email;
-                  let
-                    mu4eAccounts =
-                      let
-                        muAccounts = filter (a: a.mu.enable) (attrValues accounts);
-                      in
-                      concatMapStringsSep "\n" (
-                        a:
-                        with a;
-                        let
-                          personalAddresses = concatMapStringsSep " " (v: ''"${v}"'') aliases;
-                        in
-                        ''
-                          (set-email-account! "${name}"
-                            '((user-full-name           . "${realName}")
-                              (user-mail-address        . "${address}")
-                              (mu4e-inbox-folder        . "/${name}/${folders.inbox}")
-                              (mu4e-sent-folder         . "/${name}/${folders.sent}")
-                              (mu4e-drafts-folder       . "/${name}/${folders.drafts}")
-                              (mu4e-trash-folder        . "/${name}/${folders.trash}")
-                              (mu4e-refile-folder       . "/${name}/Archive")
-                              (+mu4e-personal-addresses . (${personalAddresses})))
-                            t)
-                        ''
-                      ) muAccounts;
-                  in
-                  ''
-                    (setq mu4e-root-maildir "${maildirBasePath}")
-
-                    ${mu4eAccounts}
-                  ''
-                )
-                (builtins.readFile ./doom/config.el)
-              ];
-            };
-          };
-
-      programs = {
-        emacs = {
-          enable = true;
-          package = pkgs.emacs29;
-        };
-
-        bash.initExtra = mkAfter ''
-          export PATH="$PATH:$XDG_CONFIG_HOME/emacs/bin"
-
-          # https://github.com/akermu/emacs-libvterm
-          if [[ "$INSIDE_EMACS" = vterm ]] && [[ -n "$EMACS_VTERM_PATH" ]] && [[ -f "$EMACS_VTERM_PATH/etc/emacs-vterm-bash.sh" ]]; then
-              source "$EMACS_VTERM_PATH/etc/emacs-vterm-bash.sh"
-          fi
-
-          # Not sourced from inside Emacs for some reason. Maybe it's not
-          # considered an interactive shell?
-          [[ -f ~/.profile ]] && . ~/.profile
-        '';
-      };
-    };
-  };
-}
diff --git a/modules/common/emacs/doom/config.el b/modules/common/emacs/doom/config.el
deleted file mode 100644
index c893e7f..0000000
--- a/modules/common/emacs/doom/config.el
+++ /dev/null
@@ -1,249 +0,0 @@
-;;
-;;; Misc
-;;
-
-(setq frame-title-format '("GNU Emacs"))
-
-(setq-hook! '(prog-mode-hook yaml-mode-hook)
-  display-line-numbers-type 'relative
-  scroll-margin 10
-  hscroll-margin 10)
-
-(when (featurep :system 'linux)
-  (setq browse-url-generic-program (executable-find "firefox")
-        browse-url-browser-function 'browse-url-generic))
-
-;;
-;;; Doom-specific
-;;
-
-(setq doom-theme 'modus-operandi
-      doom-modeline-icon nil
-      doom-modeline-indent-info t
-      doom-modeline-total-line-number t
-      doom-modeline-height 30)
-
-;;
-;;; Editorconfig
-;;
-
-(setq +editorconfig-mode-alist '((sh-mode . "sh"))
-      editorconfig-exclude-modes '(lisp-mode
-                                   common-lisp-mode
-                                   emacs-lisp-mode))
-
-;;
-;;; LSP
-;;
-
-(setq lsp-enable-suggest-server-download nil
-      lsp-modeline-code-actions-enable nil)
-
-;;
-;;; Go
-;;
-
-(setq lsp-go-analyses
-  '((unsedvariable . t)
-    (unusedparams . t)
-    (unusedwrite . t)))
-
-;;
-;;; Org
-;;
-
-(setq org-directory "~/doc/org/")
-
-;; For some reason only using `after!' work here. `setq-hook!' and etc doesn't
-;; produce expected results.
-(after! org
-  (setq org-todo-keywords '((sequence
-                             "TODO(t)"
-                             "LOOP(r)"
-                             "STRT(s@)"
-                             "WAIT(w@/!)"
-                             "HOLD(h@/!)"
-                             "IDEA(i)"
-                             "PROJ(p)"
-                             "|"
-                             "DONE(d@/!)"
-                             "KILL(k@/!)"))
-        org-todo-keyword-faces '(("STRT" . +org-todo-active)
-                                 ("WAIT" . +org-todo-onhold)
-                                 ("HOLD" . +org-todo-onhold)
-                                 ("PROJ" . +org-todo-project)
-                                 ("KILL" . +org-todo-cancel))
-        org-capture-templates '(("t" "Todo" entry
-                                 (file+headline +org-capture-todo-file "Inbox")
-                                 "* TODO %?\n%i\n%a" :prepend t)
-                                ("n" "Note" entry
-                                 (file+headline +org-capture-notes-file "Inbox")
-                                 "* %u %?\n%i\n%a" :prepend t)
-                                ("j" "Journal" entry
-                                 (file+olp+datetree +org-capture-journal-file)
-                                 "* %U %?\n%i\n%a" :prepend t))))
-
-(add-hook! 'org-mode-hook 'auto-fill-mode)
-
-(setq-hook! 'org-mode-hook fill-column 80)
-
-(setq org-roam-directory "~/doc/roam/"
-      org-roam-db-location (concat org-roam-directory ".db"))
-
-(use-package! org-roam-ui
-  :requires websocket
-  :after org-roam
-  :config
-  (setq org-roam-ui-sync-theme t
-        org-roam-ui-follow t
-        org-roam-ui-update-on-save t
-        org-roam-ui-open-on-start t))
-
-;;
-;;; LaTeX
-;;
-
-(map! :map cdlatex-mode-map
-      :i "TAB" #'cdlatex-tab)
-
-;;
-;;; PlantUML
-;;
-
-(setq plantuml-default-exec-mode 'executable
-      org-plantuml-exec-mode 'plantuml)
-
-;;
-;;; Elisp
-;;
-
-(after! flycheck
-  (pushnew! flycheck-disabled-checkers 'emacs-lisp-checkdoc))
-
-;; Turn this off because it leaves face artifacts when changing indentation.
-(add-hook! 'emacs-lisp-mode-hook
-  (highlight-indent-guides-mode -1))
-
-;;
-;;; Haskell
-;;
-
-(setq lsp-haskell-formatting-provider "ormolu")
-
-;;
-;;; Nickel
-;;
-
-(use-package! nickel-mode
-  :config
-  (after! lsp-mode
-    (add-to-list 'lsp-language-id-configuration '(nickel-mode . "nickel")
-      (lsp-register-client (make-lsp-client
-                             :new-connection (lsp-stdio-connection "nls")
-                             :activation-fn (lsp-activate-on "nickel")
-                             :server-id 'nls
-                             :major-modes 'nickel-mode)))
-    (add-hook 'nickel-mode-hook 'lsp-deferred)))
-
-;;
-;;; YAML
-;;
-
-;; Turn off `flycheck-mode' and `lsp-mode' for Helm templates.
-(add-hook! 'yaml-mode-hook
-  (defun nixfiles/disable-flycheck-for-helm-templates-h ()
-    (when (and buffer-file-name
-               (string-match-p "/templates/" buffer-file-name)
-               (or (string-suffix-p ".yaml" buffer-file-name)
-                   (string-suffix-p ".yml" buffer-file-name)))
-      (remove-hook! 'yaml-mode-local-vars-hook #'lsp!))))
-
-(setq-hook! 'yaml-mode-hook +format-with-lsp nil)
-
-;;
-;;; Elfeed
-;;
-
-(setq elfeed-db-directory "~/.elfeed"
-      elfeed-enclosure-default-dir (concat elfeed-db-directory "/enclosures")
-      rmh-elfeed-org-files (list (concat elfeed-db-directory "/index.org"))
-      elfeed-goodies/powerline-default-separator nil
-      elfeed-goodies/entry-pane-size 0.75
-      elfeed-goodies/entry-pane-position 'bottom)
-
-(add-hook! 'elfeed-new-entry-hook
-           '((elfeed-make-tagger :before "2 weeks ago"
-                                 :remove 'unread)
-             (elfeed-make-tagger :feed-title "SberMarket Tech"
-                                 :entry-title (not ".*(DevOps|Golang).*")
-                                 :add 'junk
-                                 :remove 'unread)
-             (elfeed-make-tagger :feed-title "dotconferences"
-                                 :entry-title (not ".*dotGo.*")
-                                 :add 'junk
-                                 :remove 'unread)))
-
-;;
-;;; mu4e
-;;
-
-(setq-hook! 'mu4e-main-mode-hook
-  mu4e-update-interval 30
-  message-send-mail-function #'message-send-mail-with-sendmail
-  message-sendmail-extra-arguments '("--read-envelope-from")
-  message-sendmail-f-is-evil t
-  send-mail-function #'sendmail-send-it
-  sendmail-program (executable-find "msmtp"))
-
-;;
-;;; Circe
-;;
-
-(setq circe-network-options
-      (mapcar (lambda (server)
-                `(,server
-                  :server-buffer-name ,server
-                  :host "azahi.cc"
-                  :port 6697
-                  :tls t
-                  :logging nil
-                  :user ,(concat circe-default-user "/" server)
-                  :pass ,(lambda (&rest _)
-                           (+pass-get-secret "server/soju.shire.net/azahi"))))
-              '("libera" "oftc" "hackint" "rizon")))
-
-;;
-;;; Sops
-;;
-
-(use-package! sops
-  :config
-  (global-sops-mode 1))
-
-;;
-;;; Hledger
-;;
-
-(use-package! hledger-mode
-  :disabled
-  :mode ("\\.journal\\'")
-  :hook ((hledger-view-mode . hl-line-mode)
-         (hledger-view-mode . center-text-for-reading))
-  :init
-  (setq hledger-jfile "~/doc/accounting/current.journal")
-  :config
-  (set-company-backend! 'hledger-mode 'hledger-company)
-  (add-hook! 'hledger-mode-hook
-    (lambda (&rest _)
-      (make-local-variable 'company-backends)
-      (add-to-list 'company-backends 'hledger-company))))
-
-(use-package! hledger-input
-  :disabled
-  :hook ((hledger-input-post-commit . hledger-show-new-balances)
-         (hledger-input-mode . auto-fill-mode)
-         (hledger-input-mode . (lambda (&rest _)
-                                 (make-local-variable 'compay-idle-delay)
-                                 (setq-local company-idle-delay 0.1))))
-  :init
-  (setq hledger-input-buffer-height 20))
diff --git a/modules/common/emacs/doom/init.el b/modules/common/emacs/doom/init.el
deleted file mode 100644
index 571993b..0000000
--- a/modules/common/emacs/doom/init.el
+++ /dev/null
@@ -1,99 +0,0 @@
-(doom! :input
-       japanese
-
-       :completion
-       company
-       vertico
-
-       :ui
-       doom
-       (emoji +unicode)
-       hl-todo
-       indent-guides
-       ligatures
-       modeline
-       nav-flash
-       ophints
-       (popup +defaults)
-       (vc-gutter +diff-hl +pretty)
-       window-select
-       workspaces
-
-       :editor
-       (evil +everywhere)
-       file-templates
-       fold
-       format
-       parinfer
-       snippets
-       word-wrap
-
-       :emacs
-       dired
-       electric
-       ibuffer
-       undo
-       vc
-
-       :term
-       eshell
-       vterm
-
-       :checkers
-       syntax
-       (spell +aspell +everywhere)
-       grammar
-
-       :tools
-       ansible
-       (debugger +lsp)
-       direnv
-       (docker +lsp)
-       editorconfig
-       (eval +overlay)
-       (lookup +dictionary +offline)
-       (lsp +peek)
-       magit
-       make
-       (pass +auth)
-       pdf
-       (terraform +lsp)
-       tree-sitter
-       upload
-
-       :os
-       (:if (featurep :system 'macos) macos)
-
-       :lang
-       (cc +lsp +tree-sitter)
-       data
-       dhall
-       emacs-lisp
-       (go +lsp +tree-sitter)
-       (haskell +lsp +tree-sitter)
-       java
-       javascript
-       (json +lsp +tree-sitter)
-       kotlin
-       (latex +latexmk +cdlatex +lsp)
-       markdown
-       (nix +lsp +tree-sitter)
-       (org +pandoc +roam2)
-       plantuml
-       (python +poetry +lsp +tree-sitter)
-       (rust +lsp +tree-sitter)
-       (sh +lsp +tree-sitter)
-       web
-       (yaml +lsp +tree-sitter)
-       (zig +lsp +tree-sitter)
-
-       :email
-       mu4e
-
-       :app
-       calendar
-       irc
-       (rss +org)
-
-       :config
-       (default +bindings +smartparens))
diff --git a/modules/common/emacs/doom/packages.el b/modules/common/emacs/doom/packages.el
deleted file mode 100644
index 2ed0e4c..0000000
--- a/modules/common/emacs/doom/packages.el
+++ /dev/null
@@ -1,12 +0,0 @@
-(disable-packages! writegood-mode)
-
-(package! org-roam-ui)
-
-(package! nickel-mode)
-
-(package! hledger-mode)
-
-(package! sops
-  :recipe (:type git
-           :host github
-           :repo "djgoku/sops"))
diff --git a/modules/common/eza.nix b/modules/common/eza.nix
deleted file mode 100644
index 96b7d4c..0000000
--- a/modules/common/eza.nix
+++ /dev/null
@@ -1,23 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.eza;
-in
-{
-  options.nixfiles.modules.eza.enable = mkEnableOption "eza, an alternative to ls";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules.common.shell.aliases = rec {
-      ls = "eza --smart-group --dereference";
-      ll = "${ls} --long --grid";
-      la = "${ll} --header --all";
-    };
-
-    hm.home.packages = [ pkgs.eza ];
-  };
-}
diff --git a/modules/common/git.nix b/modules/common/git.nix
deleted file mode 100644
index fbe190e..0000000
--- a/modules/common/git.nix
+++ /dev/null
@@ -1,173 +0,0 @@
-{
-  config,
-  inputs,
-  lib,
-  localUsername ? lib.my.username,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.git;
-in
-{
-  options.nixfiles.modules.git.client.enable = mkEnableOption "Git client";
-
-  config = mkIf cfg.client.enable {
-    secrets = {
-      glab-cli-config = {
-        file = "${inputs.self}/secrets/glab-cli-config";
-        path = "${config.dirs.config}/glab-cli/config.yml";
-        owner = localUsername;
-      };
-      gh-hosts = {
-        file = "${inputs.self}/secrets/gh-hosts";
-        path = "${config.dirs.config}/gh/hosts.yml";
-        owner = localUsername;
-      };
-      hut = {
-        file = "${inputs.self}/secrets/hut";
-        path = "${config.dirs.config}/hut/config";
-        owner = localUsername;
-      };
-    };
-
-    nixfiles.modules.common.shell.aliases = {
-      gl = "glab";
-      ht = "hut";
-    };
-
-    hm = {
-      home.packages = with pkgs; [
-        git-extras
-        glab
-        hut
-      ];
-
-      programs = {
-        git = {
-          enable = true;
-
-          package = pkgs.git.override {
-            doInstallCheck = false;
-            pythonSupport = false;
-            sendEmailSupport = true;
-            withLibsecret = false;
-            withSsh = true;
-          };
-
-          userName = my.fullname;
-          userEmail = my.email;
-          signing = {
-            inherit (my.pgp) key;
-            signByDefault = true;
-          };
-
-          extraConfig =
-            {
-              color.ui = true;
-              core.whitespace = "trailing-space";
-              init.defaultBranch = "master";
-              status.submoduleSummary = true;
-              commit.verbose = true;
-              push.autoSetupRemote = true;
-              pull.rebase = true;
-              rebase = {
-                autoStash = true;
-                autoSquash = true;
-              };
-              rerere.enabled = true;
-              branch.sort = "-committerdate";
-              diff = {
-                mnemonicPrefix = true;
-                renames = "copies";
-                submodule = "log";
-              };
-              submodule.recurse = true;
-              sendemail = rec {
-                smtpServer = my.domain.shire;
-                smtpUser = "${my.username}@${smtpServer}";
-                smtpEncryption = "ssl";
-                smtpServerPort = 465;
-                annotate = true;
-                confirm = "always";
-              };
-              column.ui = "auto";
-              github.user = my.username;
-              gitlab.user = my.username;
-            }
-            // mapAttrs' (name: value: nameValuePair ''url "git@${value}:"'' { insteadOf = "${name}:"; }) {
-              "bitbucket" = "bitbucket.com";
-              "codeberg" = "codeberg.org";
-              "github" = "github.com";
-              "gitlab" = "gitlab.com";
-              "sourcehut" = "git.sr.ht";
-            }
-            //
-              mapAttrs' (name: values: nameValuePair ''url "https://${values}/"'' { insteadOf = "${name}:"; })
-                {
-                  "alpine" = "gitlab.alpinelinux.org";
-                  "debian" = "salsa.debian.org";
-                  "freedesktop" = "gitlab.freedesktop.org";
-                  "gnome" = "gitlab.gnome.org";
-                  "haskell" = "gitlab.haskell.org";
-                  "homotopic" = "gitlab.homotopic.tech";
-                  "horizon" = "gitlab.horizon-haskell.net";
-                  "kde" = "invent.kde.org";
-                  "nixca" = "gitlab.nixca.dev";
-                  "notabug" = "notabug.org";
-                  "opencode" = "opencode.net";
-                  "torproject" = "gitlab.torproject.org";
-                  "videolan" = "code.videolan.org";
-                };
-
-          aliases =
-            let
-              git = getExe config.hm.programs.git.package;
-              curl = getExe pkgs.curl;
-            in
-            {
-              amend = "commit --amend";
-              cat = "cat-file -p";
-              fast = "clone --depth=1";
-              fixup = "commit --fixup";
-              fuck = "!${git} reset --hard && ${git} clean --force -dx";
-              get = "pull --all --recurse-submodules --autostash";
-              gud = ''commit -m "git gud"'';
-              refresh = "clean --force -dx";
-              tree = "log --graph --date=relative --pretty=tformat:'%Cred%h%Creset -%C(auto)%d%Creset %s %Cgreen(%an %ad)%Creset'";
-              uncommit = "reset --soft HEAD~1";
-              untrack = "rm --cache --";
-              wtc = "!${curl} -sq whatthecommit.com/index.txt | ${git} commit -F -";
-            };
-
-          # All helper tools/editor generated files should go here. This must be
-          # kept void of any project-specific or residual files.
-          ignores = [
-            "*~"
-            ".DS_Store"
-            ".cache/clangd/"
-            ".ccls-cache/"
-            ".gdb_history"
-            ".netrwhist"
-            ".projectile"
-            "[._]*.s[a-v][a-z]"
-            "[._]*.sw[a-p]"
-            "[._]s[a-rt-v][a-z]"
-            "[._]ss[a-gi-z]"
-            "[._]sw[a-p]"
-            "\#*\#"
-            "compile_commands*.json"
-            "cscope.*"
-            "vgcore.*"
-          ];
-        };
-
-        gh = {
-          enable = true;
-          settings.git_protocol = "ssh";
-        };
-      };
-    };
-  };
-}
diff --git a/modules/common/gnupg.nix b/modules/common/gnupg.nix
deleted file mode 100644
index b32d94c..0000000
--- a/modules/common/gnupg.nix
+++ /dev/null
@@ -1,72 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.gnupg;
-in
-{
-  options.nixfiles.modules.gnupg.enable = mkEnableOption "GnuPG";
-
-  config = mkIf cfg.enable {
-    hm.programs.gpg = {
-      enable = true;
-
-      settings =
-        {
-          display-charset = "utf-8";
-          enable-progress-filter = true;
-          fixed-list-mode = true;
-          keyid-format = "0xlong";
-          no-comments = true;
-          no-emit-version = true;
-          no-greeting = true;
-          with-fingerprint = true;
-          throw-keyids = false;
-
-          use-agent = true;
-
-          armor = true;
-
-          no-random-seed-file = true;
-
-          list-options = "show-uid-validity";
-          verify-options = "show-uid-validity";
-        }
-        // (
-          let
-            cipherAlgos = [
-              "AES256"
-              "AES192"
-              "AES"
-            ];
-            digestAlgos = [
-              "SHA512"
-              "SHA384"
-              "SHA256"
-              "SHA224"
-            ];
-            compressionAlgos = [
-              "ZLIB"
-              "BZIP2"
-              "ZIP"
-              "Uncompressed"
-            ];
-
-            cs = concatStringsSep " ";
-          in
-          {
-            default-preference-list = cs (cipherAlgos ++ digestAlgos ++ compressionAlgos);
-
-            personal-cipher-preferences = cs cipherAlgos;
-            personal-digest-preferences = cs digestAlgos;
-            personal-compress-preferences = cs compressionAlgos;
-
-            s2k-cipher-algo = head cipherAlgos;
-            s2k-digest-algo = head digestAlgos;
-
-            digest-algo = head digestAlgos;
-            cert-digest-algo = head digestAlgos;
-          }
-        );
-    };
-  };
-}
diff --git a/modules/common/common/home-manager.nix b/modules/common/home-manager.nix
index 3c9fa0e..9c4cbeb 100644
--- a/modules/common/common/home-manager.nix
+++ b/modules/common/home-manager.nix
@@ -1,24 +1,25 @@
 {
+  config,
   inputs,
   lib,
-  localUsername ? lib.my.username,
   ...
 }:
 with lib;
 {
   imports = [
+    inputs.home-manager.nixosModule
     (mkAliasOptionModule [ "hm" ] [
       "home-manager"
       "users"
-      localUsername
+      my.username
     ])
   ];
 
   hm = {
     news.display = "silent";
-    # NOTE Inheriting directly from `system.stateVersion` does not work with
-    # nix-darwin for some reason.
-    home.stateVersion = with builtins; head (split "\n" (readFile "${inputs.nixpkgs}/.version"));
+    home = {
+      inherit (config.system) stateVersion;
+    };
   };
 
   home-manager = {
diff --git a/modules/common/htop.nix b/modules/common/htop.nix
deleted file mode 100644
index 647abf7..0000000
--- a/modules/common/htop.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.htop;
-in
-{
-  options.nixfiles.modules.htop.enable = mkEnableOption "htop";
-
-  config = mkIf cfg.enable {
-    hm.programs.htop = {
-      enable = true;
-
-      settings = with config.hm.lib.htop; {
-        fields = with fields; [
-          PID
-          USER
-          PRIORITY
-          NICE
-          M_SIZE
-          M_RESIDENT
-          M_SHARE
-          STATE
-          PERCENT_CPU
-          PERCENT_MEM
-          TIME
-          COMM
-        ];
-        account_guest_in_cpu_meter = 1;
-        detailed_cpu_time = 0;
-        enable_mouse = 0;
-        find_comm_in_cmdline = 1;
-        header_margin = 1;
-        hide_function_bar = 1;
-        hide_kernel_threads = 1;
-        hide_userland_threads = 1;
-        highlight_base_name = 1;
-        highlight_changes = 0;
-        highlight_changes_delay_secs = 1;
-        highlight_deleted_exe = 1;
-        highlight_megabytes = 1;
-        highlight_threads = 1;
-        shadow_other_users = 1;
-        show_cpu_frequency = 1;
-        show_cpu_usage = 1;
-        show_program_path = 0;
-        show_thread_names = 0;
-        strip_exe_from_cmdline = 1;
-        tree_view = 1;
-        tree_view_always_by_pid = 1;
-        update_process_names = 1;
-      };
-    };
-  };
-}
diff --git a/modules/common/kernel.nix b/modules/common/kernel.nix
new file mode 100644
index 0000000..5c45b5d
--- /dev/null
+++ b/modules/common/kernel.nix
@@ -0,0 +1,40 @@
+{ lib, ... }:
+with lib;
+{
+  boot = {
+    # I don't use it even on laptops. It's also /required/ to disable it for
+    # ZFS[1].
+    # [1]: https://github.com/openzfs/zfs/issues/260
+    # [1]: https://github.com/openzfs/zfs/issues/12842
+    kernelParams = [ "hibernate=no" ];
+
+    kernel.sysctl = {
+      "fs.file-max" = pow 2 17;
+      "fs.inotify.max_user_watches" = pow 2 19;
+      "fs.suid_dumpable" = 0;
+      "kernel.core_uses_pid" = 1;
+      "kernel.exec-shield" = 1;
+      "kernel.kptr_restrict" = 1;
+      "kernel.maps_protect" = 1;
+      "kernel.msgmax" = pow 2 16;
+      "kernel.msgmnb" = pow 2 16;
+      "kernel.pid_max" = pow 2 16;
+      "kernel.randomize_va_space" = 2;
+      "kernel.shmall" = pow 2 28;
+      "kernel.shmmax" = pow 2 28;
+      "kernel.sysrq" = 0;
+      "vm.dirty_background_bytes" = pow 2 22;
+      "vm.dirty_background_ratio" = 5;
+      "vm.dirty_bytes" = pow 2 22;
+      "vm.dirty_ratio" = 30;
+      "vm.min_free_kbytes" = pow 2 16;
+      "vm.mmap_min_addr" = pow 2 12;
+      "vm.overcommit_memory" = mkDefault 0;
+      "vm.overcommit_ratio" = mkDefault 50;
+      "vm.vfs_cache_pressure" = 50;
+    };
+  };
+
+  # https://docs.kernel.org/admin-guide/mm/ksm.html
+  hardware.ksm.enable = true;
+}
diff --git a/modules/common/locale.nix b/modules/common/locale.nix
new file mode 100644
index 0000000..7e8eefb
--- /dev/null
+++ b/modules/common/locale.nix
@@ -0,0 +1,46 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+with lib;
+{
+  hm.home.language = {
+    collate = "C";
+    messages = "C";
+  };
+
+  i18n = {
+    defaultLocale = mkDefault "en_GB.UTF-8";
+    supportedLocales = [
+      "C.UTF-8/UTF-8"
+      "en_GB.UTF-8/UTF-8"
+      "en_US.UTF-8/UTF-8"
+      "ja_JP.UTF-8/UTF-8"
+      "ru_RU.UTF-8/UTF-8"
+    ];
+
+    inputMethod = {
+      enabled = null; # FIXME Breaks on Wayland.
+      fcitx5 = {
+        addons = with pkgs; [
+          fcitx5-configtool
+          fcitx5-mozc
+        ];
+        waylandFrontend = config.nixfiles.modules.wayland.enable;
+      };
+    };
+  };
+
+  services.xserver.xkb = {
+    layout = "us,ru";
+    variant = ",phonetic";
+    options = concatStringsSep "," [
+      "caps:escape"
+      "compose:menu"
+      "grp:win_space_toggle"
+      "terminate:ctrl_alt_bksp"
+    ];
+  };
+}
diff --git a/modules/common/mpv.nix b/modules/common/mpv.nix
deleted file mode 100644
index 9cd1e91..0000000
--- a/modules/common/mpv.nix
+++ /dev/null
@@ -1,156 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.mpv;
-in
-{
-  options.nixfiles.modules.mpv.enable = mkEnableOption "mpv";
-
-  config = mkIf cfg.enable {
-    hm.programs.mpv = {
-      enable = true;
-
-      package =
-        with pkgs;
-        wrapMpv
-          (mpv-unwrapped.override {
-            bs2bSupport = false;
-            cacaSupport = false;
-            dvbinSupport = false;
-            dvdnavSupport = false;
-            swiftSupport = false;
-          })
-          {
-            scripts = with mpvScripts; [
-              autoload
-              sponsorblock
-            ];
-          };
-
-      bindings = {
-        "RIGHT" = "seek 10";
-        "LEFT" = "seek -10";
-        "UP" = "seek 60";
-        "DOWN" = "seek -60";
-
-        "Shift+RIGHT" = "no-osd seek 1 exact";
-        "Shift+LEFT" = "no-osd seek -1 exact";
-        "Shift+UP" = "no-osd seek 5 exact";
-        "Shift+DOWN" = "no-osd seek -5 exact";
-
-        "Alt+h" = "add sub-delay +1";
-        "Alt+l" = "add sub-delay -1";
-
-        "Alt+k" = "add sub-scale +0.1";
-        "Alt+j" = "add sub-scale -0.1";
-
-        "B" = ''cycle-values background "#000000" "#ffffff"'';
-      };
-
-      profiles = {
-        "protocol.http".force-window = "immediate";
-        "protocol.https".profile = "protocol.http";
-
-        "extension.gif" = {
-          cache = false;
-          loop-file = true;
-        };
-        "extension.png" = {
-          profile = "extension.gif";
-          video-aspect-override = 0;
-        };
-        "extension.jpeg".profile = "extension.png";
-        "extension.jpg".profile = "extension.png";
-      };
-
-      config =
-        let
-          lang = concatStringsSep "," [
-            "Japanese"
-            "japanese"
-            "jp"
-            "jpn"
-            "jaJP"
-            "ja-JP"
-            "English"
-            "english"
-            "en"
-            "eng"
-            "enUS"
-            "en-US"
-            "Russian"
-            "russian"
-            "ru"
-            "rus"
-            "ruRU"
-            "ru-RU"
-          ];
-        in
-        {
-          autofit-larger = "100%x95%";
-          cache = true;
-          cursor-autohide = 1000;
-          cursor-autohide-fs-only = true;
-          demuxer-max-back-bytes = "20M";
-          demuxer-max-bytes = "20M";
-          force-seekable = true;
-          fullscreen = true;
-          msg-color = true;
-          msg-module = true;
-          prefetch-playlist = true;
-          save-position-on-quit = true;
-          screenshot-format = "png";
-          screenshot-template = "%F [%p]";
-          stop-screensaver = true;
-          term-osd-bar = true;
-          use-filedir-conf = true;
-
-          osd-bar-align-y = 0;
-          osd-bar-h = 2;
-          osd-bar-w = 60;
-          osd-border-color = "#FF262626";
-          osd-border-size = 2;
-          osd-color = "#FFFFFFFF";
-          osd-duration = 1000;
-          osd-font-size = 40;
-          osd-fractions = true;
-          osd-level = 1;
-          osd-shadow-color = "#33000000";
-
-          # osc = false;
-
-          blend-subtitles = true;
-          embeddedfonts = false;
-          sub-ass-force-margins = true;
-          sub-ass-force-style = "kerning=yes";
-          sub-auto = "fuzzy";
-          sub-border-color = "#FF262626";
-          sub-border-size = 2.5;
-          sub-color = "#FFFFFFFF";
-          sub-file-paths-append = "srt";
-          sub-fix-timing = true;
-          sub-font-size = 40;
-          sub-scale-with-window = true;
-          sub-shadow-color = "#33000000";
-          sub-shadow-offset = 1;
-          sub-spacing = 0.5;
-          sub-use-margins = true;
-
-          audio-file-auto = "fuzzy";
-          volume = 100;
-          volume-max = 200;
-
-          alang = lang;
-          slang = lang;
-
-          ytdl = true;
-          ytdl-raw-options = ''sub-lang="${lang}",write-sub='';
-        };
-    };
-  };
-}
diff --git a/modules/common/networking.nix b/modules/common/networking.nix
new file mode 100644
index 0000000..727def4
--- /dev/null
+++ b/modules/common/networking.nix
@@ -0,0 +1,131 @@
+{
+  config,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib;
+let
+  cfg = config.nixfiles.modules.common.networking;
+in
+{
+  options.nixfiles.modules.common.networking.onlyDefault = mkEnableOption "custom networking settings";
+
+  config = mkIf (!cfg.onlyDefault) {
+    ark.directories =
+      with config.networking;
+      optional networkmanager.enable "/etc/NetworkManager/system-connections"
+      ++ optional wireless.iwd.enable "/var/lib/iwd";
+
+    # TODO Switch to systemd-networkd.
+    networking = mkMerge [
+      {
+        domain = my.domain.shire;
+
+        hostName = this.hostname;
+        hostId = substring 0 8 (builtins.hashString "md5" this.hostname);
+
+        # Remove default hostname mappings. This is required at least by the
+        # current implementation of the monitoring module.
+        hosts = {
+          "127.0.0.2" = mkForce [ ];
+          "::1" = mkForce [ ];
+        };
+
+        nameservers = mkDefault dns.const.quad9.default;
+        resolvconf.enable = true;
+
+        useDHCP = false;
+
+        nftables.enable = true;
+
+        firewall = {
+          enable = true;
+
+          rejectPackets = false;
+
+          allowPing = true;
+          pingLimit = "1/minute burst 5 packets";
+
+          logRefusedConnections = false;
+          logRefusedPackets = false;
+          logRefusedUnicastsOnly = false;
+          logReversePathDrops = false;
+        };
+      }
+      (
+        let
+          interface = "eth0"; # This assumes `usePredictableInterfaceNames` is false.
+        in
+        mkIf (hasAttr "ipv4" this && hasAttr "ipv6" this) {
+          usePredictableInterfaceNames = false; # NOTE This can break something!
+          interfaces.${interface} = {
+            ipv4.addresses =
+              with this.ipv4;
+              optional (isString address && isInt prefixLength) { inherit address prefixLength; };
+
+            ipv6.addresses =
+              with this.ipv6;
+              optional (isString address && isInt prefixLength) { inherit address prefixLength; };
+          };
+          defaultGateway =
+            with this.ipv4;
+            mkIf (isString gatewayAddress) {
+              inherit interface;
+              address = gatewayAddress;
+            };
+          defaultGateway6 =
+            with this.ipv6;
+            mkIf (isString gatewayAddress) {
+              inherit interface;
+              address = gatewayAddress;
+            };
+        }
+      )
+      (mkIf this.isHeadful {
+        interfaces = {
+          eth0.useDHCP = mkDefault true;
+          wlan0.useDHCP = mkDefault true;
+        };
+
+        networkmanager = {
+          enable = mkDefault true;
+          wifi.backend = "iwd";
+        };
+
+        wireless = {
+          enable = false;
+          iwd.enable = mkDefault true;
+          userControlled.enable = true;
+          allowAuxiliaryImperativeNetworks = true;
+        };
+      })
+    ];
+
+    environment = {
+      shellAliases = listToAttrs (
+        map ({ name, value }: nameValuePair name "${pkgs.iproute2}/bin/${value}") [
+          {
+            name = "bridge";
+            value = "bridge -color=always";
+          }
+          {
+            name = "ip";
+            value = "ip -color=always";
+          }
+          {
+            name = "tc";
+            value = "tc -color=always";
+          }
+        ]
+      );
+
+      systemPackages = with pkgs; [
+        ethtool
+        myip
+        nethogs
+      ];
+    };
+  };
+}
diff --git a/modules/common/nix.nix b/modules/common/nix.nix
new file mode 100644
index 0000000..db46336
--- /dev/null
+++ b/modules/common/nix.nix
@@ -0,0 +1,150 @@
+{
+  config,
+  inputs,
+  lib,
+  pkgs,
+  this,
+  ...
+}:
+with lib;
+let
+  cfg = config.nixfiles.modules.common.nix;
+in
+{
+  options.nixfiles.modules.common.nix.allowedUnfreePackages = mkOption {
+    description = "A list of allowed unfree packages.";
+    type = with types; listOf str;
+    default = [ ];
+  };
+
+  config = {
+    _module.args =
+      let
+        importNixpkgs =
+          nixpkgs:
+          import nixpkgs {
+            inherit (config.nixpkgs) config;
+            inherit (this) system;
+          };
+      in
+      rec {
+        pkgsLocal = importNixpkgs "${config.my.home}/src/nixpkgs"; # Impure!
+        pkgsMaster = importNixpkgs inputs.nixpkgs-master;
+        pkgsStable = importNixpkgs inputs.nixpkgs-stable;
+        pkgsRev =
+          rev: hash:
+          importNixpkgs (
+            pkgs.fetchFromGitHub {
+              owner = "NixOS";
+              repo = "nixpkgs";
+              inherit rev hash;
+            }
+          );
+        pkgsPr = pr: pkgsRev "refs/pull/${toString pr}/head";
+      };
+
+    hm = {
+      # Used primarily in conjunction with the "nixfiles" script.
+      home.file.".nix-defexpr/default.nix".text =
+        let
+          hostname = strings.escapeNixIdentifier this.hostname;
+        in
+        optionalString this.isHeadful ''
+          let
+            self = builtins.getFlake "nixfiles";
+            configurations = self.nixosConfigurations;
+            local = configurations.${hostname};
+          in rec {
+            inherit self;
+            inherit (self) inputs lib;
+            inherit (lib) my;
+            this = my.configurations.${hostname};
+            inherit (local) config;
+            inherit (local.config.system.build) toplevel vm vmWithBootLoader manual;
+            pretty = expr: lib.trace (lib.generators.toPretty {} expr) {};
+          } // configurations // local._module.args
+        '';
+
+      programs.bash.shellAliases.nix = "nix --verbose --print-build-logs";
+    };
+
+    nix =
+      let
+        notSelfInputs = filterAttrs (n: _: n != "self") inputs;
+      in
+      {
+        daemonCPUSchedPolicy = "idle";
+        daemonIOSchedClass = "idle";
+        daemonIOSchedPriority = 7;
+
+        settings = {
+          # https://nixos.org/manual/nix/unstable/contributing/experimental-features.html#currently-available-experimental-features
+          # https://github.com/NixOS/nix/blob/master/src/libutil/experimental-features.cc
+          experimental-features = concatStringsSep " " [
+            "flakes"
+            "nix-command"
+            "recursive-nix"
+            "repl-flake"
+          ];
+
+          keep-derivations = if this.isHeadful then "true" else "false";
+          keep-outputs = if this.isHeadful then "true" else "false";
+
+          flake-registry = "${inputs.flake-registry}/flake-registry.json";
+
+          warn-dirty = false;
+
+          keep-going = true;
+
+          substituters = [
+            "https://azahi.cachix.org"
+            "https://nix-community.cachix.org"
+          ];
+          trusted-public-keys = [
+            "azahi.cachix.org-1:2bayb+iWYMAVw3ZdEpVg+NPOHCXncw7WMQ0ElX1GO3s="
+            "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+          ];
+
+          trusted-users = [
+            "root"
+            my.username
+          ];
+        };
+
+        nixPath = mapAttrsToList (n: v: "${n}=${v}") notSelfInputs ++ [
+          "nixfiles=${config.my.home}/src/nixfiles"
+        ];
+
+        registry = mapAttrs (_: flake: { inherit flake; }) notSelfInputs // {
+          nixfiles.flake = inputs.self;
+        };
+      };
+
+    nixpkgs = {
+      config.allowUnfreePredicate = p: elem (getName p) cfg.allowedUnfreePackages;
+
+      overlays = with inputs; [
+        self.overlays.default
+        (_: _: { })
+      ];
+    };
+
+    environment = {
+      localBinInPath = true;
+      defaultPackages = mkForce [ ];
+      systemPackages =
+        with pkgs;
+        optionals this.isHeadful [
+          nix-top
+          nix-tree
+          nixfiles
+        ];
+      sessionVariables = {
+        NIXFILES = "${config.my.home}/src/nixfiles";
+        NIX_SHELL_PRESERVE_PROMPT = "1";
+      };
+    };
+
+    system.stateVersion = with builtins; head (split "\n" (readFile "${inputs.nixpkgs}/.version"));
+  };
+}
diff --git a/modules/common/nmap.nix b/modules/common/nmap.nix
deleted file mode 100644
index 71b3d0b..0000000
--- a/modules/common/nmap.nix
+++ /dev/null
@@ -1,80 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  inputs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.nmap;
-in
-{
-  options.nixfiles.modules.nmap.enable = mkEnableOption "Nmap";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules.common.shell.aliases = {
-      nmap-vulners = "nmap -sV --script=vulners/vulners.nse";
-      nmap-vulscan = "nmap -sV --script=vulscan/vulscan.nse";
-    };
-
-    hm = {
-      home = {
-        file = {
-          ".nmap/scripts/vulners".source = inputs.nmap-vulners;
-          ".nmap/scripts/vulscan/vulscan.nse".source = "${inputs.nmap-vulscan}/vulscan.nse";
-        };
-
-        packages = with pkgs; [
-          nmap
-          nmap-formatter
-        ];
-
-        activation.regenerateNmapScripts = with pkgs; ''
-          ${getExe' nmap "nmap"} --script-updatedb
-        '';
-      };
-
-      systemd.user = {
-        services.update-nmap-vulscan-lists = {
-          Service = {
-            ExecStart = getExe (
-              pkgs.writeShellApplication {
-                name = "update-nmap-vulscan-lists";
-                runtimeInputs = [ pkgs.curl ];
-                text = ''
-                  declare -a vulscandbs=(
-                    "cve"
-                    "exploitdb"
-                    "openvas"
-                    "osvdb"
-                    "scipvuldb"
-                    "securityfocus"
-                    "securitytracker"
-                    "xforce"
-                  )
-                  for i in "''${vulscandbs[@]}"; do
-                    curl \
-                      -o "${config.my.home}/.nmap/scripts/vulscan/$i.csv" \
-                      "https://www.computec.ch/projekte/vulscan/download/$i.csv"
-                  done
-                '';
-              }
-            );
-          };
-        };
-
-        timers.update-nmap-vulscan-lists = {
-          # TODO Figure out how to check for network-online.target for user
-          # timers.
-          Timer = {
-            OnCalendar = "daily";
-            Persistent = true;
-            Unit = "update-nmap-vulscan-lists.service";
-          };
-          Install.WantedBy = [ "timers.target" ];
-        };
-      };
-    };
-  };
-}
diff --git a/modules/common/openssh.nix b/modules/common/openssh.nix
deleted file mode 100644
index f60a1ef..0000000
--- a/modules/common/openssh.nix
+++ /dev/null
@@ -1,72 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.openssh;
-in
-{
-  options.nixfiles.modules.openssh.client.enable = mkEnableOption "OpenSSH client";
-
-  config = mkIf cfg.client.enable {
-    hm = {
-      home.packages = with pkgs; [
-        mosh
-        sshfs
-        sshpass
-      ];
-
-      programs.ssh = {
-        enable = true;
-
-        hashKnownHosts = true;
-
-        controlMaster = "auto";
-        controlPersist = "24H";
-
-        serverAliveCountMax = 30;
-        serverAliveInterval = 60;
-
-        matchBlocks =
-          let
-            mkBlock =
-              name:
-              {
-                hostname ? name,
-                port ? 22022, # NOTE This is not the default OpenSSH port.
-                user ? my.username,
-                identityFile ? "${config.my.home}/.ssh/${my.username}_${my.ssh.type}",
-                extraAttrs ? { },
-              }:
-              nameValuePair name (
-                {
-                  inherit
-                    hostname
-                    port
-                    user
-                    identityFile
-                    ;
-                }
-                // extraAttrs
-              );
-
-            internalServers = mapAttrs' mkBlock (
-              mapAttrs (name: _: { hostname = "${name}.${my.domain.shire}"; }) (
-                filterAttrs (_: attr: hasAttr "wireguard" attr && attr.isHeadless) my.configurations
-              )
-            );
-          in
-          internalServers
-          // (mapAttrs' mkBlock {
-            gitolite = {
-              user = "git";
-              hostname = "git.${my.domain.shire}";
-            };
-          });
-      };
-    };
-  };
-}
diff --git a/modules/common/password-store.nix b/modules/common/password-store.nix
deleted file mode 100644
index e5cd756..0000000
--- a/modules/common/password-store.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.password-store;
-in
-{
-  options.nixfiles.modules.password-store.enable = mkEnableOption "the standard UNIX password manager";
-
-  config = mkIf cfg.enable {
-    hm.programs = {
-      password-store = {
-        enable = true;
-
-        package = pkgs.pass.withExtensions (p: with p; [ pass-otp ]);
-
-        settings.PASSWORD_STORE_DIR = "${config.my.home}/.password-store";
-      };
-
-      # HACK https://github.com/NixOS/nixpkgs/issues/183604
-      bash.initExtra =
-        let
-          completions = "${config.hm.programs.password-store.package}/share/bash-completion/completions";
-        in
-        mkAfter ''
-          source ${completions}/pass-otp
-          source ${completions}/pass
-        '';
-    };
-  };
-}
diff --git a/modules/common/profiles/default.nix b/modules/common/profiles/default.nix
deleted file mode 100644
index 79ce39d..0000000
--- a/modules/common/profiles/default.nix
+++ /dev/null
@@ -1,52 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.default;
-in
-{
-  imports = [
-    ./dev
-    ./email.nix
-    ./headful.nix
-    ./headless.nix
-  ];
-
-  options.nixfiles.modules.profiles.default.enable =
-    mkEnableOption "The most default profile of them all."
-    // {
-      default = true;
-    };
-
-  config = mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = !(with this; isHeadless && isHeadful);
-        message = ''
-          The configuration cannot be both "headful" and "headless" at the same
-          time.
-        '';
-      }
-    ];
-
-    nixfiles.modules = {
-      bat.enable = true;
-      eza.enable = true;
-      htop.enable = true;
-      tmux.enable = true;
-      vim.enable = true;
-    };
-
-    time.timeZone = "Europe/Moscow";
-
-    environment.systemPackages = with pkgs; [
-      file
-      tree
-    ];
-  };
-}
diff --git a/modules/common/profiles/dev/containers.nix b/modules/common/profiles/dev/containers.nix
deleted file mode 100644
index 8f3bfc6..0000000
--- a/modules/common/profiles/dev/containers.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.dev.containers;
-in
-{
-  options.nixfiles.modules.profiles.dev.containers.enable =
-    mkEnableOption "Tools for working with containers and container orchestration"
-    // {
-      default = config.nixfiles.modules.profiles.dev.enable;
-    };
-
-  config = mkIf cfg.enable {
-    nixfiles.modules.common.shell.aliases = {
-      h = "helm";
-      k = "kubectl";
-      kns = "kubens";
-      ktx = "kubectx";
-    };
-
-    hm.home = {
-      sessionVariables = {
-        MINIKUBE_IN_STYLE = "false";
-        WERF_DEV = "true";
-        WERF_INSECURE_REGISTRY = "true";
-        WERF_LOG_DEBUG = "true";
-        WERF_LOG_PRETTY = "false";
-        WERF_LOG_VERBOSE = "true";
-        WERF_SYNCHRONIZATION = ":local";
-        WERF_TELEMETRY = "false";
-      };
-
-      packages = with pkgs; [
-        k9s
-        kubectl
-        kubectl-doctor
-        kubectl-images
-        kubectl-tree
-        kubectx
-        kubelogin-oidc
-        kubent
-        kubernetes-helm
-        kubespy
-        minikube
-        skopeo
-        stern
-        telepresence2
-        werf
-      ];
-    };
-  };
-}
diff --git a/modules/common/profiles/dev/default.nix b/modules/common/profiles/dev/default.nix
deleted file mode 100644
index 6ac1fe6..0000000
--- a/modules/common/profiles/dev/default.nix
+++ /dev/null
@@ -1,84 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.dev;
-in
-{
-  imports = [
-    ./containers.nix
-    ./hidden.nix
-    ./sql.nix
-  ];
-
-  options.nixfiles.modules.profiles.dev.enable = mkEnableOption "Catch-all profile for stuff related to software development and etc.";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules = {
-      bat.enable = true;
-      curl.enable = true;
-      direnv.enable = true;
-      editorconfig.enable = true;
-      git.client.enable = true;
-      gnupg.enable = true;
-      nmap.enable = true;
-      wget.enable = true;
-    };
-
-    hm = {
-      home = {
-        sessionVariables = rec {
-          CABAL_DIR = "${config.dirs.data}/cabal";
-          CABAL_CONFIG = pkgs.writeText "cabal-config" ''
-            repository hackage.haskell.org
-              url: https://hackage.haskell.org/
-              secure: True
-
-            jobs: $ncpus
-
-            remote-repo-cache: ${CABAL_DIR}/packages
-
-            world-file: ${CABAL_DIR}/world
-
-            logs-dir: ${CABAL_DIR}/logs
-            build-summary: ${CABAL_DIR}/logs/build.log
-
-            installdir: ${CABAL_DIR}/bin
-            extra-prog-path: ${CABAL_DIR}/bin
-          '';
-          STACK_ROOT = "${config.dirs.data}/stack";
-
-          RUSTUP_HOME = "${config.dirs.data}/rustup";
-          CARGO_HOME = "${config.dirs.data}/cargo";
-
-          GOPATH = "${config.dirs.data}/go";
-          GORE_HOME = "${config.dirs.data}/gore";
-
-          PYTHONSTARTUP = ./pystartup.py;
-        };
-
-        packages = with pkgs; [
-          age
-          htmlq
-          httpie
-          hydra-check
-          jq
-          logcli
-          nix-update
-          nixpkgs-review
-          sops
-          yq
-        ];
-      };
-
-      xdg.configFile = {
-        "gdb/gdbinit".source = ./gdbinit;
-        "ghc/ghci.conf".source = ./ghci.conf;
-      };
-    };
-  };
-}
diff --git a/modules/common/profiles/dev/gdbinit b/modules/common/profiles/dev/gdbinit
deleted file mode 100644
index e266236..0000000
--- a/modules/common/profiles/dev/gdbinit
+++ /dev/null
@@ -1,41 +0,0 @@
-set confirm off
-set verbose off
-set editing off
-
-set history expansion on
-
-set height 0
-set width  0
-
-handle SIGALRM nostop print nopass
-handle SIGBUS    stop print nopass
-handle SIGPIPE nostop print nopass
-handle SIGSEGV   stop print nopass
-
-set print address on
-set print elements 0
-set print object on
-set print pretty on
-set print repeats 0
-set print static-members on
-set print vtbl on
-
-set output-radix 10
-
-set demangle-style gnu-v3
-
-set disassembly-flavor intel
-
-alias iv=info variables
-
-alias da=disassemble
-
-define fs
-    finish
-    step
-end
-
-define btc
-    backtrace
-    continue
-end
diff --git a/modules/common/profiles/dev/ghci.conf b/modules/common/profiles/dev/ghci.conf
deleted file mode 100644
index d672167..0000000
--- a/modules/common/profiles/dev/ghci.conf
+++ /dev/null
@@ -1,35 +0,0 @@
-:set -XBinaryLiterals
-:set -XFlexibleContexts
-:set -XNoMonomorphismRestriction
-
-:seti -XConstraintKinds
-:seti -XDataKinds
-:seti -XDeriveFunctor
-:seti -XFlexibleInstances
-:seti -XFunctionalDependencies
-:seti -XGADTs
-:seti -XLambdaCase
-:seti -XMagicHash
-:seti -XMultiParamTypeClasses
-:seti -XMultiWayIf
-:seti -XOverloadedLabels
-:seti -XPackageImports
-:seti -XPolyKinds
-:seti -XRankNTypes
-:seti -XScopedTypeVariables
-:seti -XStandaloneDeriving
-:seti -XTupleSections
-:seti -XTypeFamilies
-:seti -XTypeOperators
-:seti -XUndecidableInstances
-
-:set +c
-:set +m
-:set +r
-:set +s
-:set +t
-
-:set prompt      "\ESC[1;34m>\ESC[m\STX "
-:set prompt-cont "\ESC[1;94m|\ESC[m\STX "
-
-:def hoogle \x -> pure (":!hoogle --color --count=10 \"" ++ x ++ "\"")
diff --git a/modules/common/profiles/dev/pystartup.py b/modules/common/profiles/dev/pystartup.py
deleted file mode 100644
index adde66c..0000000
--- a/modules/common/profiles/dev/pystartup.py
+++ /dev/null
@@ -1,121 +0,0 @@
-import atexit
-import os
-import readline
-import rlcompleter
-import sys
-from code import InteractiveConsole
-from tempfile import mkstemp
-
-readline.parse_and_bind("tab: complete")
-
-
-class TermColors(dict):
-    color_templates = (
-        ("Normal", "0"),
-        ("Black", "0;30"),
-        ("Red", "0;31"),
-        ("Green", "0;32"),
-        ("Brown", "0;33"),
-        ("Blue", "0;34"),
-        ("Purple", "0;35"),
-        ("Cyan", "0;36"),
-        ("LightGray", "0;37"),
-        ("DarkGray", "1;30"),
-        ("LightRed", "1;31"),
-        ("LightGreen", "1;32"),
-        ("Yellow", "1;33"),
-        ("LightBlue", "1;34"),
-        ("LightPurple", "1;35"),
-        ("LightCyan", "1;36"),
-        ("White", "1;37"),
-    )
-    color_base = "\001\033[%sm\002"
-
-    def __init__(self):
-        self.update(dict([(k, self.color_base % v) for k, v in self.color_templates]))
-
-
-class Completer(object):
-    def save_history(self):
-        import readline
-
-        readline.write_history_file(self.python_histfile)
-
-    def __init__(self):
-        self.python_dir = os.path.expanduser("%s/python" % os.environ["XDG_DATA_HOME"])
-
-        if not os.path.exists(self.python_dir):
-            os.mkdir(self.python_dir)
-
-        self.python_histfile = os.path.expanduser("%s/history" % self.python_dir)
-
-        if os.path.exists(self.python_histfile):
-            readline.read_history_file(self.python_histfile)
-
-        readline.set_history_length(1000)
-        atexit.register(self.save_history)
-
-
-def DisplayHook(value):
-    if value is not None:
-        try:
-            import __builtin__
-
-            __builtin__._ = value
-        except ImportError:
-            __builtins__._ = value
-
-        import pprint
-
-        pprint.pprint(value)
-        del pprint
-
-
-class EditableBufferInteractiveConsole(InteractiveConsole):
-    def __init__(self, *args, **kwargs):
-        self.last_buffer = []
-        InteractiveConsole.__init__(self, *args, **kwargs)
-
-    def runsource(self, source, *args):
-        self.last_buffer = [source.encode("utf-8")]
-        return InteractiveConsole.runsource(self, source, *args)
-
-    def raw_input(self, *args):
-        line = InteractiveConsole.raw_input(self, *args)
-
-        if line == EDIT_CMD:
-            tmp_fd, tmp_file = mkstemp(".py")
-
-            os.write(tmp_fd, b"\n".join(self.last_buffer))
-            os.close(tmp_fd)
-
-            os.system("%s %s" % (EDITOR, tmp_file))
-
-            line = open(tmp_file).read()
-
-            os.unlink(tmp_file)
-            tmp_file = ""
-
-            lines = line.split("\n")
-
-            for i in range(len(lines) - 1):
-                self.push(lines[i])
-
-            line = lines[-1]
-        return line
-
-
-TC = TermColors()
-ps1 = "%sλ%s %s>%s "
-sys.ps1 = ps1 % (TC["Blue"], TC["Normal"], TC["White"], TC["Normal"])
-ps2 = "    %s…%s %s>%s "
-sys.ps2 = ps2 % (TC["Blue"], TC["Normal"], TC["White"], TC["Normal"])
-sys.displayhook = DisplayHook
-
-C = Completer()
-EDITOR = os.environ.get("EDITOR", "vim")
-EDIT_CMD = ":e"
-C = EditableBufferInteractiveConsole(locals=locals())
-C.interact(banner="")
-
-sys.exit()
diff --git a/modules/common/profiles/dev/sql.nix b/modules/common/profiles/dev/sql.nix
deleted file mode 100644
index c2d4894..0000000
--- a/modules/common/profiles/dev/sql.nix
+++ /dev/null
@@ -1,105 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.dev.sql;
-in
-{
-  options.nixfiles.modules.profiles.dev.sql.enable =
-    mkEnableOption "SQL stuff and database management tools"
-    // {
-      default = config.nixfiles.modules.profiles.dev.enable;
-    };
-
-  config = mkIf cfg.enable {
-    hm = {
-      home.packages = with pkgs; [
-        pgcli
-        litecli
-      ];
-
-      xdg =
-        let
-          mainSection = {
-            destructive_warning = "True";
-            enable_pager = "True";
-            keyword_casing = "auto";
-            less_chatty = "True";
-            log_file = "/dev/null";
-            log_level = "CRITICAL";
-            multi_line = "False";
-            syntax_style = "default";
-            table_format = "fancy_grid";
-          };
-
-          colorsSection = with config.colors.withHashtag; {
-            "arg-toolbar" = "noinherit bold";
-            "arg-toolbar.text" = "nobold";
-            "bottom-toolbar" = "bg:${base01} ${base06}";
-            "bottom-toolbar.off" = "bg:${base01} ${base02}";
-            "bottom-toolbar.on" = "bg:${base01} ${base07}";
-            "bottom-toolbar.transaction.failed" = "bg:${base01} ${base08} bold";
-            "bottom-toolbar.transaction.valid" = "bg:${base01} ${base0B} bold";
-            "completion-menu.completion" = "bg:${base01} ${base06}";
-            "completion-menu.completion.current" = "bg:${base06} ${base01}";
-            "completion-menu.meta.completion" = "bg:${base01} ${base13}";
-            "completion-menu.meta.completion.current" = "bg:${base09} ${base01}";
-            "completion-menu.multi-column-meta" = "bg:${base09} ${base01}";
-            "scrollbar" = "bg:${base01}";
-            "scrollbar.arrow" = "bg:${base01}";
-            "search" = "bg:${base17} ${base07}";
-            "search-toolbar" = "noinherit bold";
-            "search-toolbar.text" = "nobold";
-            "search.current" = "bg:${base14} ${base07}";
-            "selected" = "bg:${base0D} ${base07}";
-            "system-toolbar" = "noinherit bold";
-          };
-
-          mkCliConfig =
-            { name, custom }:
-            {
-              "${name}/config" = {
-                text = generators.toINI { } {
-                  main = mainSection // custom;
-                  colors = mapAttrs (_: v: "'${v}'") colorsSection;
-                };
-              };
-            };
-        in
-        {
-          configFile = mkMerge (
-            map mkCliConfig [
-              {
-                name = "pgcli";
-                custom = {
-                  prompt = "'\\u@\\h:\\d> '";
-                  multi_line_mode = "psql";
-                  on_error = "STOP";
-                  auto_expand = "True";
-                  expand = "True";
-                  keyring = "False";
-                  vi = "True";
-                  casing_file = "/dev/null";
-                  history_file = "/dev/null";
-                };
-              }
-              {
-                name = "litecli";
-                custom = {
-                  prompt = "'\\d> '";
-                  prompt_continuation = "'-> '";
-                  auto_vertical_output = "True";
-                  key_bindings = "vi";
-                  audit_log = "/dev/null";
-                };
-              }
-            ]
-          );
-        };
-    };
-  };
-}
diff --git a/modules/common/profiles/email.nix b/modules/common/profiles/email.nix
deleted file mode 100644
index cf4169c..0000000
--- a/modules/common/profiles/email.nix
+++ /dev/null
@@ -1,123 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.email;
-in
-{
-  options.nixfiles.modules.profiles.email.enable = mkEnableOption "Local Email management" // {
-    default = this.isHeadful;
-  };
-
-  config = mkIf cfg.enable {
-    hm = {
-      accounts.email = {
-        maildirBasePath = "${config.my.home}/doc/mail";
-
-        accounts =
-          let
-            mkAccount =
-              attrs:
-              mkMerge [
-                {
-                  mbsync = {
-                    enable = true;
-                    create = "both";
-                    expunge = "both";
-                    patterns = [ "*" ];
-                  };
-                  msmtp.enable = true;
-                  mu.enable = true;
-                  thunderbird = {
-                    enable = hasSuffix "linux" this.system;
-                    settings = id: {
-                      "mail.identity.id_${id}.compose_html" = false;
-                      "mail.identity.id_${id}.reply_on_top" = 0;
-                    };
-                  };
-                }
-                attrs
-              ];
-
-            getPassword =
-              {
-                path,
-                line ? 0,
-              }:
-              assert (builtins.isInt line);
-              concatStringsSep " " (
-                [
-                  (getExe config.hm.programs.password-store.package)
-                  "show"
-                  path
-                ]
-                ++ optionals (line > 0) [
-                  "|"
-                  (getExe pkgs.gnused)
-                  "-e"
-                  "'${toString line}!d'"
-                ]
-              );
-          in
-          {
-            shire = mkAccount rec {
-              address = my.email;
-              aliases = [
-                address
-                "frodo@rohan.net"
-                "azahi@shire.net"
-              ];
-              realName = my.fullname;
-              gpg = {
-                inherit (my.pgp) key;
-                signByDefault = false;
-                encryptByDefault = false;
-              };
-
-              primary = true;
-
-              imap = {
-                host = "shire.net";
-                port = 993;
-                tls.enable = true;
-              };
-              smtp = {
-                host = "shire.net";
-                port = 465;
-                tls.enable = true;
-              };
-              userName = "azahi@shire.net";
-              passwordCommand = getPassword { path = "email/shire.net/azahi"; };
-            };
-
-            yahoo = mkAccount rec {
-              address = "admin@yahoo.com";
-              aliases = [
-                address
-                "admin@yahoo.com"
-              ];
-              realName = "Firstname Lastname";
-
-              flavor = "yahoo.com";
-              userName = "admin@yahoo.com";
-              passwordCommand = getPassword {
-                path = "email/yahoo.com/admin";
-                line = 2;
-              };
-            };
-          };
-      };
-
-      programs = {
-        mbsync.enable = true;
-        msmtp.enable = true;
-        mu.enable = true;
-      };
-    };
-  };
-}
diff --git a/modules/common/profiles/headful.nix b/modules/common/profiles/headful.nix
deleted file mode 100644
index cd29225..0000000
--- a/modules/common/profiles/headful.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.headful;
-in
-{
-  options.nixfiles.modules.profiles.headful.enable = mkEnableOption "headful profile" // {
-    default = this.isHeadful;
-  };
-
-  config = mkIf cfg.enable {
-    nixfiles.modules = {
-      profiles.dev.enable = true;
-
-      alacritty.enable = true;
-      aria2.enable = true;
-      emacs.enable = true;
-      mpv.enable = true;
-      openssh.client.enable = true;
-      password-store.enable = true;
-      vscode.enable = true;
-      zathura.enable = true;
-    };
-
-    hm = {
-      home = {
-        file.".digrc".text = ''
-          +answer
-          +multiline
-          +recurse
-        '';
-
-        packages = with pkgs; [
-          fd
-          ripgrep
-          sd
-          tldr
-        ];
-      };
-    };
-
-    environment.systemPackages = with pkgs; [
-      arping
-      dnsutils
-      inetutils
-      ldns
-      socat
-      tcpdump
-    ];
-  };
-}
diff --git a/modules/common/profiles/headless.nix b/modules/common/profiles/headless.nix
deleted file mode 100644
index 1f8096c..0000000
--- a/modules/common/profiles/headless.nix
+++ /dev/null
@@ -1,25 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  this,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.profiles.headless;
-in
-{
-  options.nixfiles.modules.profiles.headless.enable = mkEnableOption "headless profile" // {
-    default = this.isHeadless;
-  };
-
-  config = mkIf cfg.enable {
-    hm.home.file = {
-      ".hushlogin".text = "";
-      ".bash_history".source = config.hm.lib.file.mkOutOfStoreSymlink "/dev/null";
-    };
-
-    environment.systemPackages = with pkgs; [ alacritty.terminfo ];
-  };
-}
diff --git a/modules/common/qutebrowser.nix b/modules/common/qutebrowser.nix
deleted file mode 100644
index 8fdcf48..0000000
--- a/modules/common/qutebrowser.nix
+++ /dev/null
@@ -1,342 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.qutebrowser;
-in
-{
-  options.nixfiles.modules.qutebrowser.enable = mkEnableOption "Qutebrowser";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules = {
-      mpv.enable = true;
-      vim.enable = true;
-    };
-
-    hm = {
-      programs.qutebrowser = with config.nixfiles.modules; {
-        enable = true;
-
-        keyBindings.normal = mkIf mpv.enable {
-          "z" =
-            let
-              mpv = getExe config.hm.programs.mpv.package;
-            in
-            "hint links spawn --detach ${mpv} {hint-url}";
-        };
-
-        searchEngines = rec {
-          aliexpress = "https://www.aliexpress.com/wholesale?SearchText={}";
-          ansible = "https://galaxy.ansible.com/search?keywords={}";
-          arch = "https://wiki.archlinux.org/?search={}";
-          crates = "https://crates.io/search?q={}";
-          discogs = "https://www.discogs.com/search/?q={}";
-          dockerhub = "https://hub.docker.com/search?q={}";
-          doublegis = "https://2gis.ru/search/{}";
-          duckduckgo = "https://duckduckgo.com/?q={}'";
-          ecosia = "https://www.ecosia.org/search?q={}";
-          factorio = "https://wiki.factorio.com/index.php?search={}";
-          genius = "https://genius.com/search?q={}";
-          github = "https://github.com/search?q={}";
-          godocs = "https://godocs.io/?q={}";
-          gogdb = "https://www.gogdb.org/products?search={}";
-          google = "https://www.google.com/search?q={}";
-          google-images = "https://www.google.com/search?q={}&tbm=isch";
-          gopkgs = "https://pkg.go.dev/search?q={}";
-          habr = "https://habr.com/ru/search/?q={}";
-          hackage = "https://hackage.haskell.org/packages/search?terms={}";
-          hackernews = "https://hn.algolia.com/?q={}";
-          headhunter = "https://hh.ru/search/vacancy?st=searchVacancy&text={}";
-          hoogle = "https://hoogle.haskell.org/?hoogle={}";
-          jisho = "https://jisho.org/search/{}";
-          kotobank = "https://kotobank.jp/gs/?q={}";
-          kubernetes = "https://kubernetes.io/search/?q={}";
-          lastfm = "https://www.last.fm/search?q={}";
-          lobsters = "https://lobste.rs/search?q=test{}";
-          mdn = "https://developer.mozilla.org/en-US/search?q={}";
-          melpa = "https://melpa.org/#/?q={}";
-          moddb = "https://www.moddb.com/search?q={}";
-          musicbrainz = "https://musicbrainz.org/search?query={}";
-          nix-issues = "https://github.com/NixOS/nix/issues?q={}";
-          nix-prs = "https://github.com/NixOS/nix/pulls?q={}";
-          nixos-flakes = "https://search.nixos.org/flakes?query={}";
-          nixos-options = "https://search.nixos.org/options?query={}";
-          nixos-packages = "https://search.nixos.org/packages?query={}";
-          nixos-wiki = "https://nixos.wiki/index.php?search={}";
-          nixpkgs-issues = "https://github.com/NixOS/nixpkgs/issues?q={}";
-          nixpkgs-prs = "https://github.com/NixOS/nixpkgs/pulls?q={}";
-          openstreetmap = "https://www.openstreetmap.org/search?query={}";
-          ozon = "https://www.ozon.ru/search/?text={}";
-          protondb = "https://www.protondb.com/search?q={}";
-          pypi = "https://pypi.org/search/?q={}";
-          pythondocs = "https://docs.python.org/3/search.html?q={}";
-          rateyourmusic = "https://rateyourmusic.com/search?searchterm={}";
-          riichi = "https://riichi.wiki/index.php?search={}";
-          rustdoc = "https://doc.rust-lang.org/std/?search={}";
-          searx = "https://searx.tiekoetter.com/search?q={}";
-          slashdot = "https://slashdot.org/index2.pl?fhfilter={}";
-          sourcehut = "https://sr.ht/projects?search={}";
-          steam = "https://store.steampowered.com/search/?term={}";
-          steamdb = "https://steamdb.info/search/?a=app&q={}";
-          ubuntu = "https://wiki.ubuntu.com/Home?action=fullsearch&value={}";
-          wikipedia-en = "https://en.wikipedia.org/w/index.php?search={}";
-          wikipedia-ru = "https://ru.wikipedia.org/w/index.php?search={}";
-          wikipedia-ja = "https://ja.wikipedia.org/w/index.php?search={}";
-          wolphramalpha = "https://www.wolframalpha.com/input/?i={}";
-          yahoo = "https://yahoo.com/search/?text={}";
-          yahoo-images = "https://yahoo.com/images/search?text={}";
-          yahoo-market = "https://market.yahoo.com/search?text={}";
-          youtube = "https://yewtu.be/search?q={}";
-
-          aw = arch;
-          d = duckduckgo;
-          do = dockerhub;
-          docker = dockerhub;
-          g = google;
-          gh = github;
-          h = hoogle;
-          k = kubernetes;
-          mb = musicbrainz;
-          n = nixos-options;
-          nw = nixos-wiki;
-          py = pypi;
-          pyd = pythondocs;
-          rym = rateyourmusic;
-          s = searx;
-          sh = sourcehut;
-          sr = sourcehut;
-          w = wikipedia-en;
-          wen = wikipedia-en;
-          wja = wikipedia-ja;
-          wru = wikipedia-ru;
-          y = yahoo;
-          yt = youtube;
-        };
-
-        settings = {
-          changelog_after_upgrade = "never";
-
-          content = {
-            autoplay = false;
-            cookies.accept = "all";
-            default_encoding = "utf-8";
-            desktop_capture = "ask";
-            dns_prefetch = false;
-            geolocation = false;
-            headers.do_not_track = true;
-            javascript.enabled = true;
-            prefers_reduced_motion = true;
-            webgl = true;
-
-            blocking = {
-              enabled = true;
-              method = "adblock";
-              adblock.lists = [
-                "https://easylist.to/easylist/easylist.txt"
-                "https://easylist.to/easylist/easyprivacy.txt"
-                "https://easylist.to/easylist/fanboy-social.txt"
-                "https://secure.fanboy.co.nz/fanboy-annoyance.txt"
-                "https://secure.fanboy.co.nz/fanboy-cookiemonster.txt"
-              ];
-            };
-          };
-
-          completion = {
-            height = "50%";
-            show = "auto";
-            shrink = true;
-            timestamp_format = "%y-%m-%d";
-            min_chars = 3;
-            open_categories = [
-              "bookmarks"
-              "quickmarks"
-              "history"
-            ];
-
-            scrollbar = {
-              width = 0;
-              padding = 0;
-            };
-          };
-
-          downloads = {
-            location = {
-              directory = config.userDirs.download;
-              prompt = true;
-            };
-            remove_finished = 0;
-          };
-
-          editor.command = [
-            (if alacritty.enable then getExe pkgs.alacritty else getExe pkgs.xterm)
-            "-e"
-            (getExe' config.programs.vim.package "vim")
-            "-f"
-            "{}"
-          ];
-
-          hints = {
-            auto_follow = "unique-match";
-            auto_follow_timeout = 0;
-            min_chars = 1;
-            scatter = false;
-            uppercase = false;
-          };
-
-          hints.radius = 0;
-          keyhint.radius = 0;
-          prompt.radius = 0;
-
-          scrolling = {
-            bar = "never";
-            smooth = false;
-          };
-
-          spellcheck.languages = [
-            "en-US"
-            "en-GB"
-            "ru-RU"
-          ];
-
-          statusbar.position = "bottom";
-
-          tabs = {
-            position = "top";
-
-            title = {
-              alignment = "left";
-              format = "{audio}{index} : {current_title}";
-              format_pinned = "{audio}{index}";
-            };
-
-            min_width = -1;
-            max_width = -1;
-
-            indicator.width = 0;
-
-            pinned = {
-              shrink = true;
-              frozen = false;
-            };
-
-            close_mouse_button = "middle";
-            mousewheel_switching = false;
-
-            background = true;
-            select_on_remove = "next";
-            new_position = {
-              related = "next";
-              unrelated = "last";
-            };
-
-            favicons = {
-              show = "pinned";
-              scale = 0.75;
-            };
-          };
-
-          url = rec {
-            default_page = "about:blank";
-            start_pages = [ default_page ];
-          };
-
-          window = {
-            hide_decoration = false;
-            title_format = "{perc}{current_title}{title_sep}qutebrowser";
-          };
-
-          qt = mkIf kde.enable {
-            force_platform = null;
-            force_platformtheme = "KDE";
-          };
-        };
-
-        extraConfig =
-          (
-            let
-              mkPaddingDictionary =
-                {
-                  name,
-                  bottom,
-                  left,
-                  right,
-                  top,
-                }:
-                let
-                  n = "c.${name}.padding";
-                  b = "'bottom': ${toString bottom}";
-                  l = "'left': ${toString left}";
-                  r = "'right': ${toString right}";
-                  t = "'top': ${toString top}";
-                in
-                "${n} = {${b}, ${l}, ${r}, ${t}}";
-
-              final = map mkPaddingDictionary [
-                {
-                  name = "hints";
-                  bottom = 3;
-                  left = 3;
-                  right = 3;
-                  top = 3;
-                }
-                {
-                  name = "statusbar";
-                  bottom = 1;
-                  left = 0;
-                  right = 3;
-                  top = 1;
-                }
-                {
-                  name = "tabs";
-                  bottom = 1;
-                  left = 6;
-                  right = 6;
-                  top = 1;
-                }
-              ];
-            in
-            concatLines final + "\n"
-          )
-          + (
-            let
-              allowSetting = setting: url: "config.set('content.${setting}', True, '${url}')";
-
-              allowMediaCaptureSetting = url: [
-                (allowSetting "desktop_capture" url)
-                (allowSetting "media.audio_video_capture" url)
-              ];
-              allowedMediaCapture = flatten (
-                map allowMediaCaptureSetting [
-                  "https://discord.com"
-                  "https://web.telegram.org"
-                ]
-              );
-
-              allowNotificationsSetting = allowSetting "notifications.enabled";
-              allowedNotifications = map allowNotificationsSetting [
-                "https://discord.com"
-                "https://web.telegram.org"
-              ];
-
-              final = allowedMediaCapture ++ allowedNotifications;
-            in
-            concatLines final + "\n"
-          );
-      };
-
-      home.activation.installQutebrowserDictionaries =
-        let
-          dictcli = "${pkgs.qutebrowser}/share/qutebrowser/scripts/dictcli.py";
-        in
-        ''
-          if [[ ! -d "''${XDG_DATA_HOME:-$HOME/.local/share}/qutebrowser/qtwebengine_dictionaries" ]]; then
-              ${dictcli} install en-US en-GB ru-RU
-          fi
-        '';
-    };
-  };
-}
diff --git a/modules/common/common/secrets.nix b/modules/common/secrets.nix
index 3c05c09..03a2eeb 100644
--- a/modules/common/common/secrets.nix
+++ b/modules/common/secrets.nix
@@ -9,6 +9,7 @@
 with lib;
 {
   imports = [
+    inputs.agenix.nixosModules.default
     (mkAliasOptionModule [ "secrets" ] [
       "age"
       "secrets"
diff --git a/modules/common/security.nix b/modules/common/security.nix
new file mode 100644
index 0000000..c635cdc
--- /dev/null
+++ b/modules/common/security.nix
@@ -0,0 +1,31 @@
+_: {
+  security = {
+    sudo = {
+      enable = true;
+      execWheelOnly = true;
+      wheelNeedsPassword = false;
+      extraConfig = ''
+        Defaults lecture=never
+      '';
+    };
+
+    polkit = {
+      enable = true;
+      extraConfig = ''
+        /*
+         * Allow members of the wheel group to execute any actions
+         * without password authentication, similar to "sudo NOPASSWD:".
+         *
+         * https://wiki.archlinux.org/title/Polkit#Bypass_password_prompt
+         */
+        polkit.addRule(function(action, subject) {
+          if (subject.isInGroup('wheel'))
+            return polkit.Result.YES;
+        });
+      '';
+    };
+
+    # Pretty much used only for PipeWire.
+    rtkit.enable = true;
+  };
+}
diff --git a/modules/common/services.nix b/modules/common/services.nix
new file mode 100644
index 0000000..12e4bf7
--- /dev/null
+++ b/modules/common/services.nix
@@ -0,0 +1,10 @@
+_: {
+  services = {
+    # https://github.com/Irqbalance/irqbalance/issues/54#issuecomment-319245584
+    # https://unix.stackexchange.com/questions/710603/should-the-irqbalance-daemon-be-used-on-a-modern-desktop-x86-system
+    irqbalance.enable = true;
+
+    # This is upposed to be better?
+    dbus.implementation = "broker";
+  };
+}
diff --git a/modules/common/common/shell/default.nix b/modules/common/shell/default.nix
index 883bfae..437ce57 100644
--- a/modules/common/common/shell/default.nix
+++ b/modules/common/shell/default.nix
@@ -191,6 +191,8 @@ in
       home.packages = with pkgs; [ grc ];
     };
 
+    programs.command-not-found.enable = false;
+
     environment = {
       etc."grc.conf".source = "${pkgs.grc}/etc/grc.conf";
 
diff --git a/modules/common/common/shell/functions.bash b/modules/common/shell/functions.bash
index f354adb..f354adb 100644
--- a/modules/common/common/shell/functions.bash
+++ b/modules/common/shell/functions.bash
diff --git a/modules/common/stylix.nix b/modules/common/stylix.nix
new file mode 100644
index 0000000..953685e
--- /dev/null
+++ b/modules/common/stylix.nix
@@ -0,0 +1,105 @@
+{
+  config,
+  inputs,
+  lib,
+  pkgs,
+  ...
+}:
+with lib;
+{
+  imports = [
+    inputs.stylix.nixosModules.stylix
+    (mkAliasOptionModule [ "colors" ] [
+      "lib"
+      "stylix"
+      "colors"
+    ])
+  ];
+
+  options.nixfiles.modules.common.stylix.fonts.extraPackages = mkOption {
+    description = "Font packages.";
+    default = with pkgs; [
+      font-awesome
+      noto-fonts
+      noto-fonts-emoji
+      sarasa-gothic
+      source-han-mono
+      source-han-sans
+      source-han-serif
+      twitter-color-emoji
+    ];
+    readOnly = true;
+  };
+
+  # Styling and color binding can be sourced from here[1].
+  #
+  # [1]: https://github.com/tinted-theming/base24/blob/master/styling.md
+  config = {
+    stylix = {
+      image = pkgs.fetchurl {
+        url = "https://upload.wikimedia.org/wikipedia/commons/a/a5/Bonaparte_ante_la_Esfinge%2C_por_Jean-Léon_Gérôme.jpg";
+        sha256 = "sha256-qWv52oT8cF9K4ZoeawmR3jgoGB2ARfjbKKc12IljUcM=";
+      };
+
+      base16Scheme = "${pkgs.base16-schemes}/share/themes/tomorrow.yaml";
+
+      fonts = {
+        monospace = {
+          package = pkgs.iosevka;
+          name = "Iosevka";
+        };
+
+        serif = {
+          package = pkgs.iosevka-bin.override { variant = "Etoile"; };
+          name = "Iosevka Etoile";
+        };
+
+        sansSerif = {
+          package = pkgs.iosevka-bin.override { variant = "Aile"; };
+          name = "Iosevka Aile";
+        };
+
+        sizes = {
+          desktop = 10;
+          applications = 10;
+          terminal = 12;
+        };
+      };
+
+      cursor = {
+        name = "phinger-cursors-light";
+        package = pkgs.phinger-cursors;
+        size = 32;
+      };
+    };
+
+    fonts = {
+      packages = mkAfter config.nixfiles.modules.common.stylix.fonts.extraPackages;
+
+      fontconfig.defaultFonts = with config.stylix.fonts; {
+        serif = mkForce [
+          serif.name
+          "Sarasa Gothic"
+          "Source Han Serif"
+          "Noto Serif"
+        ];
+        sansSerif = mkForce [
+          sansSerif.name
+          "Sarasa Gothic"
+          "Source Han Sans"
+          "Noto Sans"
+        ];
+        monospace = mkForce [
+          monospace.name
+          "Sarasa Mono"
+          "Source Han Mono"
+          "Noto Sans Mono"
+        ];
+        emoji = mkForce [
+          "Twitter Color Emoji"
+          "Noto Color Emoji"
+        ];
+      };
+    };
+  };
+}
diff --git a/modules/common/subversion.nix b/modules/common/subversion.nix
deleted file mode 100644
index 9398592..0000000
--- a/modules/common/subversion.nix
+++ /dev/null
@@ -1,55 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.subversion;
-in
-{
-  options.nixfiles.modules.subversion.enable = mkEnableOption "Subversion";
-
-  config = mkIf cfg.enable {
-    nixfiles.modules.gnupg.enable = true;
-
-    hm.home = {
-      file = {
-        ".subversion/config".text = generators.toINI { } {
-          auth = {
-            password-stores = "gpg-agent";
-            ssl-client-cert-file-prompt = "no";
-            store-passwords = "yes";
-            store-auth-creds = "yes";
-          };
-          helpers = {
-            editor-cmd = getExe config.programs.vim.package;
-            diff-cmd = getExe pkgs.colordiff;
-          };
-          miscellany = {
-            global-ignores =
-              with config.hm.programs.git;
-              optionalString (ignores != [ ]) (concatStringsSep " " ignores);
-            diff-ignore-content-type = "no";
-          };
-          working-copy = {
-            exclusive-locking-clients = "svn";
-            exclusive-locking = true;
-            busy-timeout = 10000;
-          };
-        };
-
-        ".subversion/servers".text = generators.toINI { } {
-          global = {
-            store-auth-creds = "yes";
-            store-passwords = "yes";
-            store-plaintext-passwords = "yes";
-          };
-        };
-      };
-
-      packages = [ (pkgs.subversionClient.override { saslSupport = true; }) ];
-    };
-  };
-}
diff --git a/modules/common/systemd.nix b/modules/common/systemd.nix
new file mode 100644
index 0000000..b393d9f
--- /dev/null
+++ b/modules/common/systemd.nix
@@ -0,0 +1,43 @@
+{ config, pkgs, ... }:
+{
+  ark = {
+    files = [ "/etc/machine-id" ];
+    directories = [ "/var/lib/systemd/coredump" ];
+  };
+
+  my.extraGroups = [ "systemd-journal" ];
+
+  hm.systemd.user.startServices = "sd-switch";
+
+  boot.initrd.systemd = {
+    enable = true;
+    network = {
+      inherit (config.systemd.network) enable;
+      wait-online.enable = false;
+    };
+  };
+
+  services.journald.extraConfig = ''
+    SystemMaxUse=5G
+  '';
+
+  systemd =
+    let
+      extraConfig = ''
+        DefaultTimeoutStartSec=30s
+        DefaultTimeoutStopSec=15s
+      '';
+    in
+    {
+      inherit extraConfig;
+      user = {
+        inherit extraConfig;
+      };
+    };
+
+  environment.sessionVariables = {
+    SYSTEMD_PAGERSECURE = "1";
+    SYSTEMD_PAGER = "${pkgs.less}/bin/less";
+    SYSTEMD_LESS = "FRSXMK";
+  };
+}
diff --git a/modules/common/tmp.nix b/modules/common/tmp.nix
new file mode 100644
index 0000000..d56e2b6
--- /dev/null
+++ b/modules/common/tmp.nix
@@ -0,0 +1,18 @@
+_: {
+  systemd.mounts = [
+    {
+      type = "tmpfs";
+      what = "tmpfs";
+      where = "/tmp";
+      mountConfig.Options = [
+        "huge=within_size"
+        "mode=1777"
+        "noatime"
+        "nodev"
+        "nosuid"
+        "rw"
+        "size=25%"
+      ];
+    }
+  ];
+}
diff --git a/modules/common/tmux.nix b/modules/common/tmux.nix
deleted file mode 100644
index a754222..0000000
--- a/modules/common/tmux.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.tmux;
-in
-{
-  options.nixfiles.modules.tmux.enable = mkEnableOption "tmux";
-
-  config = mkIf cfg.enable {
-    hm.programs.tmux = {
-      enable = true;
-
-      aggressiveResize = true;
-      baseIndex = 1;
-      clock24 = true;
-      disableConfirmationPrompt = true;
-      escapeTime = 0;
-      historyLimit = 50000;
-      newSession = true;
-      resizeAmount = 10;
-      terminal = "screen-256color";
-
-      extraConfig = ''
-        set -g set-titles on
-
-        set -g status-left  ""
-        set -g status-right ""
-
-        set -g detach-on-destroy off
-
-        set -g status-keys emacs
-        set -g mode-keys   vi
-
-        bind h select-pane -L
-        bind j select-pane -D
-        bind k select-pane -U
-        bind l select-pane -R
-
-        bind -r H resize-pane -L 10
-        bind -r J resize-pane -D 10
-        bind -r K resize-pane -U 10
-        bind -r L resize-pane -R 10
-
-        bind < swap-pane -D
-        bind > swap-pane -U
-
-        bind , swap-window -t -1
-        bind . swap-window -t +1
-
-        bind Tab last-window
-
-        bind _ split-window -v
-        bind | split-window -h
-      '';
-    };
-  };
-}
diff --git a/modules/common/users.nix b/modules/common/users.nix
new file mode 100644
index 0000000..ba1a89b
--- /dev/null
+++ b/modules/common/users.nix
@@ -0,0 +1,34 @@
+{ lib, ... }:
+with lib;
+let
+  home = "/home/${my.username}";
+in
+{
+  imports = [
+    (mkAliasOptionModule [ "my" ] [
+      "users"
+      "users"
+      my.username
+    ])
+  ];
+
+  ark.directories = [ home ];
+
+  users = {
+    mutableUsers = false;
+
+    users = {
+      root.hashedPassword = "@HASHED_PASSWORD@";
+
+      ${my.username} = {
+        isNormalUser = true;
+        uid = 1000;
+        description = my.fullname;
+        inherit home;
+        inherit (my) hashedPassword;
+        openssh.authorizedKeys.keys = [ my.ssh.key ];
+        extraGroups = [ "wheel" ];
+      };
+    };
+  };
+}
diff --git a/modules/common/vim/default.nix b/modules/common/vim/default.nix
deleted file mode 100644
index 93729bc..0000000
--- a/modules/common/vim/default.nix
+++ /dev/null
@@ -1,47 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.vim;
-in
-{
-  options.nixfiles.modules.vim = {
-    enable = mkEnableOption "Vim";
-
-    rc = mkOption {
-      type = types.str;
-      default = readFile ./rc.vim;
-      description = "Configuration file.";
-    };
-
-    plugins = mkOption {
-      type = with types; listOf package;
-      default = with pkgs.vimPlugins; [
-        editorconfig-vim
-        vim-eunuch
-        vim-nix
-        vim-sensible
-        vim-sleuth
-        vim-surround
-        vim-unimpaired
-      ];
-      description = "Plugins.";
-    };
-  };
-
-  config = mkIf cfg.enable {
-    hm.stylix.targets.vim.enable = false;
-
-    environment = with config.programs.vim; {
-      systemPackages = [ package ];
-      variables = rec {
-        EDITOR = mkOverride 15 (getExe' package "vim");
-        VISUAL = EDITOR;
-      };
-    };
-  };
-}
diff --git a/modules/common/vim/rc.vim b/modules/common/vim/rc.vim
deleted file mode 100644
index 3bd9eb7..0000000
--- a/modules/common/vim/rc.vim
+++ /dev/null
@@ -1,169 +0,0 @@
-let $VIMFILES = expand('<sfile>:p:h')
-
-let g:skip_defaults_vim = 1
-
-let g:netrw_dirhistmax = 0
-
-if has('unnamedplus')
-    set clipboard^=unnamedplus
-else
-    set clipboard^=unnamed
-endif
-
-set backspace=indent,eol,start
-set diffopt+=iwhite
-set hidden
-set lazyredraw
-set mouse=
-set path+=**
-set viminfo=
-
-set cmdheight=1
-set fillchars=vert:\ "
-set modeline
-set noshowmode
-set shortmess+=I
-set textwidth=0
-set title
-
-set noerrorbells
-set novisualbell
-
-set splitbelow
-set splitright
-
-set complete=
-set complete+=.
-set complete+=b
-set complete+=t
-set completeopt=
-set completeopt+=menu
-set completeopt+=longest
-
-set gdefault
-set hlsearch
-set iskeyword+=-
-set magic
-
-set foldmethod=marker
-set nofoldenable
-
-set shortmess=
-set shortmess+=I
-set shortmess+=T
-set shortmess+=a
-set shortmess+=c
-set shortmess+=t
-
-set nolist
-set nowrap
-
-set scrolloff=10
-set sidescrolloff=10
-
-set number
-if v:version >= 700
-    set numberwidth=3
-endif
-
-set wildignorecase
-set wildignore=
-
-set nobackup
-set noswapfile
-set noundofile
-set nowritebackup
-
-set smartcase
-set ignorecase
-
-set autoindent
-set breakindent
-set smartindent
-
-set expandtab
-set shiftround
-set shiftwidth=4
-set smarttab
-set softtabstop=4
-set tabstop=4
-
-set colorcolumn=
-let g:EditorConfig_max_line_indicator = "none"
-
-nnoremap        <Space>     <Nop>
-let mapleader=" "
-
-nnoremap        :W          :w
-nnoremap        :W!         :w!
-nnoremap        :Q          :q
-nnoremap        :Q!         :q!
-
-nnoremap <expr> j           v:count ? 'j' : 'gj'
-nnoremap <expr> k           v:count ? 'k' : 'gk'
-
-nnoremap        J           gt
-nnoremap        K           gT
-
-nnoremap        <C-A>       ^h
-vnoremap        <C-A>       ^h
-nnoremap        H           ^h
-vnoremap        H           ^h
-
-nnoremap        <C-E>       $
-vnoremap        <C-E>       $
-nnoremap        L           $
-vnoremap        L           $
-
-nnoremap        N           Nzzzv
-nnoremap        n           nzzzv
-
-inoremap        <C-U>       <C-g>u<C-u>
-inoremap        <C-W>       <C-g>u<C-w>
-
-vnoremap        <           <gv
-vnoremap        >           >gv
-vnoremap        <Tab>       >gv
-vnoremap        <S-Tab>     <gv
-nnoremap        <Tab>       >>_
-nnoremap        <S-Tab>     <<_
-
-nnoremap        ]b          :bnext<CR>
-nnoremap        [b          :bprevious<CR>
-
-nnoremap        <C-H>       <C-w>h
-nnoremap        <C-J>       <C-w>j
-nnoremap        <C-K>       <C-w>k
-nnoremap        <C-R>       <C-w>l
-
-nnoremap        *           /\<<C-r>=expand('<cword>')<CR>\><CR>
-nnoremap        #           ?\<<C-r>=expand('<cword>')<CR>\><CR>
-
-cnoremap        ;/          <C-r>=expand('%:p:h').'/'<CR>
-cnoremap        ;;          <C-r>=expand('%:t')<CR>
-cnoremap        ;.          <C-r>=expand('%:p:r')<CR>
-
-nnoremap        <Leader>.   :lcd %:p:h<CR>
-
-nnoremap        Q           @q
-
-nnoremap        <Leader>c   ^v$h
-nnoremap        <Leader>v   ggVG
-
-nnoremap        <Leader>y   "+y
-nnoremap        <Leader>Y   "+Y
-
-nnoremap        <Leader>p   "+p
-nnoremap        <Leader>P   "+P
-
-inoremap        <C-v>       <C-c>"+pi
-cnoremap        <C-v>       <C-r>+
-
-nmap            <Leader>w   :w!<CR>
-nmap            <Leader>wq  :wq!<CR>
-
-nnoremap        ZX          :qa!<CR>
-
-nnoremap        <Leader>q   :q<CR>
-
-command         WS          w !sudo tee "%" >/dev/null
diff --git a/modules/common/vscode.nix b/modules/common/vscode.nix
deleted file mode 100644
index bd840d8..0000000
--- a/modules/common/vscode.nix
+++ /dev/null
@@ -1,244 +0,0 @@
-{
-  config,
-  inputs,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.vscode;
-in
-{
-  options.nixfiles.modules.vscode = {
-    enable = mkEnableOption "VSCode";
-
-    package =
-      with pkgs;
-      mkOption {
-        type = types.enum [
-          vscodium
-          vscode
-          vscode-fhs
-        ];
-        default = vscodium;
-        description = "Which package to use as a VSCode implementation.";
-      };
-
-    vim.enable = mkOption {
-      type = types.bool;
-      default = true;
-      description = "Whether to enable Vim emulation.";
-    };
-  };
-
-  config = mkIf cfg.enable {
-    hm = {
-      stylix.targets.vscode.enable = false;
-
-      programs.vscode =
-        with config.nixfiles;
-        with modules;
-        with profiles;
-        {
-          enable = true;
-
-          inherit (cfg) package;
-
-          extensions =
-            with pkgs.open-vsx;
-            [
-              editorconfig.editorconfig
-              efoerster.texlab
-              github.vscode-pull-request-github
-              gitlab.gitlab-workflow
-              golang.go
-              graphql.vscode-graphql
-              graphql.vscode-graphql-execution
-              graphql.vscode-graphql-syntax
-              hashicorp.hcl
-              hashicorp.terraform
-              haskell.haskell
-              jnoortheen.nix-ide
-              kahole.magit
-              mads-hartmann.bash-ide-vscode
-              mkhl.direnv
-              ms-kubernetes-tools.vscode-kubernetes-tools
-              ms-python.python
-              redhat.ansible
-              redhat.vscode-xml
-              redhat.vscode-yaml
-              rust-lang.rust
-              signageos.signageos-vscode-sops
-              skellock.just
-              streetsidesoftware.code-spell-checker
-              streetsidesoftware.code-spell-checker-british-english
-              streetsidesoftware.code-spell-checker-russian
-              streetsidesoftware.code-spell-checker-scientific-terms
-              tamasfe.even-better-toml
-              task.vscode-task
-              vscode-org-mode.org-mode
-              ziglang.vscode-zig
-            ]
-            ++ optional cfg.vim.enable vscodevim.vim;
-
-          userSettings = {
-            editor = {
-              codeLens = false;
-              cursorStyle = "block";
-              detectIndentation = true;
-              minimap.enabled = false;
-              renderWhitespace = "trailing";
-              rulers = [
-                80
-                120
-              ];
-              smoothScrolling = false;
-              tabCompletion = "on";
-              cursorSurroundingLines = 10;
-              scrollBeyondLastColumn = 10;
-            };
-
-            keyboard.dispatch = "keyCode";
-
-            diffEditor.codeLens = false;
-
-            files = {
-              autoSave = "off";
-              enableTrash = false;
-            };
-
-            workbench = {
-              activityBar.location = "hidden";
-              colorTheme = "Default Light Modern";
-              editor.highlightModifiedTabs = true;
-              enableExperiments = false;
-              settings.enableNaturalLanguageSearch = false;
-              startupEditor = "none";
-              tips.enabled = false;
-              tree.indent = 4;
-              welcomePage = {
-                walkthroughs.openOnInstall = false;
-                preferReducedMotion = true;
-              };
-            };
-
-            extensions = {
-              autoCheckUpdates = false;
-              autoUpdate = false;
-              ignoreRecommendations = true;
-            };
-
-            terminal.integrated = {
-              enableBell = true;
-            };
-
-            update = {
-              mode = "none";
-              showReleaseNotes = false;
-            };
-
-            telemetry = {
-              enableCrashReporter = false;
-              enableTelemetry = false;
-            };
-
-            security.workspace.trust.enabled = false;
-
-            # Extensions.
-
-            ansible = {
-              ansible = {
-                useFullyQualifiedCollectionNames = true;
-                reuseTerminal = true;
-              };
-              validation.lint.path = getExe' pkgs.ansible-lint "ansible-lint";
-            };
-
-            bashIde.shellcheckPath = getExe' pkgs.shellcheck "shellcheck";
-
-            cSpell.language = "en-GB,en,ru";
-
-            direnv = {
-              restart.automatic = true;
-            };
-
-            magit = {
-              forge-enabled = true;
-              git-path = getExe config.hm.programs.git.package;
-            };
-
-            git.openRepositoryInParentFolders = "always";
-
-            github = {
-              branchProtection = true;
-              gitProtocol = "ssh";
-            };
-
-            terraform = {
-              languageServer.path = getExe' pkgs.terraform-ls "terraform-ls";
-              languageServer.terraform.path = getExe pkgs.opentofu;
-            };
-
-            haskell = {
-              formattingProvider = "ormolu";
-              serverExecutablePath = getExe' pkgs.haskell-language-server "haskell-language-server";
-            };
-
-            nix = {
-              enableLanguageServer = true;
-              serverPath = getExe pkgs.nil;
-            };
-
-            python = with pkgs.python311Packages; {
-              experiments.optOutFrom = [ "All" ];
-              pipenvPath = getExe' pkgs.pipenv "pipenv";
-              poetryPath = getExe' pkgs.poetry "poetry";
-              formatting = {
-                provider = "black";
-                autopep8Path = getExe' autopep8 "autopep8";
-                blackPath = getExe' black "black";
-                yapfPath = getExe' yapf "yapf";
-              };
-              linting = {
-                enabled = true;
-                banditPath = getExe' bandit "bandit";
-                flake8Path = getExe' flake8 "flake8";
-                mypyPath = getExe' mypy "mypy";
-                pycodestylePath = getExe' pycodestyle "pycodestyle";
-                pydocstylePath = getExe' pydocstyle "pydocstyle";
-                pylamaPath = getExe' pylama "pylama";
-                pylintPath = getExe' pylint "pylint";
-              };
-              testing = {
-                pytestPath = getExe' pytest "pytest";
-              };
-            };
-
-            rust-client = {
-              disableRustup = true;
-              rustupPath = getExe' pkgs.rustup "rustup";
-              rustfmt_path = getExe pkgs.rustfmt;
-            };
-
-            vim = mkIf cfg.vim.enable {
-              easymotion = true;
-
-              leader = " ";
-
-              useSystemClipboard = true;
-            };
-
-            zig.zls = {
-              checkForUpdate = false;
-              path = getExe' pkgs.zls "zls";
-            };
-
-            redhat.telemetry.enabled = false;
-          };
-        };
-    };
-
-    nixpkgs.overlays = [ inputs.vscode-extensions.overlays.default ];
-  };
-}
diff --git a/modules/common/wget.nix b/modules/common/wget.nix
deleted file mode 100644
index 0e8ee64..0000000
--- a/modules/common/wget.nix
+++ /dev/null
@@ -1,37 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-with lib;
-let
-  cfg = config.nixfiles.modules.wget;
-in
-{
-  options.nixfiles.modules.wget.enable = mkEnableOption "wget";
-
-  config = mkIf cfg.enable {
-    hm = {
-      programs.bash.shellAliases.wget = "wget --hsts-file=/tmp/wget-hsts";
-
-      home.sessionVariables.WGETRC = pkgs.writeText "wgetrc" ''
-        adjust_extension = on
-        dirstruct = off
-        follow_ftp = on
-        passive_ftp = off
-        progress = bar
-        quota = inf
-        reclevel = 5
-        recursive = off
-        robots = off
-        timestamping = off
-        tries = 5
-        wait = 0
-        waitretry = 10
-      '';
-    };
-
-    environment.systemPackages = with pkgs; [ wget ];
-  };
-}
diff --git a/modules/common/common/xdg.nix b/modules/common/xdg.nix
index 4463c15..c581369 100644
--- a/modules/common/common/xdg.nix
+++ b/modules/common/xdg.nix
@@ -1,5 +1,13 @@
-{ config, lib, ... }:
+{
+  config,
+  lib,
+  this,
+  ...
+}:
 with lib;
+let
+  cfg = config.nixfiles.modules.common.xdg;
+in
 {
   imports =
     let
@@ -68,5 +76,34 @@ with lib;
           videos = tmp;
         };
     };
+    defaultApplications = mkOption {
+      description = "Default applications.";
+      type = with types; attrsOf (listOf str);
+      default = { };
+    };
+  };
+
+  config = {
+    xdg.portal = mkIf this.isHeadful { enable = true; };
+
+    hm.xdg = mkMerge [
+      (with cfg; {
+        enable = true;
+
+        inherit cacheHome;
+        inherit configHome;
+        inherit dataHome;
+        inherit stateHome;
+        inherit userDirs;
+      })
+      (mkIf this.isHeadful {
+        mimeApps = {
+          enable = true;
+          defaultApplications = mkMerge (
+            mapAttrsToList (n: v: genAttrs v (_: [ "${n}.desktop" ])) cfg.defaultApplications
+          );
+        };
+      })
+    ];
   };
 }
diff --git a/modules/common/zathura.nix b/modules/common/zathura.nix
deleted file mode 100644
index bc92258..0000000
--- a/modules/common/zathura.nix
+++ /dev/null
@@ -1,80 +0,0 @@
-{ config, lib, ... }:
-with lib;
-let
-  cfg = config.nixfiles.modules.zathura;
-in
-{
-  options.nixfiles.modules.zathura.enable = mkEnableOption "Zathura PDF reader";
-
-  config = mkIf cfg.enable {
-    hm.programs.zathura = {
-      enable = true;
-
-      options = {
-        recolor = true;
-        recolor-keephue = false;
-        recolor-reverse-video = false;
-
-        highlight-transparency = "0.3";
-
-        n-completion-items = 10;
-
-        guioptions = "";
-
-        statusbar-basename = true;
-        statusbar-home-tilde = true;
-
-        statusbar-h-padding = 0;
-        statusbar-v-padding = 0;
-
-        window-height = 800;
-        window-width = 600;
-
-        window-icon = "";
-
-        abort-clear-search = true;
-
-        incremental-search = true;
-
-        adjust-open = "best-fit";
-
-        advance-pages-per-row = false;
-
-        database = "sqlite";
-
-        dbus-service = false;
-
-        page-padding = 0;
-
-        pages-per-row = 1;
-
-        render-loading = false;
-
-        show-directories = true;
-        show-hidden = true;
-        show-recent = 10;
-
-        link-zoom = true;
-        link-hadjust = true;
-
-        window-title-basename = true;
-        window-title-home-tilde = true;
-        window-title-page = true;
-
-        zoom-center = false;
-        zoom-max = 1000;
-        zoom-min = 10;
-        zoom-step = 10;
-
-        scroll-hstep = -1;
-        scroll-step = 40;
-        scroll-full-overlap = 0;
-        scroll-wrap = true;
-        scroll-page-aware = false;
-
-        selection-clipboard = "clipboard";
-        selection-notification = false;
-      };
-    };
-  };
-}

Consider giving Nix/NixOS a try! <3