diff --git a/.config/nvim/init.lua b/.config/nvim/init.lua
new file mode 100644
index 0000000..4b4fff6
--- /dev/null
+++ b/.config/nvim/init.lua
@@ -0,0 +1,566 @@
+--[[
+
+=====================================================================
+==================== READ THIS BEFORE CONTINUING ====================
+=====================================================================
+
+Kickstart.nvim is *not* a distribution.
+
+Kickstart.nvim is a template for your own configuration.
+  The goal is that you can read every line of code, top-to-bottom, understand
+  what your configuration is doing, and modify it to suit your needs.
+
+  Once you've done that, you should start exploring, configuring and tinkering to
+  explore Neovim!
+
+  If you don't know anything about Lua, I recommend taking some time to read through
+  a guide. One possible example:
+  - https://learnxinyminutes.com/docs/lua/
+
+  And then you can explore or search through `:help lua-guide`
+
+
+Kickstart Guide:
+
+I have left several `:help X` comments throughout the init.lua
+You should run that command and read that help section for more information.
+
+In addition, I have some `NOTE:` items throughout the file.
+These are for you, the reader to help understand what is happening. Feel free to delete
+them once you know what you're doing, but they should serve as a guide for when you
+are first encountering a few different constructs in your nvim config.
+
+--]]
+-- Set <space> as the leader key
+-- See `:help mapleader`
+--  NOTE: Must happen before plugins are required (otherwise wrong leader will be used)
+vim.g.mapleader = ' '
+vim.g.maplocalleader = ' '
+
+-- Install package manager
+--    https://github.com/folke/lazy.nvim
+--    `:help lazy.nvim.txt` for more info
+local lazypath = vim.fn.stdpath 'data' .. '/lazy/lazy.nvim'
+if not vim.loop.fs_stat(lazypath) then
+  vim.fn.system {
+    'git',
+    'clone',
+    '--filter=blob:none',
+    'https://github.com/folke/lazy.nvim.git',
+    '--branch=stable', -- latest stable release
+    lazypath,
+  }
+end
+vim.opt.rtp:prepend(lazypath)
+
+-- NOTE: Here is where you install your plugins.
+--  You can configure plugins using the `config` key.
+--
+--  You can also configure plugins after the setup call,
+--    as they will be available in your neovim runtime.
+require('lazy').setup({
+  -- NOTE: First, some plugins that don't require any configuration
+
+  -- Git related plugins
+  'tpope/vim-fugitive',
+  'tpope/vim-rhubarb',
+
+  -- Detect tabstop and shiftwidth automatically
+  'tpope/vim-sleuth',
+
+  -- NOTE: This is where your plugins related to LSP can be installed.
+  --  The configuration is done below. Search for lspconfig to find it below.
+  {
+    -- LSP Configuration & Plugins
+    'neovim/nvim-lspconfig',
+    dependencies = {
+      -- Automatically install LSPs to stdpath for neovim
+      { 'williamboman/mason.nvim', config = true },
+      'williamboman/mason-lspconfig.nvim',
+
+      -- Useful status updates for LSP
+      -- NOTE: `opts = {}` is the same as calling `require('fidget').setup({})`
+      { 'j-hui/fidget.nvim',       tag = 'legacy', opts = {} },
+
+      -- Additional lua configuration, makes nvim stuff amazing!
+      'folke/neodev.nvim',
+    },
+  },
+
+  {
+    -- Autocompletion
+    'hrsh7th/nvim-cmp',
+    dependencies = {
+      -- Snippet Engine & its associated nvim-cmp source
+      'L3MON4D3/LuaSnip',
+      'saadparwaiz1/cmp_luasnip',
+
+      -- Adds LSP completion capabilities
+      'hrsh7th/cmp-nvim-lsp',
+
+      -- Adds a number of user-friendly snippets
+      'rafamadriz/friendly-snippets',
+    },
+  },
+
+  -- Useful plugin to show you pending keybinds.
+  { 'folke/which-key.nvim',  opts = {} },
+  {
+    -- Adds git releated signs to the gutter, as well as utilities for managing changes
+    'lewis6991/gitsigns.nvim',
+    opts = {
+      -- See `:help gitsigns.txt`
+      signs = {
+        add = { text = '+' },
+        change = { text = '~' },
+        delete = { text = '_' },
+        topdelete = { text = '‾' },
+        changedelete = { text = '~' },
+      },
+      on_attach = function(bufnr)
+        vim.keymap.set('n', '<leader>gp', require('gitsigns').prev_hunk,
+          { buffer = bufnr, desc = '[G]o to [P]revious Hunk' })
+        vim.keymap.set('n', '<leader>gn', require('gitsigns').next_hunk, { buffer = bufnr, desc = '[G]o to [N]ext Hunk' })
+        vim.keymap.set('n', '<leader>ph', require('gitsigns').preview_hunk, { buffer = bufnr, desc = '[P]review [H]unk' })
+      end,
+    },
+  },
+
+  {
+    -- Theme inspired by Atom
+    'navarasu/onedark.nvim',
+    priority = 1000,
+    config = function()
+      vim.cmd.colorscheme 'onedark'
+    end,
+  },
+
+  {
+    -- Set lualine as statusline
+    'nvim-lualine/lualine.nvim',
+    -- See `:help lualine.txt`
+    opts = {
+      options = {
+        icons_enabled = false,
+        theme = 'onedark',
+        component_separators = '|',
+        section_separators = '',
+      },
+    },
+  },
+
+  {
+    -- Add indentation guides even on blank lines
+    'lukas-reineke/indent-blankline.nvim',
+    version = "2.20.8",
+    -- Enable `lukas-reineke/indent-blankline.nvim`
+    -- See `:help indent_blankline.txt`
+    opts = {
+      char = '┊',
+      show_trailing_blankline_indent = false,
+    },
+  },
+
+  -- "gc" to comment visual regions/lines
+  { 'numToStr/Comment.nvim', opts = {} },
+
+  -- Fuzzy Finder (files, lsp, etc)
+  {
+    'nvim-telescope/telescope.nvim',
+    branch = '0.1.x',
+    dependencies = {
+      'nvim-lua/plenary.nvim' }
+  },
+
+  -- Fuzzy Finder Algorithm which requires local dependencies to be built.
+  -- Only load if `make` is available. Make sure you have the system
+  -- requirements installed.
+  {
+    'nvim-telescope/telescope-fzf-native.nvim',
+    build =
+    'cmake -S. -Bbuild -DCMAKE_BUILD_TYPE=Release && cmake --build build --config Release && cmake --install build --prefix build'
+  },
+  {
+    -- Highlight, edit, and navigate code
+    'nvim-treesitter/nvim-treesitter',
+    dependencies = {
+      'nvim-treesitter/nvim-treesitter-textobjects',
+    },
+    build = ':TSUpdate',
+  },
+  {'romgrk/barbar.nvim',
+    dependencies = {
+      'lewis6991/gitsigns.nvim', -- OPTIONAL: for git status
+      'nvim-tree/nvim-web-devicons', -- OPTIONAL: for file icons
+    },
+    init = function() vim.g.barbar_auto_setup = false end,
+    opts = {
+      -- lazy.nvim will automatically call setup for you. put your options here, anything missing will use the default:
+      -- animation = true,
+      -- insert_at_start = true,
+      -- …etc.
+    },
+    version = '^1.0.0', -- optional: only update when a new 1.x version is released
+  },
+
+  -- NOTE: Next Step on Your Neovim Journey: Add/Configure additional "plugins" for kickstart
+  --       These are some example plugins that I've included in the kickstart repository.
+  --       Uncomment any of the lines below to enable them.
+  require 'kickstart.plugins.autoformat',
+  require 'kickstart.plugins.debug',
+
+  -- NOTE: The import below can automatically add your own plugins, configuration, etc from `lua/custom/plugins/*.lua`
+  --    You can use this folder to prevent any conflicts with this init.lua if you're interested in keeping
+  --    up-to-date with whatever is in the kickstart repo.
+  --    Uncomment the following line and add your plugins to `lua/custom/plugins/*.lua` to get going.
+  --
+  --    For additional information see: https://github.com/folke/lazy.nvim#-structuring-your-plugins
+  { import = 'custom.plugins' },
+}, {})
+
+-- [[ Setting options ]]
+-- See `:help vim.o`
+-- NOTE: You can change these options as you wish!
+vim.cmd [[highlight Normal ctermbg=none guibg=none]]
+vim.cmd [[highlight EndOfBuffer ctermbg=none guibg=none]]
+vim.cmd [[highlight NvimTreeEndOfBuffer ctermbg=none guibg=none]]
+vim.cmd [[highlight NvimTreeNormal ctermbg=none guibg=none]]
+
+
+-- Set highlight on search
+vim.o.hlsearch = false
+
+-- Make line numbers default
+vim.wo.number = true
+vim.wo.relativenumber = true
+
+-- Enable mouse mode
+vim.o.mouse = 'a'
+
+-- Sync clipboard between OS and Neovim.
+--  Remove this option if you want your OS clipboard to remain independent.
+--  See `:help 'clipboard'`
+vim.o.clipboard = 'unnamedplus'
+
+-- Enable break indent
+vim.o.breakindent = true
+
+-- Save undo history
+vim.o.undofile = true
+
+-- Case-insensitive searching UNLESS \C or capital in search
+vim.o.ignorecase = true
+vim.o.smartcase = true
+
+-- Keep signcolumn on by default
+vim.wo.signcolumn = 'yes'
+
+-- Decrease update time
+vim.o.updatetime = 250
+vim.o.timeoutlen = 300
+
+-- Set completeopt to have a better completion experience
+vim.o.completeopt = 'menuone,noselect'
+
+-- NOTE: You should make sure your terminal supports this
+vim.o.termguicolors = true
+vim.o.smartindent = true
+vim.o.scrolloff = 8
+vim.o.list = false
+vim.opt.listchars = {
+  tab = "→ ",
+  space = "·",
+  nbsp = "␣",
+  trail = "•",
+  precedes = "«",
+  extends = "»",
+}
+
+-- [[ Basic Keymaps ]]
+
+-- Keymaps for better default experience
+-- See `:help vim.keymap.set()`
+vim.keymap.set({ 'n', 'v' }, '<Space>', '<Nop>', { silent = true })
+
+-- Remap for dealing with word wrap
+vim.keymap.set('n', 'k', "v:count == 0 ? 'gk' : 'k'", { expr = true, silent = true })
+vim.keymap.set('n', 'j', "v:count == 0 ? 'gj' : 'j'", { expr = true, silent = true })
+
+vim.keymap.set("n", "<leader>ss", [[:%s/\<<C-r><C-w>\>/<C-r><C-w>/gI<Left><Left><Left>]])
+vim.keymap.set("x", "<leader>p", [["_dP]])
+vim.keymap.set("n", "J", "mzJ`z")
+vim.keymap.set("v", "J", ":m '>+1<CR>gv=gv")
+vim.keymap.set("v", "K", ":m '<-2<CR>gv=gv")
+vim.keymap.set("n", "Y", "yy");
+-- nvim-tree
+vim.keymap.set("n", "<leader>f", ":NvimTreeToggle<CR>");
+
+-- [[ Highlight on yank ]]
+-- See `:help vim.highlight.on_yank()`
+local highlight_group = vim.api.nvim_create_augroup('YankHighlight', { clear = true })
+vim.api.nvim_create_autocmd('TextYankPost', {
+  callback = function()
+    vim.highlight.on_yank()
+  end,
+  group = highlight_group,
+  pattern = '*',
+})
+
+-- [[ Configure Telescope ]]
+-- See `:help telescope` and `:help telescope.setup()`
+require('telescope').setup {
+  defaults = {
+    mappings = {
+      n = {
+        ['<C-d>'] = require('telescope.actions').delete_buffer
+      },
+      i = {
+        ['<C-u>'] = false,
+        ['<C-d>'] = false,
+      },
+    },
+  },
+}
+
+-- Enable telescope fzf native, if installed
+pcall(require('telescope').load_extension, 'fzf')
+
+-- See `:help telescope.builtin`
+vim.keymap.set('n', '<leader>?', require('telescope.builtin').oldfiles, { desc = '[?] Find recently opened files' })
+vim.keymap.set('n', '<leader><space>', require('telescope.builtin').buffers, { desc = '[ ] Find existing buffers' })
+vim.keymap.set('n', '<leader>/', function()
+  -- You can pass additional configuration to telescope to change theme, layout, etc.
+  require('telescope.builtin').current_buffer_fuzzy_find(require('telescope.themes').get_dropdown {
+    winblend = 10,
+    previewer = false,
+  })
+end, { desc = '[/] Fuzzily search in current buffer' })
+
+vim.keymap.set('n', '<leader>gf', require('telescope.builtin').git_files, { desc = 'Search [G]it [F]iles' })
+vim.keymap.set('n', '<leader>sf', require('telescope.builtin').find_files, { desc = '[S]earch [F]iles' })
+vim.keymap.set('n', '<leader>sh', require('telescope.builtin').help_tags, { desc = '[S]earch [H]elp' })
+vim.keymap.set('n', '<leader>sw', require('telescope.builtin').grep_string, { desc = '[S]earch current [W]ord' })
+vim.keymap.set('n', '<leader>sg', require('telescope.builtin').live_grep, { desc = '[S]earch by [G]rep' })
+vim.keymap.set('n', '<leader>sd', require('telescope.builtin').diagnostics, { desc = '[S]earch [D]iagnostics' })
+vim.keymap.set('n', '<leader>sr', require('telescope.builtin').lsp_references, { desc = '[S]earch [R]eferences' })
+
+-- [[ Configure Treesitter ]]
+-- See `:help nvim-treesitter`
+require('nvim-treesitter.configs').setup {
+  -- Add languages to be installed here that you want installed for treesitter
+  ensure_installed = { 'c', 'cpp', 'go', 'lua', 'python', 'rust', 'tsx', 'typescript', 'vimdoc', 'vim' },
+
+  -- Autoinstall languages that are not installed. Defaults to false (but you can change for yourself!)
+  auto_install = true,
+
+  highlight = { enable = true },
+  indent = { enable = true },
+  incremental_selection = {
+    enable = true,
+    keymaps = {
+      init_selection = '<c-space>',
+      node_incremental = '<c-space>',
+      scope_incremental = '<c-s>',
+      node_decremental = '<M-space>',
+    },
+  },
+  textobjects = {
+    select = {
+      enable = true,
+      lookahead = true, -- Automatically jump forward to textobj, similar to targets.vim
+      keymaps = {
+        -- You can use the capture groups defined in textobjects.scm
+        ['aa'] = '@parameter.outer',
+        ['ia'] = '@parameter.inner',
+        ['af'] = '@function.outer',
+        ['if'] = '@function.inner',
+        ['ac'] = '@class.outer',
+        ['ic'] = '@class.inner',
+      },
+    },
+    move = {
+      enable = true,
+      set_jumps = true, -- whether to set jumps in the jumplist
+      goto_next_start = {
+        [']m'] = '@function.outer',
+        [']]'] = '@class.outer',
+      },
+      goto_next_end = {
+        [']M'] = '@function.outer',
+        [']['] = '@class.outer',
+      },
+      goto_previous_start = {
+        ['[m'] = '@function.outer',
+        ['[['] = '@class.outer',
+      },
+      goto_previous_end = {
+        ['[M'] = '@function.outer',
+        ['[]'] = '@class.outer',
+      },
+    },
+    swap = {
+      enable = true,
+      swap_next = {
+        ['<leader>a'] = '@parameter.inner',
+      },
+      swap_previous = {
+        ['<leader>A'] = '@parameter.inner',
+      },
+    },
+  },
+}
+
+-- Diagnostic keymaps
+vim.keymap.set('n', '[d', vim.diagnostic.goto_prev, { desc = 'Go to previous diagnostic message' })
+vim.keymap.set('n', ']d', vim.diagnostic.goto_next, { desc = 'Go to next diagnostic message' })
+vim.keymap.set('n', '<leader>e', vim.diagnostic.open_float, { desc = 'Open floating diagnostic message' })
+vim.keymap.set('n', '<leader>q', vim.diagnostic.setloclist, { desc = 'Open diagnostics list' })
+
+-- [[ Configure LSP ]]
+--  This function gets run when an LSP connects to a particular buffer.
+local on_attach = function(_, bufnr)
+  -- NOTE: Remember that lua is a real programming language, and as such it is possible
+  -- to define small helper and utility functions so you don't have to repeat yourself
+  -- many times.
+  --
+  -- In this case, we create a function that lets us more easily define mappings specific
+  -- for LSP related items. It sets the mode, buffer and description for us each time.
+  local nmap = function(keys, func, desc)
+    if desc then
+      desc = 'LSP: ' .. desc
+    end
+
+    vim.keymap.set('n', keys, func, { buffer = bufnr, desc = desc })
+  end
+
+  nmap('<leader>rn', vim.lsp.buf.rename, '[R]e[n]ame')
+  nmap('<leader>ca', vim.lsp.buf.code_action, '[C]ode [A]ction')
+
+  nmap('gd', vim.lsp.buf.definition, '[G]oto [D]efinition')
+  nmap('gr', require('telescope.builtin').lsp_references, '[G]oto [R]eferences')
+  nmap('gI', vim.lsp.buf.implementation, '[G]oto [I]mplementation')
+  nmap('<leader>D', vim.lsp.buf.type_definition, 'Type [D]efinition')
+  nmap('<leader>ds', require('telescope.builtin').lsp_document_symbols, '[D]ocument [S]ymbols')
+  nmap('<leader>ws', require('telescope.builtin').lsp_dynamic_workspace_symbols, '[W]orkspace [S]ymbols')
+
+  -- See `:help K` for why this keymap
+  nmap('K', vim.lsp.buf.hover, 'Hover Documentation')
+  nmap('<C-k>', vim.lsp.buf.signature_help, 'Signature Documentation')
+
+  -- Lesser used LSP functionality
+  nmap('gD', vim.lsp.buf.declaration, '[G]oto [D]eclaration')
+  nmap('<leader>wa', vim.lsp.buf.add_workspace_folder, '[W]orkspace [A]dd Folder')
+  nmap('<leader>wr', vim.lsp.buf.remove_workspace_folder, '[W]orkspace [R]emove Folder')
+  nmap('<leader>wl', function()
+    print(vim.inspect(vim.lsp.buf.list_workspace_folders()))
+  end, '[W]orkspace [L]ist Folders')
+
+  -- Create a command `:Format` local to the LSP buffer
+  vim.api.nvim_buf_create_user_command(bufnr, 'Format', function(_)
+    vim.lsp.buf.format()
+  end, { desc = 'Format current buffer with LSP' })
+end
+
+-- Enable the following language servers
+--  Feel free to add/remove any LSPs that you want here. They will automatically be installed.
+--
+--  Add any additional override configuration in the following tables. They will be passed to
+--  the `settings` field of the server config. You must look up that documentation yourself.
+local servers = {
+  -- clangd = {},
+  -- gopls = {},
+  -- pyright = {},
+  rust_analyzer = {},
+  jdtls = {},
+  -- tsserver = {},
+
+  lua_ls = {
+    Lua = {
+      workspace = { checkThirdParty = false },
+      telemetry = { enable = false },
+    },
+  },
+}
+
+-- Setup neovim lua configuration
+require('neodev').setup()
+
+-- nvim-cmp supports additional completion capabilities, so broadcast that to servers
+local capabilities = vim.lsp.protocol.make_client_capabilities()
+capabilities = require('cmp_nvim_lsp').default_capabilities(capabilities)
+
+-- Ensure the servers above are installed
+local mason_lspconfig = require 'mason-lspconfig'
+
+mason_lspconfig.setup {
+  ensure_installed = vim.tbl_keys(servers),
+}
+
+mason_lspconfig.setup_handlers {
+  function(server_name)
+    require('lspconfig')[server_name].setup {
+      capabilities = capabilities,
+      on_attach = on_attach,
+      settings = servers[server_name],
+    }
+  end,
+}
+
+-- [[ Configure nvim-cmp ]]
+-- See `:help cmp`
+local cmp = require 'cmp'
+local luasnip = require 'luasnip'
+require('luasnip.loaders.from_vscode').lazy_load()
+luasnip.config.setup {}
+
+cmp.setup {
+  snippet = {
+    expand = function(args)
+      luasnip.lsp_expand(args.body)
+    end,
+  },
+  mapping = cmp.mapping.preset.insert {
+    ['<C-n>'] = cmp.mapping.select_next_item(),
+    ['<C-p>'] = cmp.mapping.select_prev_item(),
+    ['<C-d>'] = cmp.mapping.scroll_docs(-4),
+    ['<C-f>'] = cmp.mapping.scroll_docs(4),
+    ['<C-Space>'] = cmp.mapping.complete {},
+    ['<CR>'] = cmp.mapping.confirm {
+      behavior = cmp.ConfirmBehavior.Replace,
+      select = true,
+    },
+    ['<Tab>'] = cmp.mapping(function(fallback)
+      if cmp.visible() then
+        cmp.select_next_item()
+      elseif luasnip.expand_or_locally_jumpable() then
+        luasnip.expand_or_jump()
+      else
+        fallback()
+      end
+    end, { 'i', 's' }),
+    ['<S-Tab>'] = cmp.mapping(function(fallback)
+      if cmp.visible() then
+        cmp.select_prev_item()
+      elseif luasnip.locally_jumpable(-1) then
+        luasnip.jump(-1)
+      else
+        fallback()
+      end
+    end, { 'i', 's' }),
+  },
+  sources = {
+    { name = 'nvim_lsp' },
+    { name = 'luasnip' },
+  },
+}
+
+-- disable netrw at the very start of your init.lua
+vim.g.loaded_netrw = 1
+vim.g.loaded_netrwPlugin = 1
+
+-- set termguicolors to enable highlight groups
+vim.opt.termguicolors = true
+
+-- The line beneath this is called `modeline`. See `:help modeline`
+-- vim: ts=2 sts=2 sw=2 et
+
diff --git a/.config/nvim/lua/custom/plugins/copilot.lua b/.config/nvim/lua/custom/plugins/copilot.lua
new file mode 100644
index 0000000..4bd9e84
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/copilot.lua
@@ -0,0 +1,25 @@
+return {
+  {
+    "zbirenbaum/copilot.lua",
+    enabled = false,
+    cmd = "Copilot",
+    event = "InsertEnter",
+    config = function()
+      require("copilot").setup({
+        suggestion = {
+          enabled = true,
+          auto_trigger = true,
+          debounce = 75,
+          keymap = {
+            accept = "<M-l>",
+            next = "<M-,>",
+            prev = "<M-.>"
+          }
+        },
+        filetypes = {
+          ["."] = true
+        }
+      })
+    end,
+  }
+}
diff --git a/.config/nvim/lua/custom/plugins/init.lua b/.config/nvim/lua/custom/plugins/init.lua
new file mode 100644
index 0000000..be0eb9d
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/init.lua
@@ -0,0 +1,5 @@
+-- You can add your own plugins here or in other files in this directory!
+--  I promise not to create any merge conflicts in this directory :)
+--
+-- See the kickstart.nvim README for more information
+return {}
diff --git a/.config/nvim/lua/custom/plugins/llm.lua b/.config/nvim/lua/custom/plugins/llm.lua
new file mode 100644
index 0000000..84abb2d
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/llm.lua
@@ -0,0 +1,28 @@
+return {
+  cond = false,
+  'huggingface/llm.nvim',
+  opts = {
+    api_token = "monkey",
+    -- cf Setup
+    model = "http://localhost:8080/generate",
+    query_params = {
+      max_new_tokens = 60,
+      temperature = 0.2,
+      top_p = 0.95,
+      stop_token = "<EOT>",
+    },
+    fim = {
+      enabled = true,
+      prefix = "<PRE>",
+      middle = "<MID>",
+      suffix = "<SUF>",
+    },
+    debounce_ms = 150,
+    accept_keymap = "<M-l>",
+    dismiss_keymap = "<M-n>",
+    max_context_after = 5000,
+    max_context_before = 5000,
+    tls_skip_verify_insecure = false,
+    context_window = 8192, -- max number of tokens for the context window
+  }
+};
diff --git a/.config/nvim/lua/custom/plugins/nvim-tree.lua b/.config/nvim/lua/custom/plugins/nvim-tree.lua
new file mode 100644
index 0000000..347f3c1
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/nvim-tree.lua
@@ -0,0 +1,90 @@
+local function my_on_attach(bufnr)
+  local api = require('nvim-tree.api')
+
+  local function opts(desc)
+    return { desc = 'nvim-tree: ' .. desc, buffer = bufnr, noremap = true, silent = true, nowait = true }
+  end
+
+  -- copy default mappings here from defaults in next section
+  vim.keymap.set('n', '<leader>tc', api.tree.change_root_to_node, opts('CD'))
+  vim.keymap.set('n', '<leader>te', api.node.open.replace_tree_buffer, opts('Open: In Place'))
+  vim.keymap.set('n', '<leader>tk', api.node.show_info_popup, opts('Info'))
+  vim.keymap.set('n', '<leader>tr', api.fs.rename_sub, opts('Rename: Omit Filename'))
+  vim.keymap.set('n', '<leader>tt', api.node.open.tab, opts('Open: New Tab'))
+  vim.keymap.set('n', '<leader>tv', api.node.open.vertical, opts('Open: Vertical Split'))
+  vim.keymap.set('n', '<leader>th', api.node.open.horizontal, opts('Open: Horizontal Split'))
+  vim.keymap.set('n', '<BS>', api.node.navigate.parent_close, opts('Close Directory'))
+  vim.keymap.set('n', '<CR>', api.node.open.edit, opts('Open'))
+  vim.keymap.set('n', '<Tab>', api.node.open.preview, opts('Open Preview'))
+  vim.keymap.set('n', '>', api.node.navigate.sibling.next, opts('Next Sibling'))
+  vim.keymap.set('n', '<', api.node.navigate.sibling.prev, opts('Previous Sibling'))
+  vim.keymap.set('n', '.', api.node.run.cmd, opts('Run Command'))
+  vim.keymap.set('n', '-', api.tree.change_root_to_parent, opts('Up'))
+  vim.keymap.set('n', 'a', api.fs.create, opts('Create'))
+  vim.keymap.set('n', 'bd', api.marks.bulk.delete, opts('Delete Bookmarked'))
+  vim.keymap.set('n', 'bmv', api.marks.bulk.move, opts('Move Bookmarked'))
+  vim.keymap.set('n', 'B', api.tree.toggle_no_buffer_filter, opts('Toggle Filter: No Buffer'))
+  vim.keymap.set('n', 'c', api.fs.copy.node, opts('Copy'))
+  vim.keymap.set('n', 'C', api.tree.toggle_git_clean_filter, opts('Toggle Filter: Git Clean'))
+  vim.keymap.set('n', '[c', api.node.navigate.git.prev, opts('Prev Git'))
+  vim.keymap.set('n', ']c', api.node.navigate.git.next, opts('Next Git'))
+  vim.keymap.set('n', 'd', api.fs.remove, opts('Delete'))
+  vim.keymap.set('n', 'D', api.fs.trash, opts('Trash'))
+  vim.keymap.set('n', 'E', api.tree.expand_all, opts('Expand All'))
+  vim.keymap.set('n', 'e', api.fs.rename_basename, opts('Rename: Basename'))
+  vim.keymap.set('n', ']e', api.node.navigate.diagnostics.next, opts('Next Diagnostic'))
+  vim.keymap.set('n', '[e', api.node.navigate.diagnostics.prev, opts('Prev Diagnostic'))
+  vim.keymap.set('n', 'F', api.live_filter.clear, opts('Clean Filter'))
+  vim.keymap.set('n', 'f', api.live_filter.start, opts('Filter'))
+  vim.keymap.set('n', 'g?', api.tree.toggle_help, opts('Help'))
+  vim.keymap.set('n', 'gy', api.fs.copy.absolute_path, opts('Copy Absolute Path'))
+  vim.keymap.set('n', '<leader>t.', api.tree.toggle_hidden_filter, opts('Toggle Filter: Dotfiles'))
+  vim.keymap.set('n', '<leader>ti', api.tree.toggle_gitignore_filter, opts('Toggle Filter: Git Ignore'))
+  vim.keymap.set('n', 'J', api.node.navigate.sibling.last, opts('Last Sibling'))
+  vim.keymap.set('n', 'K', api.node.navigate.sibling.first, opts('First Sibling'))
+  vim.keymap.set('n', 'm', api.marks.toggle, opts('Toggle Bookmark'))
+  vim.keymap.set('n', 'o', api.node.open.edit, opts('Open'))
+  vim.keymap.set('n', 'O', api.node.open.no_window_picker, opts('Open: No Window Picker'))
+  vim.keymap.set('n', 'p', api.fs.paste, opts('Paste'))
+  vim.keymap.set('n', 'P', api.node.navigate.parent, opts('Parent Directory'))
+  vim.keymap.set('n', 'q', api.tree.close, opts('Close'))
+  vim.keymap.set('n', 'r', api.fs.rename, opts('Rename'))
+  vim.keymap.set('n', 'R', api.tree.reload, opts('Refresh'))
+  vim.keymap.set('n', 's', api.node.run.system, opts('Run System'))
+  vim.keymap.set('n', 'S', api.tree.search_node, opts('Search'))
+  vim.keymap.set('n', 'U', api.tree.toggle_custom_filter, opts('Toggle Filter: Hidden'))
+  vim.keymap.set('n', 'W', api.tree.collapse_all, opts('Collapse'))
+  vim.keymap.set('n', 'x', api.fs.cut, opts('Cut'))
+  vim.keymap.set('n', 'y', api.fs.copy.filename, opts('Copy Name'))
+  vim.keymap.set('n', 'Y', api.fs.copy.relative_path, opts('Copy Relative Path'))
+  vim.keymap.set('n', '<2-LeftMouse>', api.node.open.edit, opts('Open'))
+end
+
+
+
+return {
+  "nvim-tree/nvim-tree.lua",
+  version = "*",
+  lazy = false,
+  dependencies = {
+    "nvim-tree/nvim-web-devicons",
+  },
+  config = function()
+    require("nvim-tree").setup({
+      sort_by = "case_sensitive",
+      on_attach = my_on_attach,
+      view = {
+        width = 30,
+      },
+      renderer = {
+        group_empty = true,
+      },
+      filters = {
+        dotfiles = true,
+      },
+      update_focused_file = {
+        enable = true,
+      },
+    })
+  end,
+}
diff --git a/.config/nvim/lua/custom/plugins/nvterm.lua b/.config/nvim/lua/custom/plugins/nvterm.lua
new file mode 100644
index 0000000..53be1e9
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/nvterm.lua
@@ -0,0 +1,17 @@
+local toggle_modes = { 'n', 't' }
+local mappings = {
+  { toggle_modes, '<A-h>', function() require("nvterm.terminal").toggle('horizontal') end },
+  { toggle_modes, '<A-v>', function() require("nvterm.terminal").toggle('vertical') end },
+  { toggle_modes, '<A-i>', function() require("nvterm.terminal").toggle('float') end },
+}
+local opts = { noremap = true, silent = true }
+for _, mapping in ipairs(mappings) do
+  vim.keymap.set(mapping[1], mapping[2], mapping[3], opts)
+end
+
+return {
+  "NvChad/nvterm",
+  config = function()
+    require("nvterm").setup()
+  end,
+}
diff --git a/.config/nvim/lua/custom/plugins/treesitter-context.lua b/.config/nvim/lua/custom/plugins/treesitter-context.lua
new file mode 100644
index 0000000..934eaef
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/treesitter-context.lua
@@ -0,0 +1,21 @@
+return {
+  "nvim-treesitter/nvim-treesitter-context",
+  version = "*",
+  lazy = false,
+  config = function()
+  require('treesitter-context').setup{
+    enable = true, -- Enable this plugin (Can be enabled/disabled later via commands)
+    max_lines = 0, -- How many lines the window should span. Values <= 0 mean no limit.
+    min_window_height = 0, -- Minimum editor window height to enable context. Values <= 0 mean no limit.
+    line_numbers = true,
+    multiline_threshold = 20, -- Maximum number of lines to collapse for a single context line
+    trim_scope = 'outer', -- Which context lines to discard if `max_lines` is exceeded. Choices: 'inner', 'outer'
+    mode = 'cursor',  -- Line used to calculate context. Choices: 'cursor', 'topline'
+    -- Separator between context and content. Should be a single character string, like '-'.
+    -- When separator is set, the context will only show up when there are at least 2 lines above cursorline.
+    separator = nil,
+    zindex = 20, -- The Z-index of the context window
+    on_attach = nil, -- (fun(buf: integer): boolean) return false to disable attaching
+  }
+  end,
+}
\ No newline at end of file
diff --git a/.config/nvim/lua/custom/plugins/undotree.lua b/.config/nvim/lua/custom/plugins/undotree.lua
new file mode 100644
index 0000000..d9076e8
--- /dev/null
+++ b/.config/nvim/lua/custom/plugins/undotree.lua
@@ -0,0 +1 @@
+return {}
diff --git a/.config/nvim/lua/kickstart/plugins/autoformat.lua b/.config/nvim/lua/kickstart/plugins/autoformat.lua
new file mode 100644
index 0000000..bc56b15
--- /dev/null
+++ b/.config/nvim/lua/kickstart/plugins/autoformat.lua
@@ -0,0 +1,74 @@
+-- autoformat.lua
+--
+-- Use your language server to automatically format your code on save.
+-- Adds additional commands as well to manage the behavior
+
+return {
+  'neovim/nvim-lspconfig',
+  config = function()
+    -- Switch for controlling whether you want autoformatting.
+    --  Use :KickstartFormatToggle to toggle autoformatting on or off
+    local format_is_enabled = true
+    vim.api.nvim_create_user_command('KickstartFormatToggle', function()
+      format_is_enabled = not format_is_enabled
+      print('Setting autoformatting to: ' .. tostring(format_is_enabled))
+    end, {})
+
+    -- Create an augroup that is used for managing our formatting autocmds.
+    --      We need one augroup per client to make sure that multiple clients
+    --      can attach to the same buffer without interfering with each other.
+    local _augroups = {}
+    local get_augroup = function(client)
+      if not _augroups[client.id] then
+        local group_name = 'kickstart-lsp-format-' .. client.name
+        local id = vim.api.nvim_create_augroup(group_name, { clear = true })
+        _augroups[client.id] = id
+      end
+
+      return _augroups[client.id]
+    end
+
+    -- Whenever an LSP attaches to a buffer, we will run this function.
+    --
+    -- See `:help LspAttach` for more information about this autocmd event.
+    vim.api.nvim_create_autocmd('LspAttach', {
+      group = vim.api.nvim_create_augroup('kickstart-lsp-attach-format', { clear = true }),
+      -- This is where we attach the autoformatting for reasonable clients
+      callback = function(args)
+        local client_id = args.data.client_id
+        local client = vim.lsp.get_client_by_id(client_id)
+        local bufnr = args.buf
+
+        -- Only attach to clients that support document formatting
+        if not client.server_capabilities.documentFormattingProvider then
+          return
+        end
+
+        -- Tsserver usually works poorly. Sorry you work with bad languages
+        -- You can remove this line if you know what you're doing :)
+        if client.name == 'tsserver' then
+          return
+        end
+
+        -- Create an autocmd that will run *before* we save the buffer.
+        --  Run the formatting command for the LSP that has just attached.
+        vim.api.nvim_create_autocmd('BufWritePre', {
+          group = get_augroup(client),
+          buffer = bufnr,
+          callback = function()
+            if not format_is_enabled then
+              return
+            end
+
+            vim.lsp.buf.format {
+              async = false,
+              filter = function(c)
+                return c.id == client.id
+              end,
+            }
+          end,
+        })
+      end,
+    })
+  end,
+}
diff --git a/.config/nvim/lua/kickstart/plugins/debug.lua b/.config/nvim/lua/kickstart/plugins/debug.lua
new file mode 100644
index 0000000..7fc783f
--- /dev/null
+++ b/.config/nvim/lua/kickstart/plugins/debug.lua
@@ -0,0 +1,87 @@
+-- debug.lua
+--
+-- Shows how to use the DAP plugin to debug your code.
+--
+-- Primarily focused on configuring the debugger for Go, but can
+-- be extended to other languages as well. That's why it's called
+-- kickstart.nvim and not kitchen-sink.nvim ;)
+
+return {
+  -- NOTE: Yes, you can install new plugins here!
+  'mfussenegger/nvim-dap',
+  -- NOTE: And you can specify dependencies as well
+  dependencies = {
+    -- Creates a beautiful debugger UI
+    'rcarriga/nvim-dap-ui',
+
+    -- Installs the debug adapters for you
+    'williamboman/mason.nvim',
+    'jay-babu/mason-nvim-dap.nvim',
+
+    -- Add your own debuggers here
+    'leoluz/nvim-dap-go',
+  },
+  config = function()
+    local dap = require 'dap'
+    local dapui = require 'dapui'
+
+    require('mason-nvim-dap').setup {
+      -- Makes a best effort to setup the various debuggers with
+      -- reasonable debug configurations
+      automatic_setup = true,
+
+      -- You can provide additional configuration to the handlers,
+      -- see mason-nvim-dap README for more information
+      handlers = {},
+
+      -- You'll need to check that you have the required things installed
+      -- online, please don't ask me how to install them :)
+      ensure_installed = {
+        -- Update this to ensure that you have the debuggers for the langs you want
+        'delve',
+      },
+    }
+
+    -- Basic debugging keymaps, feel free to change to your liking!
+    vim.keymap.set('n', '<F5>', dap.continue, { desc = 'Debug: Start/Continue' })
+    vim.keymap.set('n', '<F1>', dap.step_into, { desc = 'Debug: Step Into' })
+    vim.keymap.set('n', '<F2>', dap.step_over, { desc = 'Debug: Step Over' })
+    vim.keymap.set('n', '<F3>', dap.step_out, { desc = 'Debug: Step Out' })
+    vim.keymap.set('n', '<leader>b', dap.toggle_breakpoint, { desc = 'Debug: Toggle Breakpoint' })
+    vim.keymap.set('n', '<leader>B', function()
+      dap.set_breakpoint(vim.fn.input 'Breakpoint condition: ')
+    end, { desc = 'Debug: Set Breakpoint' })
+
+    -- Dap UI setup
+    -- For more information, see |:help nvim-dap-ui|
+    dapui.setup {
+      -- Set icons to characters that are more likely to work in every terminal.
+      --    Feel free to remove or use ones that you like more! :)
+      --    Don't feel like these are good choices.
+      icons = { expanded = '▾', collapsed = '▸', current_frame = '*' },
+      controls = {
+        icons = {
+          pause = '⏸',
+          play = '▶',
+          step_into = '⏎',
+          step_over = '⏭',
+          step_out = '⏮',
+          step_back = 'b',
+          run_last = '▶▶',
+          terminate = '⏹',
+          disconnect = '⏏',
+        },
+      },
+    }
+
+    -- Toggle to see last session result. Without this, you can't see session output in case of unhandled exception.
+    vim.keymap.set('n', '<F7>', dapui.toggle, { desc = 'Debug: See last session result.' })
+
+    dap.listeners.after.event_initialized['dapui_config'] = dapui.open
+    dap.listeners.before.event_terminated['dapui_config'] = dapui.close
+    dap.listeners.before.event_exited['dapui_config'] = dapui.close
+
+    -- Install golang specific config
+    require('dap-go').setup()
+  end,
+}
diff --git a/.gitconfig b/.gitconfig
index bf3344f..5ccbb2d 100644
--- a/.gitconfig
+++ b/.gitconfig
@@ -25,5 +25,3 @@
     path = .gitconfig-gitea
 [includeIf "gitdir/i:~/projects/fh/**"]
     path = .gitconfig-gitlabfh
-[core]
-	editor = kate
diff --git a/flake.lock b/flake.lock
new file mode 100644
index 0000000..38cdb1e
--- /dev/null
+++ b/flake.lock
@@ -0,0 +1,269 @@
+{
+  "nodes": {
+    "agenix": {
+      "inputs": {
+        "darwin": "darwin",
+        "home-manager": "home-manager",
+        "nixpkgs": "nixpkgs"
+      },
+      "locked": {
+        "lastModified": 1696775529,
+        "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=",
+        "owner": "ryantm",
+        "repo": "agenix",
+        "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4",
+        "type": "github"
+      },
+      "original": {
+        "owner": "ryantm",
+        "repo": "agenix",
+        "type": "github"
+      }
+    },
+    "darwin": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1673295039,
+        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
+        "owner": "lnl7",
+        "repo": "nix-darwin",
+        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
+        "type": "github"
+      },
+      "original": {
+        "owner": "lnl7",
+        "ref": "master",
+        "repo": "nix-darwin",
+        "type": "github"
+      }
+    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
+    "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1694529238,
+        "narHash": "sha256-zsNZZGTGnMOf9YpHKJqMSsa0dXbfmxeoJ7xHlrt+xmY=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "ff7b65b44d01cf9ba6a71320833626af21126384",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "home-manager": {
+      "inputs": {
+        "nixpkgs": [
+          "agenix",
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1682203081,
+        "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "home-manager_2": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1695108154,
+        "narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
+        "owner": "nix-community",
+        "repo": "home-manager",
+        "rev": "07682fff75d41f18327a871088d20af2710d4744",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "ref": "release-23.05",
+        "repo": "home-manager",
+        "type": "github"
+      }
+    },
+    "nixinate": {
+      "inputs": {
+        "nixpkgs": "nixpkgs_2"
+      },
+      "locked": {
+        "lastModified": 1688141737,
+        "narHash": "sha256-qHrNMYWukOKmKVf6wXOGKj1xxUnOGjvTRbt/PLLXuBE=",
+        "owner": "matthewcroughan",
+        "repo": "nixinate",
+        "rev": "7902ae845e6cc5bd450e510cdf5e009a6e4a44d9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "matthewcroughan",
+        "repo": "nixinate",
+        "type": "github"
+      }
+    },
+    "nixos-hardware": {
+      "locked": {
+        "lastModified": 1699159446,
+        "narHash": "sha256-cL63IjsbPl2otS7R4kdXbVOJOXYMpGw5KGZoWgdCuCM=",
+        "owner": "NixOS",
+        "repo": "nixos-hardware",
+        "rev": "627bc9b88256379578885a7028c9e791c29fb581",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "master",
+        "repo": "nixos-hardware",
+        "type": "github"
+      }
+    },
+    "nixos-wsl": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "flake-utils": "flake-utils",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1698222534,
+        "narHash": "sha256-iF9C7C7eT8LVVWx5IOZ/8KKJT8AIw9A5aBA6vqS18l8=",
+        "owner": "nix-community",
+        "repo": "NixOS-WSL",
+        "rev": "a058cff4b09b3a398d8caa379b4dc96cfedd98c9",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "NixOS-WSL",
+        "type": "github"
+      }
+    },
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1677676435,
+        "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs-unstable": {
+      "locked": {
+        "lastModified": 1699099776,
+        "narHash": "sha256-X09iKJ27mGsGambGfkKzqvw5esP1L/Rf8H3u3fCqIiU=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "85f1ba3e51676fa8cc604a3d863d729026a6b8eb",
+        "type": "github"
+      },
+      "original": {
+        "id": "nixpkgs",
+        "ref": "nixos-unstable",
+        "type": "indirect"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1653060744,
+        "narHash": "sha256-kfRusllRumpt33J1hPV+CeCCylCXEU7e0gn2/cIM7cY=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "dfd82985c273aac6eced03625f454b334daae2e8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
+      "locked": {
+        "lastModified": 1699110214,
+        "narHash": "sha256-L2TU4RgtiqF69W8Gacg2jEkEYJrW+Kp0Mp4plwQh5b8=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "78f3a4ae19f0e99d5323dd2e3853916b8ee4afee",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-23.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "agenix": "agenix",
+        "home-manager": "home-manager_2",
+        "nixinate": "nixinate",
+        "nixos-hardware": "nixos-hardware",
+        "nixos-wsl": "nixos-wsl",
+        "nixpkgs": "nixpkgs_3",
+        "nixpkgs-unstable": "nixpkgs-unstable"
+      }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..b3f475e
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,169 @@
+{
+  description = "Kop's NixOS Flake";
+  inputs = {
+      # secrets management
+      agenix.url = "github:ryantm/agenix";
+      nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
+      nixos-hardware.url = "github:NixOS/nixos-hardware/master";
+      nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
+      home-manager = {
+        url = "github:nix-community/home-manager/release-23.05";
+        inputs.nixpkgs.follows = "nixpkgs";
+      };
+      nixos-wsl = {
+        url = "github:nix-community/NixOS-WSL";
+        inputs.nixpkgs.follows = "nixpkgs";
+      };
+      nixinate.url = "github:matthewcroughan/nixinate";
+  };
+  outputs = { self,
+              nixpkgs,
+              nixos-hardware,
+              nixos-wsl,
+              nixpkgs-unstable,
+              agenix,
+              home-manager,
+                nixinate
+            }@inputs:
+    let
+      system = "x86_64-linux";
+      overlay-unstable = final: prev: {
+        unstable = nixpkgs-unstable.legacyPackages.${prev.system};
+      };
+    in {
+    apps = nixinate.nixinate.${system} self;
+    nixosConfigurations.server = nixpkgs.lib.nixosSystem {
+      inherit system;
+      modules = [
+        ### User specific ###
+        ./users/anon.nix
+        ### System sepecific ###
+        ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
+        ./systems/server/configuration.nix
+        ### Modules ###
+        ./modules/static-ip.nix
+        ./modules/hdd-spindown.nix
+        ./modules/firewall.nix
+        ./modules/wireshark.nix
+        ./modules/minecraft-server.nix
+        ./modules/motd.nix
+        ./modules/postgres.nix
+        ./modules/fail2ban.nix
+        ./modules/nix/settings.nix
+        ./modules/adguard.nix
+        ./modules/git.nix
+        ./modules/github-runner.nix
+        ./modules/synapse.nix
+        ./modules/nextcloud.nix
+        ./modules/acme.nix
+        ./modules/samba.nix
+        ./modules/backup.nix
+        ./modules/nginx.nix
+        ./modules/ssh.nix
+        ./modules/rdp.nix
+        ./modules/docker.nix
+        ./modules/wireguard.nix
+        ./modules/cron.nix
+        ./modules/paperless.nix
+        ./modules/kavita.nix
+        ./modules/netdata.nix
+        home-manager.nixosModules.home-manager
+        agenix.nixosModules.default
+        {
+          _module.args.nixinate = {
+            host = "192.168.2.1";
+            sshUser = "anon";
+            buildOn = "remote"; # valid args are "local" or "remote"
+            substituteOnTarget = true; # if buildOn is "local" then it will substitute on the target, "-s"
+            hermetic = false;
+          };
+        }
+      ];
+      specialArgs = {
+        ## Custom variables (e.g. ip, interface, etc)
+        vars = (import ./systems/server/userdata.nix);
+        inherit inputs ;
+      };
+    };
+    nixosConfigurations."kop-pc" = nixpkgs.lib.nixosSystem {
+        inherit system;
+        specialArgs = {
+          inherit inputs ;
+        };
+        modules = [
+          ./users/kopatz.nix
+          ./modules/graphical/plasma.nix
+          ./modules/graphical/shared.nix
+          ./modules/nix/settings.nix
+          ./modules/nix/index.nix
+          ./modules/nix/ld.nix
+          ./modules/gpg.nix
+          ./modules/virt-manager.nix
+          ./modules/flatpak.nix
+          ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
+          ./modules/wooting.nix
+          ./modules/support/ntfs.nix
+          ./systems/pc/configuration.nix
+          agenix.nixosModules.default
+          home-manager.nixosModules.home-manager
+        ];
+    };
+    nixosConfigurations."nix-laptop" = nixpkgs.lib.nixosSystem {
+        inherit system;
+        specialArgs = {
+          ## Custom variables (e.g. ip, interface, etc)
+          vars = (import ./systems/laptop/userdata.nix);
+          inherit inputs ;
+        };
+        modules = [
+          ./users/kopatz.nix
+          # Todo: refactor file layout
+          ./modules/graphical/gnome.nix
+          ./laptop/configuration.nix
+          ./modules/virt-manager.nix
+          ./modules/ssh.nix
+          #./modules/static-ip.nix
+          #./modules/no-sleep-lid-closed.nix
+          #./modules/wake-on-lan.nix
+          ./modules/thunderbolt.nix
+          ./modules/rdp.nix
+          nixos-hardware.nixosModules.dell-xps-15-7590-nvidia
+          agenix.nixosModules.default
+          home-manager.nixosModules.home-manager
+        ];
+    };
+    nixosConfigurations."nix-laptop-no-gpu" = nixpkgs.lib.nixosSystem {
+        inherit system;
+        specialArgs = {
+          ## Custom variables (e.g. ip, interface, etc)
+          vars = (import ./systems/laptop/userdata.nix);
+          inherit inputs ;
+        };
+        modules = [
+          ./users/kopatz.nix
+          ./laptop/configuration.nix
+          ./modules/virt-manager.nix
+          ./modules/ssh.nix
+          ./modules/wake-on-lan.nix
+          ./modules/static-ip.nix
+          ./modules/no-sleep-lid-closed.nix
+          ./modules/thunderbolt.nix
+          nixos-hardware.nixosModules.dell-xps-15-7590
+          agenix.nixosModules.default
+          home-manager.nixosModules.home-manager
+        ];
+    };
+    nixosConfigurations."wsl" = nixpkgs.lib.nixosSystem {
+        inherit system;
+        specialArgs = {inherit inputs ;};
+        modules = [
+          #"${nixpkgs}/nixos/modules/profiles/minimal.nix"
+          ./users/anon.nix
+          ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
+          ./systems/wsl/configuration.nix
+          nixos-wsl.nixosModules.wsl
+          home-manager.nixosModules.home-manager
+        ];
+    };
+  };
+}
diff --git a/laptop/configuration.nix b/laptop/configuration.nix
index d4ec290..5ba5dd2 100644
--- a/laptop/configuration.nix
+++ b/laptop/configuration.nix
@@ -54,5 +54,6 @@
     gnomeExtensions.backslide
     gnomeExtensions.nextcloud-folder
     gnomeExtensions.tray-icons-reloaded
+    gnomeExtensions.blur-my-shell
   ];
 }
diff --git a/laptop/gnome.nix b/laptop/gnome.nix
index d4ec290..5ba5dd2 100644
--- a/laptop/gnome.nix
+++ b/laptop/gnome.nix
@@ -54,5 +54,6 @@
     gnomeExtensions.backslide
     gnomeExtensions.nextcloud-folder
     gnomeExtensions.tray-icons-reloaded
+    gnomeExtensions.blur-my-shell
   ];
 }
diff --git a/laptop/main.nix b/laptop/main.nix
index 1b835ed..8185c87 100644
--- a/laptop/main.nix
+++ b/laptop/main.nix
@@ -18,7 +18,6 @@ in
     [ # Include the results of the hardware scan.
 	./hardware-configuration.nix
 	./modules/battery.nix
-	./modules/ssh.nix
 	#./modules/wireguard.nix
 	## -- set in flake.nix
 	#<nixos-hardware/dell/xps/15-7590/nvidia>
@@ -32,7 +31,7 @@ in
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
-  networking.hostName = "nix-laptop-no-gpu"; # Define your hostname.
+  networking.hostName = "nix-laptop"; # Define your hostname.
   # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
 
   # Enable networking
@@ -84,32 +83,6 @@ in
   # Enable touchpad support (enabled default in most desktopManager).
   services.xserver.libinput.enable = true;
 
-  #users.mutableUsers=false;
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.kopatz = {
-    isNormalUser = true;
-    description = "kopatz";
-    extraGroups = [ "networkmanager" "wheel" "docker"];
-    #password = "test";
-    packages = with pkgs; [
-	#firefox
-    #  thunderbird
-      discord
-      librewolf
-      ungoogled-chromium
-    ];
-  };
-
-    # home manager
-  #home-manager.useGlobalPkgs = true;
-
- # home-manager.users.kopatz = { pkgs, ... }: {
-
-    # The state version is required and should stay at the version you
-    # originally installed.
-  #  system.stateVersion = "23.05";
-  #};
-
   programs.steam = {
     enable = true;
     remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
@@ -169,6 +142,11 @@ in
     neofetch
     thunderbird
     rofi
+    pdfgrep
+    taisei
+    ncdu
+    localsend
+    element-desktop
   ];
 
   environment.sessionVariables = {
@@ -199,28 +177,6 @@ in
     "d /docker-data 0755 kopatz users"
   ];
 
-  #virtualisation.oci-containers.containers.mssql = {
-  #  image = "mcr.microsoft.com/mssql/server:2022-latest";
-  #  volumes = [ "/docker-data/mssql/data:/var/opt/mssql/data" ];
-  #  environment = {
-  #    ACCEPT_EULA = "Y";
-  #    MSSQL_SA_PASSWORD="ufhaiufhashfshfklslwkhebwejhvtjhqwvrhp23508v3z8pt";
-  #  };
-  #};
-
-  #module = [ arion.nixosModules.arion ];
-  #virtualisation.arion = {
-  #  backend = "docker";
-  #  projects.mssql.settings = {
-  #    services.mssql.service = {
-  #      image = "mcr.microsoft.com/mssql/server:2022-latest";
-  #      restart = "unless-stopped";
-  #      #volumes = { /docker-data/mssql/data:/var/opt/mssql/data; };
-  #      environment = { ACCEPT_EULA = "Y"; MSSQL_SA_PASSWORD="ufhaiufhashfshfklslwkhebwejhvtjhqwvrhp23508v3z8pt"; };
-  #    };
-  #  };
-  #};
-
   ### end docker
 
   # Some programs need SUID wrappers, can be configured further or are
@@ -236,12 +192,6 @@ in
   # Enable the OpenSSH daemon.
   # services.openssh.enable = true;
 
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
diff --git a/laptop/modules/ssh.nix b/laptop/modules/ssh.nix
deleted file mode 100644
index a9cf9e1..0000000
--- a/laptop/modules/ssh.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{
-      services.openssh = {
-        enable = true;
-        ports = [];
-        openFirewall = false;
-        settings = {
-            PermitRootLogin = "no";
-            PasswordAuthentication = false;
-        };
-      };
-}
diff --git a/server/modules/acme.nix b/modules/acme.nix
similarity index 100%
rename from server/modules/acme.nix
rename to modules/acme.nix
diff --git a/server/modules/adguard.nix b/modules/adguard.nix
similarity index 78%
rename from server/modules/adguard.nix
rename to modules/adguard.nix
index 77c79af..b659d35 100644
--- a/server/modules/adguard.nix
+++ b/modules/adguard.nix
@@ -1,4 +1,9 @@
- {
+{ config, pkgs, inputs, vars, ... }:
+let 
+  ip = vars.ipv4;
+  wireguardIp = vars.wireguardIp;
+in
+{
   networking.firewall.allowedTCPPorts = [ 53 ];
   networking.firewall.allowedUDPPorts = [ 53 ];
 
@@ -12,7 +17,7 @@
         }
       ];
       dns = {
-        bind_hosts = [ "127.0.0.1" "192.168.0.6" ]; # "192.168.2.1" ];
+        bind_hosts = [ "127.0.0.1" ip wireguardIp ];
         port = 53;
         protection_enabled = true;
         filtering_enabled = true;
@@ -26,33 +31,33 @@
         rewrites = [
          {
           "domain" = "kopatz.ddns.net";
-          "answer" = "192.168.0.6";
+          "answer" = ip;
          }
          {
           "domain" = "server.home";
-          "answer" = "192.168.0.6";
+          "answer" = ip;
          }
          {
           "domain" = "server.local";
-          "answer" = "192.168.0.6";
+          "answer" = ip;
          }
-        {
+         {
           "domain" = "adguard.local";
-          "answer" = "192.168.0.6";
+          "answer" = ip;
+         }
+         {
+          "domain" = "nextcloud.local";
+          "answer" = ip;
+         }
+         {
+           "domain" = "turnserver.local";
+           "answer" = "192.168.2.1";
          }
-	 {
-	  "domain" = "nextcloud.local";
-	  "answer" = "192.168.0.6";
-	 }
-	 {
-	  "domain" = "turnserver.local";
-	  "answer" = "192.168.2.1";
-	 }
          {
           "domain" = "inverter.local";
           "answer" = "192.168.0.9";
          }
-        ];  
+        ];
       };
       querylog = {
         enabled = false;
diff --git a/server/modules/backup.nix b/modules/backup.nix
similarity index 82%
rename from server/modules/backup.nix
rename to modules/backup.nix
index 5f73471..e378717 100644
--- a/server/modules/backup.nix
+++ b/modules/backup.nix
@@ -27,6 +27,7 @@
                 "/mnt/250ssd/matrix-synapse/media_store/"
                 "/mnt/250ssd/nextcloud"
                 "/mnt/250ssd/paperless"
+                "/mnt/250ssd/kavita"
             ];
             pruneOpts = [ "--keep-daily 7" "--keep-weekly 10" "--keep-monthly 12" "--keep-yearly 75" ];
             repository = "/mnt/2tb/restic";
@@ -36,12 +37,13 @@
             passwordFile = config.age.secrets.restic-pw.path;
             paths = [
                 "/home"
-		        "/var/backup/postgresql"
-		        "/mnt/250ssd/matrix-synapse/media_store/"
-		        "/mnt/250ssd/nextcloud"
-		        "/mnt/250ssd/paperless"
+            "/var/backup/postgresql"
+            "/mnt/250ssd/matrix-synapse/media_store/"
+            "/mnt/250ssd/nextcloud"
+            "/mnt/250ssd/paperless"
+                "/mnt/250ssd/kavita"
             ];
-	        exclude = [
+            exclude = [
                 "/home/**/Cache"
                 "/home/**/.cache"
                 "/home/**/__pycache__"
@@ -60,12 +62,12 @@
             passwordFile = config.age.secrets.restic-pw.path;
             paths = [
                 "/home"
-		        "/var/backup/postgresql"
-		        "/mnt/250ssd/matrix-synapse/media_store/"
-		        "/mnt/250ssd/nextcloud"
-		        "/mnt/250ssd/paperless"
+            "/var/backup/postgresql"
+            "/mnt/250ssd/matrix-synapse/media_store/"
+            "/mnt/250ssd/nextcloud"
+            "/mnt/250ssd/paperless"
             ];
-	        exclude = [
+            exclude = [
                 "/home/**/Cache"
                 "/home/**/.cache"
                 "/home/**/__pycache__"
@@ -81,7 +83,7 @@
             };
         };
         remotebackup = { 
-	        exclude = [
+            exclude = [
                 "/home/**/Cache"
                 "/home/**/.cache"
                 "/home/**/__pycache__"
@@ -90,17 +92,17 @@
             ];
             initialize = true;
             passwordFile = config.age.secrets.restic-pw.path;
-	        environmentFile = config.age.secrets.restic-s3.path;
+            environmentFile = config.age.secrets.restic-s3.path;
             paths = [
                 "/home"
             ];
             pruneOpts = [ "--keep-daily 5" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ];
             timerConfig = {
-		        OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 00:00:00";
-		        Persistent = true;
-	        };
+              OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 00:00:00";
+              Persistent = true;
+            };
             repository = "s3:s3.us-west-002.backblazeb2.com/kop-bucket";
-	    };
+      };
     };
   };
 }
diff --git a/server/modules/coturn.nix b/modules/coturn.nix
similarity index 100%
rename from server/modules/coturn.nix
rename to modules/coturn.nix
diff --git a/server/modules/cron.nix b/modules/cron.nix
similarity index 100%
rename from server/modules/cron.nix
rename to modules/cron.nix
diff --git a/server/modules/docker.nix b/modules/docker.nix
similarity index 100%
rename from server/modules/docker.nix
rename to modules/docker.nix
diff --git a/server/modules/dyndns.nix b/modules/dyndns.nix
similarity index 100%
rename from server/modules/dyndns.nix
rename to modules/dyndns.nix
diff --git a/server/modules/fail2ban.nix b/modules/fail2ban.nix
similarity index 100%
rename from server/modules/fail2ban.nix
rename to modules/fail2ban.nix
diff --git a/modules/firewall.nix b/modules/firewall.nix
new file mode 100644
index 0000000..1f42978
--- /dev/null
+++ b/modules/firewall.nix
@@ -0,0 +1,7 @@
+{ config, pkgs, lib, inputs, vars, ... }:
+let
+  allowedUDPPortRanges = vars.udpRanges;
+in
+{
+  networking.firewall.allowedUDPPortRanges = allowedUDPPortRanges;
+}
diff --git a/modules/flatpak.nix b/modules/flatpak.nix
new file mode 100644
index 0000000..e63b2ac
--- /dev/null
+++ b/modules/flatpak.nix
@@ -0,0 +1,3 @@
+{
+      services.flatpak.enable = true;
+}
diff --git a/server/modules/git.nix b/modules/git.nix
similarity index 100%
rename from server/modules/git.nix
rename to modules/git.nix
diff --git a/server/modules/github-runner.nix b/modules/github-runner.nix
similarity index 100%
rename from server/modules/github-runner.nix
rename to modules/github-runner.nix
diff --git a/modules/gpg.nix b/modules/gpg.nix
new file mode 100644
index 0000000..ebd5617
--- /dev/null
+++ b/modules/gpg.nix
@@ -0,0 +1,13 @@
+{pkgs, ...}:
+{
+  #services.pcscd.enable = true;
+
+  programs.gnupg.agent = {
+    enable = true;
+    enableSSHSupport = true;
+    pinentryFlavor = "qt";
+  };
+  #environment.systemPackages = with pkgs; [
+  #  pinentry-curses
+ # ];
+}
diff --git a/modules/graphical/gnome.nix b/modules/graphical/gnome.nix
new file mode 100644
index 0000000..ca59c8d
--- /dev/null
+++ b/modules/graphical/gnome.nix
@@ -0,0 +1,59 @@
+{ config, pkgs, ... }:
+
+{
+  services.xserver = {
+    layout = "at";
+    xkbVariant = "";
+    enable = true;
+    displayManager.gdm.enable = true;
+    desktopManager.gnome.enable = true;
+  };
+
+  # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
+  systemd.services."getty@tty1".enable = false;
+  systemd.services."autovt@tty1".enable = false;
+
+  environment.sessionVariables.NIXOS_OZONE_WL = "1";
+
+  environment.gnome.excludePackages = (with pkgs; [
+  gnome-photos
+  gnome-tour
+  ]) ++ (with pkgs.gnome; [
+    cheese # webcam tool
+    gnome-music
+    gnome-terminal
+    gedit # text editor
+    epiphany # web browser
+    #geary # email reader
+    evince # document viewer
+    gnome-characters
+    totem # video player
+    tali # poker game
+    iagno # go game
+    hitori # sudoku game
+    atomix # puzzle game
+  ]);
+
+  environment.systemPackages = with pkgs; [
+    wmctrl
+    gnome.mutter
+    gnome.adwaita-icon-theme
+    gnome.gnome-settings-daemon
+    gnome.gnome-tweaks
+    gnome.dconf-editor
+    gruvbox-gtk-theme
+    colloid-icon-theme
+    gnomeExtensions.appindicator
+    gnomeExtensions.just-perfection
+    gnomeExtensions.system-monitor
+    gnomeExtensions.dash2dock-lite
+    gnomeExtensions.dash-to-dock
+    gnomeExtensions.vitals
+    gnomeExtensions.rounded-window-corners
+    gnomeExtensions.wallpaper-switcher
+    gnomeExtensions.backslide
+    gnomeExtensions.nextcloud-folder
+    gnomeExtensions.tray-icons-reloaded
+    gnomeExtensions.blur-my-shell
+  ];
+}
diff --git a/modules/graphical/plasma.nix b/modules/graphical/plasma.nix
new file mode 100644
index 0000000..4c88c40
--- /dev/null
+++ b/modules/graphical/plasma.nix
@@ -0,0 +1,11 @@
+{ config, pkgs, ... }:
+
+{
+  services.xserver = {
+    layout = "at";
+    xkbVariant = "";
+    enable = true;
+    displayManager.sddm.enable = true;
+    desktopManager.plasma5.enable = true;
+  };
+}
diff --git a/modules/graphical/shared.nix b/modules/graphical/shared.nix
new file mode 100644
index 0000000..9beb70f
--- /dev/null
+++ b/modules/graphical/shared.nix
@@ -0,0 +1,83 @@
+{ config, pkgs, inputs, ... }:
+
+let
+  keepassWithPlugins = pkgs.keepass.override {
+    plugins = [
+      pkgs.keepass-keepassrpc
+    ];
+  };
+in
+{
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
+    dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
+  };
+
+  programs.kdeconnect.enable = true;
+
+  fonts.fontDir.enable = true;
+  fonts.fonts = with pkgs; [
+    nerdfonts
+  ];
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPortRanges = [
+      { from = 1714; to = 1764; } # KDE Connect
+    ];
+    allowedUDPPortRanges = [
+      { from = 1714; to = 1764; } # KDE Connect
+    ];
+  };
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+  #  wget
+    wget
+    nixos-option
+    kate
+    keepassWithPlugins
+    jetbrains.idea-ultimate
+    jetbrains.rider
+    dotnet-sdk_7
+    dotnet-runtime_7
+    neovim
+    htop
+    btop
+    git
+    xfce.thunar
+    killall
+    xclip
+    usbutils
+    bun
+    inputs.agenix.packages."x86_64-linux".default
+    insomnia
+    remmina
+    nextcloud-client
+    #podman-compose
+    #arion # docker
+    neofetch
+    thunderbird
+    rofi
+    pdfgrep
+    taisei
+    ncdu
+    localsend
+    element-desktop
+    tetrio-desktop
+  ];
+
+  environment.sessionVariables = {
+    DOTNET_ROOT = "${pkgs.dotnet-sdk_7}";
+  };
+
+  ### docker
+  virtualisation.docker.enable = true;
+}
diff --git a/server/modules/hdd-spindown.nix b/modules/hdd-spindown.nix
similarity index 100%
rename from server/modules/hdd-spindown.nix
rename to modules/hdd-spindown.nix
diff --git a/server/modules/home-assistant.nix b/modules/home-assistant.nix
similarity index 100%
rename from server/modules/home-assistant.nix
rename to modules/home-assistant.nix
diff --git a/modules/kavita.nix b/modules/kavita.nix
new file mode 100644
index 0000000..7448e33
--- /dev/null
+++ b/modules/kavita.nix
@@ -0,0 +1,31 @@
+{ config, pkgs, lib, inputs, ... }:
+{
+
+  networking.firewall.allowedTCPPorts = [ 5000 ];
+  age.secrets.kavita = {
+    file = ../secrets/kavita.age;
+    owner = "kavita";
+    group = "kavita";
+  };
+  services.kavita = {
+    enable = true;
+    user = "kavita";
+    port = 5000;
+    dataDir = "/mnt/250ssd/kavita";
+    tokenKeyFile = config.age.secrets.kavita.path;
+  };
+  #todo: base url needs new kavita version
+  systemd.services.kavita = {
+      preStart = ''
+        umask u=rwx,g=rx,o=
+        cat > "/mnt/250ssd/kavita/config/appsettings.json" <<EOF
+        {
+          "TokenKey": "$(cat ${config.age.secrets.kavita.path})",
+          "Port": 5000,
+          "BaseUrl" : "/books",
+          "IpAddresses": "${lib.concatStringsSep "," ["0.0.0.0" "::"]}"
+        }
+        EOF
+      '';
+  };
+}
diff --git a/modules/minecraft-server.nix b/modules/minecraft-server.nix
new file mode 100644
index 0000000..f012715
--- /dev/null
+++ b/modules/minecraft-server.nix
@@ -0,0 +1,9 @@
+{ pkgs, ...}:
+{
+    services.minecraft-server = {
+        enable = true;
+        eula = true;
+        openFirewall = true;
+        package = pkgs.unstable.papermc;
+    };
+}
diff --git a/server/modules/motd.nix b/modules/motd.nix
similarity index 100%
rename from server/modules/motd.nix
rename to modules/motd.nix
diff --git a/modules/netdata.nix b/modules/netdata.nix
new file mode 100644
index 0000000..eb363d5
--- /dev/null
+++ b/modules/netdata.nix
@@ -0,0 +1,59 @@
+{ vars, ... }:
+let 
+  ip = vars.ipv4;
+  wireguardIp = vars.wireguardIp;
+in
+{
+  networking.firewall.allowedTCPPorts = [ 19999 ];
+  services.netdata = {
+    enable = true;
+    configText = ''
+      [global]
+      update every = 2
+
+      [web]
+      default port = 19999
+      bind to = ${ip} ${wireguardIp}
+      allow connections from = localhost 192.168.0.* 192.168.2.*
+
+      [db]
+      # number of tiers used (1 to 5, 3 being default)
+      storage tiers = 3
+
+      # Tier 0, per second data
+      dbengine multihost disk space MB = 256
+
+      # Tier 1, per minute data
+      dbengine tier 1 multihost disk space MB = 128
+      dbengine tier 1 update every iterations = 60
+
+      # Tier 2, per hour data
+      dbengine tier 2 multihost disk space MB = 64
+      dbengine tier 2 update every iterations = 60
+
+      [logs]
+      error = syslog
+
+      [plugins]
+      timex = no
+      idlejitter = no
+      # netdata monitoring = yes
+      tc = no
+      # diskspace = yes
+      # proc = yes
+      # cgroups = yes
+      statsd = no
+      #enable running new plugins = yes
+      #check for new plugins every = 60
+      slabinfo = no
+      nfacct = no
+      charts.d = no
+      python.d = no
+      go.d = no
+      ioping = no
+      perf = no
+      freeipmi = no
+      apps = yes
+      '';
+  };
+}
diff --git a/server/modules/networkmanager.nix b/modules/networkmanager.nix
similarity index 100%
rename from server/modules/networkmanager.nix
rename to modules/networkmanager.nix
diff --git a/server/modules/nextcloud.nix b/modules/nextcloud.nix
similarity index 69%
rename from server/modules/nextcloud.nix
rename to modules/nextcloud.nix
index 12c9b98..39b963f 100644
--- a/server/modules/nextcloud.nix
+++ b/modules/nextcloud.nix
@@ -1,4 +1,7 @@
-{ config, pkgs, lib, inputs, ... }:
+{ config, pkgs, lib, inputs, vars, ... }:
+let
+  wireguardIp = vars.wireguardIp;
+in
 {
     age.secrets.nextcloud-cert = {
         file = ../secrets/nextcloud-cert.age;
@@ -26,15 +29,15 @@
         # Setup Nextcloud virtual host to listen on ports
         virtualHosts = {
             "nextcloud.local" = {
-		serverAliases = [ "192.168.2.1" ];
+              serverAliases = [ wireguardIp ];
                 ## Force HTTP redirect to HTTPS
                 forceSSL = true;
-		locations."~ ^\\/(?:index|remote|public|cron|core\\/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|oc[s]-provider\\/.+|.+\\/richdocumentscode\\/proxy)\\.php(?:$|\\/)".extraConfig = ''
-			client_max_body_size 5G;
-		'';
-	        #sslTrustedCertificate = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
-	        sslCertificate = config.age.secrets.nextcloud-cert.path;
-	        sslCertificateKey = config.age.secrets.nextcloud-key.path;
+                locations."~ ^\\/(?:index|remote|public|cron|core\\/ajax\\/update|status|ocs\\/v[12]|updater\\/.+|oc[s]-provider\\/.+|.+\\/richdocumentscode\\/proxy)\\.php(?:$|\\/)".extraConfig = ''
+                  client_max_body_size 5G;
+                '';
+                #sslTrustedCertificate = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
+                sslCertificate = config.age.secrets.nextcloud-cert.path;
+                sslCertificateKey = config.age.secrets.nextcloud-key.path;
                 ## LetsEncrypt
                 #enableACME = true;
             };
@@ -49,26 +52,25 @@
     services.nextcloud = {
         enable = true;
         package = pkgs.nextcloud27;
-	https = true;
+        https = true;
         hostName = "nextcloud.local";
         config.adminpassFile = config.age.secrets.nextcloud-admin.path;
-	config.dbtype = "pgsql";
-	database.createLocally = true;
-	config.extraTrustedDomains = [ "192.168.2.1" ];
+        config.dbtype = "pgsql";
+        database.createLocally = true;
+        config.extraTrustedDomains = [ wireguardIp ];
         home = "/mnt/250ssd/nextcloud";
-
         extraApps = with config.services.nextcloud.package.packages.apps; {
-	    inherit keeweb onlyoffice calendar mail;
+            inherit keeweb onlyoffice calendar mail;
             spreed = pkgs.fetchNextcloudApp rec {
                 url = "https://github.com/nextcloud-releases/spreed/releases/download/v17.1.1/spreed-v17.1.1.tar.gz";
                 sha256 = "sha256-LaUG0maatc2YtWQjff7J54vadQ2RE4X6FcW8vFefBh8=";
             };
         };
 
-  	phpOptions = {
-    		upload_max_filesize = "5G";
-    		post_max_size = "5G";
-  	};
+        phpOptions = {
+          upload_max_filesize = "5G";
+          post_max_size = "5G";
+        };
         extraAppsEnable = true;
         extraOptions.enabledPreviewProviders = [
             "OC\\Preview\\BMP"
diff --git a/modules/nginx.nix b/modules/nginx.nix
new file mode 100644
index 0000000..a49ca1f
--- /dev/null
+++ b/modules/nginx.nix
@@ -0,0 +1,93 @@
+{
+    networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+    systemd.tmpfiles.rules = [
+        "d /data 0770 github-actions-runner nginx -"
+        "d /data/website 0770 github-actions-runner nginx -"
+    ];
+
+    services.nginx = {
+        enable = true;
+
+        # Use recommended settings
+        recommendedGzipSettings = true;
+        recommendedOptimisation = true;
+        recommendedProxySettings = true;
+        recommendedTlsSettings = true;
+
+        # Only allow PFS-enabled ciphers with AES256
+            sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
+
+        # Setup Nextcloud virtual host to listen on ports
+        virtualHosts = {
+            "kopatz.ddns.net" = {
+                #serverAliases = [
+                #    "www.kopatz.ddns.net"
+                #    "server.home"
+                #    "server.local"
+                #    "192.168.0.6"
+                #];
+                root = "/data/website";
+                forceSSL = true;
+                enableACME = true;
+                locations."~* \\.(jpg)$".extraConfig= ''
+                    add_header Access-Control-Allow-Origin *;
+                '';
+                locations."~ ^/(stash|resources|css)".extraConfig=''
+                	client_max_body_size    5000M;
+                	proxy_redirect          off;
+                	proxy_set_header        Host $host;
+                	proxy_set_header        X-Real-IP $remote_addr;
+                	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+                	proxy_set_header        X-Forwarded-Proto $scheme;
+                	proxy_set_header        X-NginX-Proxy true;
+                	proxy_pass http://localhost:5091;
+                '';
+		        locations."/tracker-site" = {
+			        tryFiles = "$uri $uri/ /tracker-site/index.html =404";
+		        };
+                locations."/tracker-site/api" = {
+                    extraConfig =''
+                        rewrite /tracker-site/api/(.*) /$1 break;
+                    '';
+                    proxyPass = "http://127.0.0.1:8080";
+                };
+ 
+ 	       #locations."~/books(.*)$" = {
+               #    proxyPass = "http://127.0.0.1:5000";
+               #};
+            },
+            #discord bot for tracking useractivity public version 
+            "activitytracker.site" = {
+                root = "/data/website";
+                forceSSL = true;
+                enableACME = true;
+                locations."~* \\.(jpg)$".extraConfig= ''
+                    add_header Access-Control-Allow-Origin *;
+                '';
+                locations."~ ^/(stash|resources|css)".extraConfig=''
+                	client_max_body_size    5000M;
+                	proxy_redirect          off;
+                	proxy_set_header        Host $host;
+                	proxy_set_header        X-Real-IP $remote_addr;
+                	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+                	proxy_set_header        X-Forwarded-Proto $scheme;
+                	proxy_set_header        X-NginX-Proxy true;
+                	proxy_pass http://localhost:5092;
+                '';
+		        locations."/" = {
+			        tryFiles = "$uri $uri/ /tracker-site/index.html =404";
+		        };
+                locations."/api" = {
+                    extraConfig =''
+                        rewrite /api/(.*) /$1 break;
+                    '';
+                    proxyPass = "http://127.0.0.1:8080";
+                };
+           };
+            "adguard.local" = {
+                locations."/".proxyPass = "http://127.0.0.1:3000";
+            }; 
+        };
+    };
+}
diff --git a/modules/nix/index.nix b/modules/nix/index.nix
new file mode 100644
index 0000000..e8e93b3
--- /dev/null
+++ b/modules/nix/index.nix
@@ -0,0 +1,7 @@
+{
+    programs.command-not-found.enable = false;
+    programs.nix-index = {
+        enable = true;
+        enableZshIntegration=true;
+    };
+}
diff --git a/modules/nix/ld.nix b/modules/nix/ld.nix
new file mode 100644
index 0000000..4ff6916
--- /dev/null
+++ b/modules/nix/ld.nix
@@ -0,0 +1,3 @@
+{
+  programs.nix-ld.enable = true;
+}
diff --git a/server/modules/nix-settings.nix b/modules/nix/settings.nix
similarity index 100%
rename from server/modules/nix-settings.nix
rename to modules/nix/settings.nix
diff --git a/modules/no-sleep-lid-closed.nix b/modules/no-sleep-lid-closed.nix
new file mode 100644
index 0000000..5baac73
--- /dev/null
+++ b/modules/no-sleep-lid-closed.nix
@@ -0,0 +1,4 @@
+
+{
+  services.logind.lidSwitchExternalPower = "ignore";
+}
diff --git a/server/modules/paperless.nix b/modules/paperless.nix
similarity index 73%
rename from server/modules/paperless.nix
rename to modules/paperless.nix
index a8f7fdd..3e60830 100644
--- a/server/modules/paperless.nix
+++ b/modules/paperless.nix
@@ -1,4 +1,8 @@
-{ config, pkgs, lib, inputs, ... }:
+{ config, pkgs, lib, inputs, vars, ... }:
+let 
+  ip = vars.ipv4;
+  wireguardIp = vars.wireguardIp;
+in
 {
     networking.firewall.allowedTCPPorts = [ 28981 ];
     age.secrets.paperless = {
@@ -10,7 +14,7 @@
 	enable = true;
 	port = 28981;
 	passwordFile = config.age.secrets.paperless.path;
-	address = "192.168.2.1";
+	address = wireguardIp;
 	mediaDir = "/mnt/250ssd/paperless";
     };
 }
diff --git a/server/modules/postgres.nix b/modules/postgres.nix
similarity index 100%
rename from server/modules/postgres.nix
rename to modules/postgres.nix
diff --git a/modules/rdp.nix b/modules/rdp.nix
new file mode 100644
index 0000000..95fbee3
--- /dev/null
+++ b/modules/rdp.nix
@@ -0,0 +1,9 @@
+{ config, pkgs, lib, vars, ... }:
+let
+  wm = vars.wm;
+in
+{
+    services.xrdp.enable = true;
+    services.xrdp.defaultWindowManager = wm;
+    services.xrdp.openFirewall = true;
+}
diff --git a/server/modules/samba.nix b/modules/samba.nix
similarity index 100%
rename from server/modules/samba.nix
rename to modules/samba.nix
diff --git a/modules/ssh.nix b/modules/ssh.nix
new file mode 100644
index 0000000..e9370f5
--- /dev/null
+++ b/modules/ssh.nix
@@ -0,0 +1,10 @@
+{
+    networking.firewall.allowedTCPPorts = [ 22 ];
+    services.openssh = {
+        enable = true;
+        settings.PasswordAuthentication = false;
+        settings.KbdInteractiveAuthentication = false;
+        settings.PermitRootLogin = "no";
+        settings.X11Forwarding = true;
+    };
+}
diff --git a/server/modules/static-ip-server.nix b/modules/static-ip.nix
similarity index 63%
rename from server/modules/static-ip-server.nix
rename to modules/static-ip.nix
index d9813fa..8a9f1cc 100644
--- a/server/modules/static-ip-server.nix
+++ b/modules/static-ip.nix
@@ -1,3 +1,9 @@
+{ config, vars, ...}:
+let
+ ip = vars.ipv4;
+ dns = vars.dns;
+ interface = vars.interface;
+in
 {
   networking = {
     defaultGateway = "192.168.0.1";
@@ -7,14 +13,14 @@
       allowedUDPPorts = [ 5000 ];
     };
     nameservers = [
-      "127.0.0.1"
+      dns
       "1.1.1.1"
     ];
     interfaces = {
-      "enp0s31f6" = {
+      ${interface} = {
         name = "eth0";
-	      ipv4.addresses = [{
-          address = "192.168.0.6";
+        ipv4.addresses = [{
+          address = ip;
           prefixLength = 24;
         }];
       };
diff --git a/modules/support/ntfs.nix b/modules/support/ntfs.nix
new file mode 100644
index 0000000..4f09762
--- /dev/null
+++ b/modules/support/ntfs.nix
@@ -0,0 +1,3 @@
+{
+  boot.supportedFilesystems = [ "ntfs" ];
+}
diff --git a/server/modules/synapse.nix b/modules/synapse.nix
similarity index 100%
rename from server/modules/synapse.nix
rename to modules/synapse.nix
diff --git a/modules/thunderbolt.nix b/modules/thunderbolt.nix
new file mode 100644
index 0000000..4da7e02
--- /dev/null
+++ b/modules/thunderbolt.nix
@@ -0,0 +1,7 @@
+{
+  services.udev.extraRules = ''
+    # Always authorize thunderbolt connections when they are plugged in.
+    # This is to make sure the USB hub of Thunderbolt is working.
+    ACTION=="add", SUBSYSTEM=="thunderbolt", ATTR{authorized}=="0", ATTR{authorized}="1"
+  '';
+}
diff --git a/modules/virt-manager.nix b/modules/virt-manager.nix
new file mode 100644
index 0000000..64b36eb
--- /dev/null
+++ b/modules/virt-manager.nix
@@ -0,0 +1,6 @@
+{ pkgs, ... }:
+{
+  virtualisation.libvirtd.enable = true;
+  programs.dconf.enable = true; # virt-manager requires dconf to remember settings
+  environment.systemPackages = with pkgs; [ virt-manager virtiofsd ];
+}
diff --git a/server/modules/vmware-guest.nix b/modules/vmware-guest.nix
similarity index 100%
rename from server/modules/vmware-guest.nix
rename to modules/vmware-guest.nix
diff --git a/modules/wake-on-lan.nix b/modules/wake-on-lan.nix
new file mode 100644
index 0000000..24f978c
--- /dev/null
+++ b/modules/wake-on-lan.nix
@@ -0,0 +1,7 @@
+{ config, pkgs, lib, vars, ... }:
+let
+  interface = vars.interface;
+in
+{
+  networking.interfaces.${interface}.wakeOnLan.enable = true;
+}
diff --git a/server/modules/wireguard.nix b/modules/wireguard.nix
similarity index 72%
rename from server/modules/wireguard.nix
rename to modules/wireguard.nix
index f616fd5..365cf33 100644
--- a/server/modules/wireguard.nix
+++ b/modules/wireguard.nix
@@ -1,4 +1,7 @@
-{ config, pkgs, lib, inputs, ... }:
+{ config, pkgs, lib, inputs, vars, ... }:
+let
+  wireguardIp = vars.wireguardIp;
+in
 {
 
   age.secrets.wireguard-private = {
@@ -15,72 +18,79 @@
       autostart = true;
       listenPort = 51820;
       address = [
-        "192.168.2.1/24"
+        "${wireguardIp}/24"
       ];
       peers = [
         {
           allowedIPs = [
             "192.168.2.2/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "dUBPIEnAiHIZCMjqV0ya8qotN3UnMhlEVyGNQcR3gVI=";
         }
         {
           allowedIPs = [
             "192.168.2.3/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "Eg5ZS3zN05mJ/gct6wJlwVAHTlXpkhxFfUd7yscANV0=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.4/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "8Eigfs+k2k2WPaMn+SqDmlSHdMv+I+xcBr/2qhtpGzI=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.20/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "25u1RSfjsx3wb1DMeTm0pvUfUkG7zTjGaN+m0w6ZjCw=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.21/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "S+8F+yxSQvjjoU44LRYqRv1YulqmOKumUtYo/YIh7X8=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.22/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "/dIW7K49vB9HOghFeXvcY7wu2utQltuv6RfgCbxZwlk=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.23/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "89rjQXNcyCRUCihqfqcOnctWmhiNR8snpRFF6dyHAmk=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.24/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "adaWtboVz3UhpNBKFirs7slbU2+Y3GaV5yS2EoafwVU=";
         }
-	      {
+        {
           allowedIPs = [
             "192.168.2.5/32"
           ];
-	        persistentKeepalive = 25;
+          persistentKeepalive = 25;
           publicKey = "g5uTlA1IciXgtSbECjhVis0dajRAc53Oa7Hz6dUI+0Q=";
         }
+        {
+          allowedIPs = [
+            "192.168.2.6/32"
+          ];
+          persistentKeepalive = 25;
+          publicKey = "5ClF2HcqndpXS7nVgDn2unWFUYcKo5fbudV6xX2OIVE=";
+        }
       ];
       privateKeyFile = config.age.secrets.wireguard-private.path;
     };
diff --git a/modules/wireshark.nix b/modules/wireshark.nix
new file mode 100644
index 0000000..dd208ef
--- /dev/null
+++ b/modules/wireshark.nix
@@ -0,0 +1,5 @@
+{ config, pkgs, ... }:
+{
+    programs.wireshark.enable = true;
+    programs.wireshark.package = pkgs.wireshark;
+}
diff --git a/modules/wooting.nix b/modules/wooting.nix
new file mode 100644
index 0000000..7dcfda9
--- /dev/null
+++ b/modules/wooting.nix
@@ -0,0 +1,31 @@
+{ pkgs, lib, ...}:
+let 
+  wooting-udev = pkgs.stdenv.mkDerivation rec {
+    pname = "wooting-udev-rules";
+    version = "unstable-2023-03-31";
+
+    # Source: https://help.wooting.io/en/article/wootility-configuring-device-access-for-wootility-under-linux-udev-rules-r6lb2o/
+    src = [ ./wooting.rules ];
+
+    dontUnpack = true;
+
+    installPhase = ''
+      install -Dpm644 $src $out/lib/udev/rules.d/70-wooting.rules
+    '';
+
+    meta = with lib; {
+      homepage = "https://help.wooting.io/en/article/wootility-configuring-device-access-for-wootility-under-linux-udev-rules-r6lb2o/";
+      description = "udev rules that give NixOS permission to communicate with Wooting keyboards";
+      platforms = platforms.linux;
+      license = "unknown";
+      maintainers = with maintainers; [ davidtwco ];
+    };
+};
+in
+{ 
+  services.udev.packages = [ wooting-udev ];
+
+  environment.systemPackages = with pkgs; [
+    wootility
+  ];
+}
diff --git a/modules/wooting.rules b/modules/wooting.rules
new file mode 100644
index 0000000..690484f
--- /dev/null
+++ b/modules/wooting.rules
@@ -0,0 +1,12 @@
+# Wooting Two HE (ARM)
+SUBSYSTEM=="hidraw", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1230", MODE:="0666", GROUP="input"
+SUBSYSTEM=="usb", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1230", MODE:="0666", GROUP="input"
+# Wooting Two HE Alt-gamepad mode
+SUBSYSTEM=="hidraw", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1231", MODE:="0666", GROUP="input"
+SUBSYSTEM=="usb", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1231", MODE:="0666", GROUP="input"
+# Wooting Two HE 2nd Alt-gamepad mode
+SUBSYSTEM=="hidraw", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1232", MODE:="0666", GROUP="input"
+SUBSYSTEM=="usb", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="1232", MODE:="0666", GROUP="input"
+
+# Wooting Two HE (ARM) update mode
+SUBSYSTEM=="hidraw", ATTRS{idVendor}=="31e3", ATTRS{idProduct}=="123f", MODE:="0666", GROUP="input"
diff --git a/secrets/coturn-secret.age b/secrets/coturn-secret.age
new file mode 100644
index 0000000..d27aeef
Binary files /dev/null and b/secrets/coturn-secret.age differ
diff --git a/server/secrets/create_secrets.md b/secrets/create_secrets.md
similarity index 100%
rename from server/secrets/create_secrets.md
rename to secrets/create_secrets.md
diff --git a/secrets/duckdns.age b/secrets/duckdns.age
new file mode 100644
index 0000000..232f847
--- /dev/null
+++ b/secrets/duckdns.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 yfCCMw bknEVINSpmzqbs669XXGW10WlRU2eYqM21nCra4Grm0
+UH/rieabfARVLfMojUzRpMV8OgQQegmkERr3OsudizI
+-> ssh-ed25519 IV3DkQ ae0X4te6ZevvoybUP20LgE4ymTiisoBMfrZQBm0LHEo
+f9VxOHjo6W349d/T9DuH0KbQRHj+EXa+yascxnG/oEA
+-> ssh-ed25519 DCzi1A vBpgN1TwpEv+mJNIMoHitLshG0q1RDTz3WrvRbRGnno
+Nc9I8WWXDDzCfOHkcbhqXjk0Fvp23f8QxiW6bdPix3Q
+-> 5-grease ;gX' KVd. S[Du |%f:LC8
+g5R1yuzS9892Jf0N+RsaVg77389vLxeowKKcD/PM962AMYCe4iHdCw
+--- u/d/x8qCopx23d4TiecnfbaL+l+JJu5i+yJqmU6XH/c
+4��n�~�Xv�6��j�80���}	_�=$H@�u�{�q���/��^+vԹ�Oy���E�p�K3��L��Z
\ No newline at end of file
diff --git a/secrets/github-runner-pw.age b/secrets/github-runner-pw.age
new file mode 100644
index 0000000..793ffa1
Binary files /dev/null and b/secrets/github-runner-pw.age differ
diff --git a/secrets/github-runner-token.age b/secrets/github-runner-token.age
new file mode 100644
index 0000000..69edd0d
Binary files /dev/null and b/secrets/github-runner-token.age differ
diff --git a/secrets/kavita.age b/secrets/kavita.age
new file mode 100644
index 0000000..9056647
--- /dev/null
+++ b/secrets/kavita.age
@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 yfCCMw jL+B4j2QGanksP4x+jj0ZeAe57ufHIqURXGoaB1rqWE
+Q2wNCrQ/TiAIRkb9p7MMLo7SmOVpsMkO4AEQkSAPHpc
+-> ssh-ed25519 IV3DkQ jfdSR8lRuMlFrVxMg+6P37kVS9v3zvxKGO2R90t8XGs
+gLP7UsYyY/HnPJpXB9z9mtc/8GfSpGZhSf16voFKaaE
+-> ssh-ed25519 DCzi1A Ks6trkFOVgidCX+LFkxCMQ6xPBz6/dXc3CfiijhMwE4
+joziP64UOp0WIywkum11BLMiwR3Gc+AFNRsFXxU/AiU
+-> |3-grease dr@v"
+6c/WH73DJlanYVJtocLLZ4MjsFVFHc0jg2HKxEh90m4rymXWlmucnXU5tuVkAKuF
+ngzhdErYIbRk7C9Bc0otbi8KbqzD7jrHUA
+--- mxzTEu81P3EeKZoa8/817c1hj6sVgO20YyViBxHbGWs
+�����d�g\�a�
���I��4g��/6F���zO˳'vR\�J��h�vF+��#�W�f�1i��;2m����
\ No newline at end of file
diff --git a/secrets/matrix-registration.age b/secrets/matrix-registration.age
new file mode 100644
index 0000000..046ca6b
--- /dev/null
+++ b/secrets/matrix-registration.age
@@ -0,0 +1,12 @@
+age-encryption.org/v1
+-> ssh-ed25519 yfCCMw xrDKLBFHoh635bYYw5FlL2WnRPzzEM5EFIipjunDQ3A
+Wfkj09/KylBGszWXViglOfQnzEPy2JhOqyq6/cDXqiI
+-> ssh-ed25519 IV3DkQ +F9cs8sm432eoBD3sshRyo1GIy8/YwdanqRX/c4Y7B8
+LHpRwgpI2Np9iDvJQIb6khmWJqehHFetw2DjthvWN5E
+-> ssh-ed25519 DCzi1A PVEn4M1Q0P6HOWLUHQ0g1oFwWwrfhKkc0ptBSPVvoDk
+VXDdSofM0bMv5Rh8dHkboL/+cq8yQbvK/SZkwOaEQzY
+-> (-grease >Tbe
+9FPVr0dmrUWP7dKYoJ3tlegb7knPZlUTRFrZ3trG7Lwv30NHSYnMLtxSj3aushEM
+Izg
+--- FC8cLZftv1tiIbIr5c0gM/Gllni1PBt06Pl5HaZw520
+�����N�ꘜe�Ǡ�H��&��C��0�[`�=�*:&� �i/
*V�"+�}:
�k^Y��&�����/�d~ʬD�^�M�6:��)��	�3����X�3s�e#��#!�/��ʐH.��f�������~	�{2�2t��R�X{$[r(�[Cj{��G#V�bl���:�v�˛
\ No newline at end of file
diff --git a/secrets/nextcloud-admin.age b/secrets/nextcloud-admin.age
new file mode 100644
index 0000000..3f0a5e0
Binary files /dev/null and b/secrets/nextcloud-admin.age differ
diff --git a/secrets/nextcloud-cert.age b/secrets/nextcloud-cert.age
new file mode 100644
index 0000000..37a12ac
Binary files /dev/null and b/secrets/nextcloud-cert.age differ
diff --git a/secrets/nextcloud-key.age b/secrets/nextcloud-key.age
new file mode 100644
index 0000000..ca2d4a7
Binary files /dev/null and b/secrets/nextcloud-key.age differ
diff --git a/secrets/paperless.age b/secrets/paperless.age
new file mode 100644
index 0000000..1b9364c
Binary files /dev/null and b/secrets/paperless.age differ
diff --git a/secrets/restic-gdrive.age b/secrets/restic-gdrive.age
new file mode 100644
index 0000000..660992f
Binary files /dev/null and b/secrets/restic-gdrive.age differ
diff --git a/secrets/restic-pw.age b/secrets/restic-pw.age
new file mode 100644
index 0000000..2064b01
Binary files /dev/null and b/secrets/restic-pw.age differ
diff --git a/secrets/restic-s3.age b/secrets/restic-s3.age
new file mode 100644
index 0000000..e8687bb
Binary files /dev/null and b/secrets/restic-s3.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
new file mode 100644
index 0000000..e0bfc1c
--- /dev/null
+++ b/secrets/secrets.nix
@@ -0,0 +1,23 @@
+let
+  kop = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFeP6qtVqE/gu72ZUZE8cdRi3INiUW9NqDR7SjXIzTw2 lukas@Kopatz-PC2";
+  nix-test-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMVqEb1U1c9UX3AF8otNyYKpIUMjc7XSjZY3IkIPGOqi root@server";
+  server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAUA7uVKXAF2UcwaIDSJP2Te8Fi++2zkKzSPoRx1vQrI root@server";
+  users = [ kop ];
+  systems = [ nix-test-vm server ];
+in
+{
+  "github-runner-token.age".publicKeys = [ nix-test-vm server kop ];
+  "github-runner-pw.age".publicKeys = [ nix-test-vm server kop ];
+  "duckdns.age".publicKeys = [ nix-test-vm server kop ];
+  "nextcloud-admin.age".publicKeys = [ nix-test-vm server kop ];
+  "nextcloud-cert.age".publicKeys = [ nix-test-vm server kop ];
+  "nextcloud-key.age".publicKeys = [ nix-test-vm server kop ];
+  "restic-pw.age".publicKeys = [ nix-test-vm server kop ];
+  "restic-s3.age".publicKeys = [ nix-test-vm server kop ];
+  "restic-gdrive.age".publicKeys = [ nix-test-vm server kop ];
+  "wireguard-private.age".publicKeys = [ nix-test-vm server kop ];
+  "coturn-secret.age".publicKeys = [ nix-test-vm server kop ];
+  "matrix-registration.age".publicKeys = [ nix-test-vm server kop ];
+  "paperless.age".publicKeys = [ nix-test-vm server kop ];
+  "kavita.age".publicKeys = [ nix-test-vm server kop ];
+}
diff --git a/server/secrets/selfsigned-cert.sh b/secrets/selfsigned-cert.sh
similarity index 100%
rename from server/secrets/selfsigned-cert.sh
rename to secrets/selfsigned-cert.sh
diff --git a/secrets/wireguard-private.age b/secrets/wireguard-private.age
new file mode 100644
index 0000000..28b3005
--- /dev/null
+++ b/secrets/wireguard-private.age
@@ -0,0 +1,11 @@
+age-encryption.org/v1
+-> ssh-ed25519 yfCCMw HoX1AI2rIYDJbfKRDRXr1ZRsNM1OVRVrr0XRnBD29FQ
+aM3HP0kxq9ACb2TFcb7f9rxKXFoT2Y9nEjL+XD3nHIM
+-> ssh-ed25519 IV3DkQ EKn/xr5EWEev3stYXDGrzfLtwt2thJ+34e5eP1v4l0g
+raaOM6zpmokVCBKNWx9xHpsQJSpTbHHQeRbz2+wC3+0
+-> ssh-ed25519 DCzi1A mVLJ1c2e1UOsTuDCKIwLliBz3OVBH8vGp/gICb8cyQY
+dXok0Tr56SdW5sf74IYk7rDnim/s7vZI/PZIGKvNuaM
+-> ;mHckk.i-grease [&? MW78 %Ee4m
+LebJ6ZshTkkY+fM5zI/sbQzGpcKN5oGiEu5tWSPnmeQQxJrjT7Utqf3KAfI
+--- 6HedZR4VvouzHmjeV9DY6BsybKcainxK9fro9MSjpxg
+h��q��<3�:7{,�9'�����w�(FVGuLAA0�̽��a|��Kw�?��!\Z�-\��$���6y�֧�x�
\ No newline at end of file
diff --git a/server/flake.lock b/server/flake.lock
deleted file mode 100644
index f112919..0000000
--- a/server/flake.lock
+++ /dev/null
@@ -1,145 +0,0 @@
-{
-  "nodes": {
-    "agenix": {
-      "inputs": {
-        "darwin": "darwin",
-        "home-manager": "home-manager",
-        "nixpkgs": "nixpkgs"
-      },
-      "locked": {
-        "lastModified": 1696775529,
-        "narHash": "sha256-TYlE4B0ktPtlJJF9IFxTWrEeq+XKG8Ny0gc2FGEAdj0=",
-        "owner": "ryantm",
-        "repo": "agenix",
-        "rev": "daf42cb35b2dc614d1551e37f96406e4c4a2d3e4",
-        "type": "github"
-      },
-      "original": {
-        "owner": "ryantm",
-        "repo": "agenix",
-        "type": "github"
-      }
-    },
-    "darwin": {
-      "inputs": {
-        "nixpkgs": [
-          "agenix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1673295039,
-        "narHash": "sha256-AsdYgE8/GPwcelGgrntlijMg4t3hLFJFCRF3tL5WVjA=",
-        "owner": "lnl7",
-        "repo": "nix-darwin",
-        "rev": "87b9d090ad39b25b2400029c64825fc2a8868943",
-        "type": "github"
-      },
-      "original": {
-        "owner": "lnl7",
-        "ref": "master",
-        "repo": "nix-darwin",
-        "type": "github"
-      }
-    },
-    "home-manager": {
-      "inputs": {
-        "nixpkgs": [
-          "agenix",
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1682203081,
-        "narHash": "sha256-kRL4ejWDhi0zph/FpebFYhzqlOBrk0Pl3dzGEKSAlEw=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "32d3e39c491e2f91152c84f8ad8b003420eab0a1",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
-    "home-manager_2": {
-      "inputs": {
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1695108154,
-        "narHash": "sha256-gSg7UTVtls2yO9lKtP0yb66XBHT1Fx5qZSZbGMpSn2c=",
-        "owner": "nix-community",
-        "repo": "home-manager",
-        "rev": "07682fff75d41f18327a871088d20af2710d4744",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "ref": "release-23.05",
-        "repo": "home-manager",
-        "type": "github"
-      }
-    },
-    "nixpkgs": {
-      "locked": {
-        "lastModified": 1677676435,
-        "narHash": "sha256-6FxdcmQr5JeZqsQvfinIMr0XcTyTuR7EXX0H3ANShpQ=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "a08d6979dd7c82c4cef0dcc6ac45ab16051c1169",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "nixos-unstable",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "nixpkgs-unstable": {
-      "locked": {
-        "lastModified": 1698924604,
-        "narHash": "sha256-GCFbkl2tj8fEZBZCw3Tc0AkGo0v+YrQlohhEGJ/X4s0=",
-        "owner": "NixOS",
-        "repo": "nixpkgs",
-        "rev": "fa804edfb7869c9fb230e174182a8a1a7e512c40",
-        "type": "github"
-      },
-      "original": {
-        "id": "nixpkgs",
-        "ref": "nixos-unstable",
-        "type": "indirect"
-      }
-    },
-    "nixpkgs_2": {
-      "locked": {
-        "lastModified": 1698942558,
-        "narHash": "sha256-/UmnB+mEd6Eg3mJBrAgqRcyZX//RSjHphcCO7Ig9Bpk=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "621f51253edffa1d6f08d5fce4f08614c852d17e",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-23.05",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
-    },
-    "root": {
-      "inputs": {
-        "agenix": "agenix",
-        "home-manager": "home-manager_2",
-        "nixpkgs": "nixpkgs_2",
-        "nixpkgs-unstable": "nixpkgs-unstable"
-      }
-    }
-  },
-  "root": "root",
-  "version": 7
-}
diff --git a/server/flake.nix b/server/flake.nix
deleted file mode 100644
index e322a42..0000000
--- a/server/flake.nix
+++ /dev/null
@@ -1,58 +0,0 @@
-{
-  description = "A very basic flake";
-  inputs = {
-      # secrets management
-      agenix.url = "github:ryantm/agenix";
-      nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
-      nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
-      home-manager = {
-        url = "github:nix-community/home-manager/release-23.05";
-        inputs.nixpkgs.follows = "nixpkgs";
-      };
-  };
-  outputs = { self, nixpkgs, nixpkgs-unstable, agenix, home-manager }@inputs:
-    let
-      system = "x86_64-linux";
-      overlay-unstable = final: prev: {
-        unstable = nixpkgs-unstable.legacyPackages.${prev.system};
-      };
-    in {
-    nixosConfigurations.server = nixpkgs.lib.nixosSystem {
-      inherit system;
-      modules = [ 
-        ./modules/static-ip-server.nix
-        ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
-        ./configuration.nix 
-        ./modules/hdd-spindown.nix
-        ./modules/motd.nix
-        ./modules/postgres.nix
-        ./modules/fail2ban.nix
-        ./modules/nix-settings.nix
-        ./modules/adguard.nix
-        ./modules/git.nix
-        #./modules/vmware-guest.nix
-        ./modules/github-runner.nix
-        ./modules/synapse.nix
-
-        ./modules/nextcloud.nix
-	#./modules/coturn.nix
-
-        ./modules/acme.nix
-        ./modules/samba.nix
-        ./modules/backup.nix
-        ./modules/nginx.nix
-        ./modules/ssh.nix
-        ./modules/rdp.nix
-        ./modules/docker.nix
-        ./modules/wireguard.nix
-        ./modules/cron.nix
-        ./modules/paperless.nix
-        #./modules/dyndns.nix i think ddclient is deprecated
-        #./modules/home-assistant.nix idk dont like this
-        home-manager.nixosModules.home-manager
-        agenix.nixosModules.default
-      ];
-      specialArgs = { inherit inputs; };
-    };
-  };
-}
diff --git a/server/modules/nginx.nix b/server/modules/nginx.nix
index 47f5075..e69de29 100644
--- a/server/modules/nginx.nix
+++ b/server/modules/nginx.nix
@@ -1,89 +0,0 @@
-{
-    networking.firewall.allowedTCPPorts = [ 80 443 ];
-
-    systemd.tmpfiles.rules = [
-        "d /data 0770 github-actions-runner nginx -"
-        "d /data/website 0770 github-actions-runner nginx -"
-    ];
-
-    services.nginx = {
-        enable = true;
-
-        # Use recommended settings
-        recommendedGzipSettings = true;
-        recommendedOptimisation = true;
-        recommendedProxySettings = true;
-        recommendedTlsSettings = true;
-
-        # Only allow PFS-enabled ciphers with AES256
-            sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
-
-        # Setup Nextcloud virtual host to listen on ports
-        virtualHosts = {
-            "kopatz.ddns.net" = {
-                #serverAliases = [
-                #    "www.kopatz.ddns.net"
-                #    "server.home"
-                #    "server.local"
-                #    "192.168.0.6"
-                #];
-                root = "/data/website";
-                forceSSL = true;
-                enableACME = true;
-                locations."~* \\.(jpg)$".extraConfig= ''
-                    add_header Access-Control-Allow-Origin *;
-                '';
-                locations."~ ^/(stash|resources|css)".extraConfig=''
-                	client_max_body_size    5000M;
-                	proxy_redirect          off;
-                	proxy_set_header        Host $host;
-                	proxy_set_header        X-Real-IP $remote_addr;
-                	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
-                	proxy_set_header        X-Forwarded-Proto $scheme;
-                	proxy_set_header        X-NginX-Proxy true;
-                	proxy_pass http://localhost:5091;
-                '';
-		        locations."/tracker-site" = {
-			        tryFiles = "$uri $uri/ /tracker-site/index.html =404";
-		        };
-                locations."/tracker-site/api" = {
-                    extraConfig =''
-                        rewrite /tracker-site/api/(.*) /$1 break;
-                    '';
-                    proxyPass = "http://127.0.0.1:8080";
-                };
-            },
-            #discord bot for tracking useractivity public version 
-            "activitytracker.site" = {
-                root = "/data/website";
-                forceSSL = true;
-                enableACME = true;
-                locations."~* \\.(jpg)$".extraConfig= ''
-                    add_header Access-Control-Allow-Origin *;
-                '';
-                locations."~ ^/(stash|resources|css)".extraConfig=''
-                	client_max_body_size    5000M;
-                	proxy_redirect          off;
-                	proxy_set_header        Host $host;
-                	proxy_set_header        X-Real-IP $remote_addr;
-                	proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
-                	proxy_set_header        X-Forwarded-Proto $scheme;
-                	proxy_set_header        X-NginX-Proxy true;
-                	proxy_pass http://localhost:5092;
-                '';
-		        locations."/" = {
-			        tryFiles = "$uri $uri/ /tracker-site/index.html =404";
-		        };
-                locations."/api" = {
-                    extraConfig =''
-                        rewrite /api/(.*) /$1 break;
-                    '';
-                    proxyPass = "http://127.0.0.1:8080";
-                };
-            };
-            "adguard.local" = {
-                locations."/".proxyPass = "http://127.0.0.1:3000";
-            }; 
-        };
-    };
-}
diff --git a/server/modules/rdp.nix b/server/modules/rdp.nix
deleted file mode 100644
index fe75f13..0000000
--- a/server/modules/rdp.nix
+++ /dev/null
@@ -1,5 +0,0 @@
-{
-    services.xrdp.enable = true;
-    services.xrdp.defaultWindowManager = "startplasma-x11";
-    services.xrdp.openFirewall = true;
-}
\ No newline at end of file
diff --git a/server/modules/ssh.nix b/server/modules/ssh.nix
deleted file mode 100644
index 128517a..0000000
--- a/server/modules/ssh.nix
+++ /dev/null
@@ -1,15 +0,0 @@
-{
-    networking.firewall.allowedTCPPorts = [ 22 ];
-    services.openssh = {
-        enable = true;
-        settings.PasswordAuthentication = false;
-        settings.KbdInteractiveAuthentication = false;
-        settings.PermitRootLogin = "no";
-        settings.X11Forwarding = true;
-    };
-
-    users.users.anon.openssh.authorizedKeys.keys = [
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDb14svyGa2WprTNrtaI5yRl9KP+wzmLueFsHQww0Y6D2CZ5ZEEwoGFg7PrjWzVa/tXYn5AO1ng5eMCRbZPjtX03of448HTAEV8B0BFV9BuemoIBf14TRZ6lhGfQvD7BlTVZ5jKGUUJBfRdf0CZ8Ed5dk77u0xGV8+p3dYAQXowOmOyYFiDg6baKQcLM5Pz2zVxK1GySehEJ4n7GYNjyv7hJhfWMbaE10rIB0V0TuM8yeYvBvIxfGfMzlm4izOHbuSYR1v6RCuQKn1JOQiYqAkYCsXG/4XssMXpl2KxGvp67OJNotIHzap8zRDr7KH8Sk8jHuBFCnqbxDEqzs72Qtan Kopatz@Kopatz-PC"
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCsicFT8H/XHR3c0nN6f3dmChxLlkIYalUEQPqP2qROkX7Na6cMXoFiRvegvVPBCgR+DKagp7G2fttZVZ51yBBZ4G/rzDMgKIFgTDNaDeyGWx2n2zCHM5/wletoqTU6ezOUKOEvOfpsZnpcUqVmYtxlrMpakItrtSO+5mawlTKiDTqtazxLfFuyQFzlXVfVcJacxEupd+Ilmp8Y/e8pp6+jGYZ9asNuQKuGDaCepkhsPEGq/cK9AqaATdx/F81H1metV+kf6A3eDlcyzZy+x41GSofiR6HFgUzYafe5uddMVtL7JIKHHPQVpMMqPxkD3tphozh0fq3C9v8aThcqkvoU9eFD7PcN+8U6guA6Qf7cysGXb3pnvrfSeKGlxxpUAxLcpHlJnP66c7/TVRe2buAYFQqykrmRmJfLwqpY2UHoshpcGTwULslEHCMC5/wgc3BPgVGUB148d7F36bS1jTJlRGqwzf712CKnwW122xTZawgybrr8A5Q/bSRFtpz5wys= kopatz@Kopatz-PC2"
-    ];
-}
diff --git a/server/secrets/coturn-secret.age b/server/secrets/coturn-secret.age
deleted file mode 100644
index 216ee08..0000000
--- a/server/secrets/coturn-secret.age
+++ /dev/null
@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw 4ZpkTSszkAJIbBs211PZAuWyYlsbYGx+kh+fIa/X8Q4
-zlDBNm+2ykfiugTcPWGgLKsBBCVRDiLkp/GSX8stVnQ
--> ssh-ed25519 IV3DkQ jvo0WmLvaOpAHASPs5Qb4HblklPs7l+wuiZIIapbm2c
-KiPkiZMwPF4q5s2Ity1DBiPxDrEpMNEW6p9P7DOBVIY
--> NJJFW+-grease
-vUz0h2kED8aYuu4hT4AJw89LzscD0jiKUVlkrhO0IN7n5do6dUkXm5h7wNwnybTl
-FoV3HBxV3xAr6tD++Uv8/ej/XqG0jBhd
---- h2fQyC4ajeEOyuzxzt7gf23wJMBoLQSXcc8uKewGyuY
-ը�UD6j==(��>8��"#�d�`�ԆbmU��߭kk&䛦��D��譀�`1m?W�Ө���L�jְ��5{���L�ϩ��.����D��:v��tQ�K
\ No newline at end of file
diff --git a/server/secrets/duckdns.age b/server/secrets/duckdns.age
deleted file mode 100644
index e549b8b..0000000
--- a/server/secrets/duckdns.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw qWHcQHXaRWumJlWydl0VLTNR2y4j5uVb3Sbjb0iO9Hk
-LrQOKE3+nYVEM9cg3gT+nInpdTBocmVXSBSD7EBb1MQ
--> ssh-ed25519 IV3DkQ QR2R+mQSrk0UBV4GSATs0NQkkgbQzFai7ms5xQX3RTc
-sndWMq89BmXeoyE+le7tHJQ6oSjzfhCbas5EpcJIzdc
--> 2/3Ux/5c-grease k;>AI5|g &JI / .{c
-kY1TBMB2l6gMU+1aHPbBTCad537N1aa8d0Wi8bYGMmeC9+8PV18a
---- eKaZ9bddh3SF6hitwAHBldIFpUh3s2R6pI9eDstHdk8
-�E��g�v:����!���OGy��g�%ӂĬ
"��C�Yhr�1�+&-\&r��f<ܣIB�4�v/��
\ No newline at end of file
diff --git a/server/secrets/github-runner-pw.age b/server/secrets/github-runner-pw.age
deleted file mode 100644
index ff4d8ab..0000000
--- a/server/secrets/github-runner-pw.age
+++ /dev/null
@@ -1,11 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw wQOSX5WnvkxmKl4xtbD62v312Sj9/g7SoMfQVdS1Q0o
-Vv0byaVj1ptj08mDoEI6Go6h55gPVj1Gb0YJc+KhzuM
--> ssh-ed25519 IV3DkQ cAZHkdeXW2UyjIamz0Ab/NQhWhlxwFrj951KIVIRjyw
-AV4rahLaZVem+nQDMIv6kMeIhjUAc7/F1wO20g89Eyk
--> e'`r-grease 5rS.MW
-/smMPjLrxnS0QF2hU6axJMQlD0m8t9L15JK2CilAElDNVwMf35aynhvQqvCiQ3Sv
-ueSLjeLVmEc8QZLORIFUabQAh59QqK3NCm/FVYSLwVZimytMH4/QksjN
---- mSjoAgLw84jJjQYlOf9ZfAvjw8b/2LFA55pM2uYEl2U
-����c�س:I����:Z{��E@�H���~�Oma�
-���a�A��<yR]& �_$|�6Rq�88ʑY���&� �<5�]B�D/�6����m��!�4n
\ No newline at end of file
diff --git a/server/secrets/github-runner-token.age b/server/secrets/github-runner-token.age
deleted file mode 100644
index 6338b90..0000000
--- a/server/secrets/github-runner-token.age
+++ /dev/null
@@ -1,12 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw rvIxniIy9V9MEusfISoYDZACLPHWIXlpeTDCsXhbxQ4
-Fh5jIyimXuB1xwfsYS5TeTI5yXPxF9K/M7YlBW9DSMw
--> ssh-ed25519 IV3DkQ XzdSfWvjKSu6RiUV5BWvOasK6QFB2uOHybtYEYnDnwg
-BhtquDcngJfnGhfb4kHgfuQAZyXLKzm8518zXvwki0o
--> 'Xd:O-grease sG
-Z4FSpQUYvPvA3YAf9NoXPQ30KwLYEL0XNJLXtbGESfllNc7cM5tOTn+szfotRwVI
-3wGBWkTzE5g0rfLhVGUybFJIlMguXvZVl2EQ
---- xu2w56OhLGufb9mMXZQ/8Y/xTD0Ke8Yvf8h6zVE0p7g
-�J�$��C7�
-�ͥ�F���E
-I+�
�*P���閅��܋�
��i��0���ǬP�L���,r
\ No newline at end of file
diff --git a/server/secrets/matrix-registration.age b/server/secrets/matrix-registration.age
deleted file mode 100644
index ff89fcd..0000000
--- a/server/secrets/matrix-registration.age
+++ /dev/null
@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw cm1Rv6pG2jv5YL2a3jejL3oHyp3w5AdOOkPUuC1RiTQ
-OPfb5CCkGwV1wBjxSM63i7YSWzwZrwh2GbIaIMgbnLo
--> ssh-ed25519 IV3DkQ mqIItqMdUx2rypN38qZc2MluanXzEyW82BoRvJRnmgE
-FiODCU94Dv0MRhhMjcRxtM8vSzcfWbCiQza6P3iRFK0
--> .H0wQ-grease /9 WqdeDrv> )IMX{vvR >^?
-AY2rOa0e0RS1
---- rQj2qpVKjSI/ptv2PUp2kMoAtko06QQw64Fgx46/10s
-�f�_�A�h��f���خފ��fg~sv����&L�Ip�,Cy-9Ϫ�R�i
-D%Y와N3Y!�>�����	�4�U��#�Ii(�`�c.�U���.���T#��wN�����l^x�$�Ń���-_�L[6����B����2�&�vq�X����|wo��B�P�'��RhOD>ŷ��ľI��W
\ No newline at end of file
diff --git a/server/secrets/nextcloud-admin.age b/server/secrets/nextcloud-admin.age
deleted file mode 100644
index 704bd12..0000000
--- a/server/secrets/nextcloud-admin.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw mo8zrkfdjLd7ojLCZZ8XL0fDQwr4Z5t8pqnbmXykXxQ
-bpPiBgz/w14vqnvS8YuXJTo1pDuqdbHEfqXEgdHXs0Q
--> ssh-ed25519 IV3DkQ 3IzYm/7tlIH4hQs2M1fqkeoz7mKw5idUHm6z5TaHTxw
-BHnYTqatni/UzwBJSghGiXqWUwuPpHW4HBVjjP1UXjI
--> 9/q5f-grease 3j `{O $R )*.
-NPSQgfHqIJIHr8herACNiV+BwRf03K8G8RBDb5/6oZym
---- QTd5uVu6AZspmxpuZ7w32gyICcrKQKkP1www6qnjoDw
-��;ު͒�O�P��@!���!½�b
�6�~$�>/Υ[�e0���+S�	6O?�p����WN��i�[���(L��0�B
\ No newline at end of file
diff --git a/server/secrets/nextcloud-cert.age b/server/secrets/nextcloud-cert.age
deleted file mode 100644
index b24c888..0000000
Binary files a/server/secrets/nextcloud-cert.age and /dev/null differ
diff --git a/server/secrets/nextcloud-key.age b/server/secrets/nextcloud-key.age
deleted file mode 100644
index 86b83aa..0000000
Binary files a/server/secrets/nextcloud-key.age and /dev/null differ
diff --git a/server/secrets/paperless.age b/server/secrets/paperless.age
deleted file mode 100644
index 3cfd675..0000000
Binary files a/server/secrets/paperless.age and /dev/null differ
diff --git a/server/secrets/restic-gdrive.age b/server/secrets/restic-gdrive.age
deleted file mode 100644
index 0bef43b..0000000
Binary files a/server/secrets/restic-gdrive.age and /dev/null differ
diff --git a/server/secrets/restic-pw.age b/server/secrets/restic-pw.age
deleted file mode 100644
index 0b85dd3..0000000
--- a/server/secrets/restic-pw.age
+++ /dev/null
@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw fr9bTdi5DqM3+gHEZLQeYv22HJTnafbicFi8kQxLU1I
-THTt5YssgKZyqTukphvhT/XLCp9EnWUoh2LLi1sv25E
--> ssh-ed25519 IV3DkQ 7m6HtNWFwXuVUPBr7GRbk+UopzQ8wdXOSyXL23B0xTE
-gXvUsoDrmB9tKRyFIX/ATOCej8hIvwHSuun9A9Q+i+8
--> nuYl73-grease nU#N,Cb8 jdR=c0` eKcsi
-G+zZUpeeSiaE8wkzK9tv80hj7wbZScXMbOVHaSYZeFhEfXhEJliFP60X2ZNQTkUG
-ArOKaDwOY/zByBc+Jf1P5JLZinVeTLBQRnBN+RrZE20
---- wL204i5S+VYFP+C7JwZsSWSXRC+a4FejQoxFGEnV5Io
-t�~�����?n�6f�Y@
��$D��B�ԇ��NG��^��\m�6c�A��h�^�lh;C���!^>t�S��9�
\ No newline at end of file
diff --git a/server/secrets/restic-s3.age b/server/secrets/restic-s3.age
deleted file mode 100644
index 090fd10..0000000
--- a/server/secrets/restic-s3.age
+++ /dev/null
@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw kIAiiVGrxQLT8tNcIehkSwAl0RIR8yCblKcJutHKfio
-LlI57U6z2Rmzau3yGP7GwgE7axUSHazMZB87CUuvZIo
--> ssh-ed25519 IV3DkQ Lig+2cAx34B1GK28qm8dxfcdjezyjHgusJW4i1JiLFM
-FPjcmohS8mLlNLhZsXXlYJB10nnUYZOJonnIQoxcfuY
--> T$pF-grease vM&|GOOo k"jB.( '3~O-3rS
-+sxTmNCBIo/fFeSCisPlgGYrIJNZVh/ykKig7UonRDBNYCIq9GoC8MViYEtTOcfF
-o13P+1O2apmVg84VclReTiEZOy96TgjUe8A6uc9+
---- ah7cAYBdupOvrBoaJx1m8fTmSceC5Cq/2PPQOvZRTGA
-�ޣ	?4��b�h��>m��;�"���e�G���N�������LD��I{e��\�W�-�ә`�S��;�2��Vyw�NW_�����U�F��S2C�XS<d�d���ѧxD�j��ۗT�.���K@��E"�
\ No newline at end of file
diff --git a/server/secrets/secrets.nix b/server/secrets/secrets.nix
deleted file mode 100644
index 5b356cd..0000000
--- a/server/secrets/secrets.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-let
-  nix-test-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMVqEb1U1c9UX3AF8otNyYKpIUMjc7XSjZY3IkIPGOqi root@server";
-  server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAUA7uVKXAF2UcwaIDSJP2Te8Fi++2zkKzSPoRx1vQrI root@server";
-  systems = [ nix-test-vm server ];
-in
-{
-  "github-runner-token.age".publicKeys = [ nix-test-vm server ];
-  "github-runner-pw.age".publicKeys = [ nix-test-vm server ];
-  "duckdns.age".publicKeys = [ nix-test-vm server ];
-  "nextcloud-admin.age".publicKeys = [ nix-test-vm server ];
-  "nextcloud-cert.age".publicKeys = [ nix-test-vm server ];
-  "nextcloud-key.age".publicKeys = [ nix-test-vm server ];
-  "restic-pw.age".publicKeys = [ nix-test-vm server ];
-  "restic-s3.age".publicKeys = [ nix-test-vm server ];
-  "restic-gdrive.age".publicKeys = [ nix-test-vm server ];
-  "wireguard-private.age".publicKeys = [ nix-test-vm server ];
-  "coturn-secret.age".publicKeys = [ nix-test-vm server ];
-  "matrix-registration.age".publicKeys = [ nix-test-vm server ];
-  "paperless.age".publicKeys = [ nix-test-vm server ];
-}
diff --git a/server/secrets/wireguard-private.age b/server/secrets/wireguard-private.age
deleted file mode 100644
index f8c9741..0000000
--- a/server/secrets/wireguard-private.age
+++ /dev/null
@@ -1,10 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 yfCCMw 8R//RguE7Om0PFjixliXpwEchVwPcm9COYTz7TIZxTE
-81yMA9B/T6tbZfw6mU4TlYfCd6BEUC3UlBz1hNUXZ30
--> ssh-ed25519 IV3DkQ 0kS9JOiAPfLi8Zoj6BM0pVwSmDr+BnWvIh7rGwZ21G0
-jbMIkFk8DEQ2tWgOWho1JrZkwKWW93GW9dzS3fTKMF4
--> $ByN}E,-grease O$8`|NT 17d} %u)^D-
-x6SEG984W9vUAb0FCiZP0R4kQkYFOr3BGLpHP8HF8fj9LHWwxNb3PrntcOPJuvf7
-oep4FMyBFHchh6RhyrdRlOf6hCLnmybNKzs
---- fCozYj+thQdIGXzdVLgLpLup9CI0QIEdgoMxfFVHGgs
-��WV�o�E�il3���z`�������	,�o
��e-��Z�Ato�Ok�@1�b�.U�NrB��zrZY����
\ No newline at end of file
diff --git a/server/users/anon.nix b/server/users/anon.nix
deleted file mode 100644
index b9f27af..0000000
--- a/server/users/anon.nix
+++ /dev/null
@@ -1,40 +0,0 @@
-{ pkgs, inputs, ... }:
-{
-  imports = [ ./home-manager/nvim.nix ];
-  home-manager = {
-    useGlobalPkgs = true;
-    extraSpecialArgs = {
-      inherit inputs;
-      headless = false;
-    };
-    useUserPackages = true;
-    users.anon = {
-      programs.zsh = {
-        enable = true;
-        enableCompletion = true;
-        enableAutosuggestions = true;
-        shellAliases = {
-            ll = "ls -l";
-            update = "sudo nixos-rebuild switch";
-        };
-        oh-my-zsh = {
-          enable = true;
-          plugins = [ "git" ];
-          theme = "eastwood";
-        };
-      };
-      home.stateVersion = "23.05";
-    };
-  };
-  
-  programs.zsh.enable = true;
-  users.users.anon = {
-    isNormalUser = true;
-    description = "anon";
-    shell = pkgs.zsh;
-    extraGroups = [ "networkmanager" "wheel" "docker" ];
-    packages = with pkgs; [
-      firefox
-    ];
-  };
-}
diff --git a/server/users/home-manager/nvim.nix b/server/users/home-manager/nvim.nix
deleted file mode 100644
index bbc7548..0000000
--- a/server/users/home-manager/nvim.nix
+++ /dev/null
@@ -1,45 +0,0 @@
-{
-  home-manager.users.anon = { pkgs, ...}: {
-    programs.neovim = {
-      enable = true;
-      defaultEditor = true;
-      viAlias = true;
-      vimAlias = true;
-
-      plugins = with pkgs.vimPlugins; [
-        (nvim-treesitter.withAllGrammars)
-      ];
-      extraPackages = with pkgs;
-        [];
-      extraConfig = ''
-       set autoindent expandtab tabstop=4 shiftwidth=4
-       set clipboard=unnamed
-       syntax on
-       set cc=80
-       colorscheme habamax
-       set list
-       set listchars=tab:→\ ,space:·,nbsp:␣,trail:•,precedes:«,extends:»
-      '';
-      coc.enable = true;
-      coc.settings = ''
-        "suggest.noselect" = true;
-        "suggest.enablePreview" = true;
-        "suggest.enablePreselect" = false;
-        "suggest.disableKind" = true;
-        "languageserver": {
-            "nix": {
-            "command": "${pkgs.nil}/bin/nil",
-            "filetypes": ["nix"],
-            "rootPatterns":  ["flake.nix"],
-            // Uncomment these to tweak settings.
-            // "settings": {
-            //   "nil": {
-            //     "formatting": { "command": ["nixpkgs-fmt"] }
-            //   }
-            // }
-            }
-        }
-      '';
-    };
-  };
-}
diff --git a/systems/laptop/userdata.nix b/systems/laptop/userdata.nix
new file mode 100644
index 0000000..b07d4a5
--- /dev/null
+++ b/systems/laptop/userdata.nix
@@ -0,0 +1,7 @@
+
+{
+  interface = "enp10s0u1u2";
+  ipv4 = "192.168.0.4";
+  dns = "192.168.0.6";
+  wm = "gnome-shell";
+}
diff --git a/systems/pc/configuration.nix b/systems/pc/configuration.nix
new file mode 100644
index 0000000..3b7d477
--- /dev/null
+++ b/systems/pc/configuration.nix
@@ -0,0 +1,127 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+    ];
+
+  # Bootloader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  # Enable OpenGL
+  hardware.opengl = {
+    enable = true;
+    driSupport = true;
+    driSupport32Bit = true;
+  };
+
+  services.xserver.videoDrivers = ["nvidia"];
+  hardware.nvidia = {
+    # Modesetting is required.
+    modesetting.enable = true;
+    # Nvidia power management. Experimental, and can cause sleep/suspend to fail.
+    powerManagement.enable = false;
+    # Fine-grained power management. Turns off GPU when not in use.
+    # Experimental and only works on modern Nvidia GPUs (Turing or newer).
+    powerManagement.finegrained = false;
+    # Use the NVidia open source kernel module (not to be confused with the
+    # independent third-party "nouveau" open source driver).
+    # Support is limited to the Turing and later architectures. Full list of 
+    # supported GPUs is at: 
+    # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus 
+    # Only available from driver 515.43.04+
+    # Currently alpha-quality/buggy, so false is currently the recommended setting.
+    open = false;
+    # Enable the Nvidia settings menu,
+	# accessible via `nvidia-settings`.
+    nvidiaSettings = true;
+    # Optionally, you may need to select the appropriate driver version for your specific GPU.
+    package = config.boot.kernelPackages.nvidiaPackages.stable;
+  };
+  networking.hostName = "kop-pc"; # Define your hostname.
+
+  # Enable networking
+  networking.networkmanager.enable = true;
+
+  # Set your time zone.
+  time.timeZone = "Europe/Vienna";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_AT.UTF-8";
+    LC_IDENTIFICATION = "de_AT.UTF-8";
+    LC_MEASUREMENT = "de_AT.UTF-8";
+    LC_MONETARY = "de_AT.UTF-8";
+    LC_NAME = "de_AT.UTF-8";
+    LC_NUMERIC = "de_AT.UTF-8";
+    LC_PAPER = "de_AT.UTF-8";
+    LC_TELEPHONE = "de_AT.UTF-8";
+    LC_TIME = "de_AT.UTF-8";
+  };
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+
+  # Configure keymap in X11
+  services.xserver = {
+    layout = lib.mkForce "de";
+    xkbVariant = lib.mkForce "us";
+  };
+
+  # Configure console keymap
+  console.keyMap = "de";
+
+  # Enable CUPS to print documents.
+  services.printing.enable = true;
+
+  # Enable sound with pipewire.
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    #jack.enable = true;
+
+    # use the example session manager (no others are packaged yet so this is enabled by default,
+    # no need to redefine it in your config for now)
+    #media-session.enable = true;
+  };
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  # services.xserver.libinput.enable = true;
+
+  # Enable automatic login for the user.
+  services.xserver.displayManager.autoLogin.enable = true;
+  services.xserver.displayManager.autoLogin.user = "kopatz";
+
+  # Allow unfree packages
+  nixpkgs.config.allowUnfree = true;
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
+  #  wget
+  ];
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+
+}
diff --git a/systems/pc/hardware-configuration.nix b/systems/pc/hardware-configuration.nix
new file mode 100644
index 0000000..b572ac4
--- /dev/null
+++ b/systems/pc/hardware-configuration.nix
@@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/dd65bdf8-c003-439c-a1aa-d050cb20959d";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/5AA5-45E0";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
diff --git a/server/configuration.nix b/systems/server/configuration.nix
similarity index 99%
rename from server/configuration.nix
rename to systems/server/configuration.nix
index 55c2b03..efc1fb1 100644
--- a/server/configuration.nix
+++ b/systems/server/configuration.nix
@@ -12,7 +12,6 @@ in{
   imports =
     [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
-      ./users/anon.nix
     ];
 
   # Bootloader.
@@ -97,6 +96,7 @@ in{
     wireguard-tools
     openssl
     unstable.e2fsprogs
+    mangal
   #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
   #  wget
   ];
diff --git a/server/hardware-configuration.nix b/systems/server/hardware-configuration.nix
similarity index 100%
rename from server/hardware-configuration.nix
rename to systems/server/hardware-configuration.nix
diff --git a/systems/server/userdata.nix b/systems/server/userdata.nix
new file mode 100644
index 0000000..1a0f376
--- /dev/null
+++ b/systems/server/userdata.nix
@@ -0,0 +1,13 @@
+{
+  interface = "enp0s31f6";
+  ipv4 = "192.168.0.6";
+  dns = "127.0.0.1";
+  wireguardIp = "192.168.2.1";
+  wm = "startplasma-x11";
+  udpRanges = [
+    #{
+    #  from = 52000;
+    #  to = 52100;
+    #}
+  ];
+}
diff --git a/server/wg-publickey b/systems/server/wg-publickey
similarity index 100%
rename from server/wg-publickey
rename to systems/server/wg-publickey
diff --git a/systems/wsl/configuration.nix b/systems/wsl/configuration.nix
new file mode 100644
index 0000000..2ee5e08
--- /dev/null
+++ b/systems/wsl/configuration.nix
@@ -0,0 +1,51 @@
+# Edit this configuration file to define what should be installed on
+# your system. Help is available in the configuration.nix(5) man page, on
+# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
+
+# NixOS-WSL specific options are documented on the NixOS-WSL repository:
+# https://github.com/nix-community/NixOS-WSL
+
+{ config, lib, pkgs, inputs, ... } : #nixos-wsl, ... }:
+
+{
+  imports = [
+    # include NixOS-WSL modules
+#   <nixos-wsl/modules>
+  ];
+
+  wsl = {
+    enable = true;
+    nativeSystemd = true;
+    startMenuLaunchers = true;
+    wslConf = {
+      automount.root = "/mnt";
+      user.default = lib.mkForce "anon";
+      interop = { enabled = false; appendWindowsPath = false;};
+    };
+  };
+
+  nix.optimise.automatic = true;
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 30d";
+  };
+  nix.settings.trusted-substituters = [ "https://ai.cachix.org" ];
+  nix.settings.trusted-public-keys = [ "ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc=" ];
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];  
+
+  environment.systemPackages = with pkgs; [
+    neofetch
+    openssh
+  ];
+
+  networking.hostName = "wsl";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It's perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.05"; # Did you read the comment?
+}
diff --git a/users/anon.nix b/users/anon.nix
new file mode 100644
index 0000000..f075a6e
--- /dev/null
+++ b/users/anon.nix
@@ -0,0 +1,58 @@
+{ pkgs, inputs, ... }:
+let 
+  user = "anon";
+in
+{
+  imports = [
+    (
+        import ./home-manager/nvim/nvim.nix ({ user="${user}"; pkgs=pkgs; })
+    )
+  ];
+  home-manager = {
+    useGlobalPkgs = true;
+    extraSpecialArgs = {
+      inherit inputs;
+      headless = false;
+    };
+    useUserPackages = true;
+    users.${user} = {
+      programs.git.enable = true;
+      programs.direnv = {
+        enable = true;
+        enableZshIntegration = true;
+        nix-direnv.enable = true;
+      };
+      programs.zsh = {
+        enable = true;
+        enableCompletion = true;
+        enableAutosuggestions = true;
+        shellAliases = {
+            ll = "ls -l";
+            update = "sudo nixos-rebuild switch";
+        };
+        oh-my-zsh = {
+          enable = true;
+          plugins = [ "git" ];
+          theme = "eastwood";
+        };
+      };
+      home.stateVersion = "23.05";
+    };
+  };
+  
+  programs.zsh.enable = true;
+  users.users.${user} = {
+    isNormalUser = true;
+    description = user;
+    shell = pkgs.zsh;
+    extraGroups = [ "networkmanager" "wheel" "docker" "wireshark"];
+    packages = with pkgs; [
+      firefox
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFeP6qtVqE/gu72ZUZE8cdRi3INiUW9NqDR7SjXIzTw2 lukas"
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCuRAKtoU5rjSbjDxlac6oAww/XHgsVRFHwIVnVm/TrTtDNqRyAkr6fIUiSKTHrpBPyJjIKCzkHS8QhbS2zZo4wjcgAyMyK33q/CzLs8DPQMWX0RKxR+OaVNwh90iWHr663a5x7ztTag3oPGOAYjeqCoIJWyQRlvIKflriJnAjWE8nvw4QkErpRWo4JJnhS61GQMrPT6VK0yXzq3zQs2t3cXTvGMmeLjBuluvJ6yiDk2bAGdY2UWnbs1y2M1TD3xn0pHzITeQnoWLfy+cwPHnEulciVqyr4pp6LDygmIPI1rxKAIQUnwo09n/A1eIcqlUo8aKy7ZDyrssuGWKZ/U4FC258NWwdUPbjyQvzNdcZjXC4+AmQTb+DwiECYOCfF7O/uRRqoFl7jfVfKqHJ7DKebt20QKwDCH/d5qfDs6xA0Krl2dgu3vePhsOkmpnIfPk9Cxl+YHGfmpCOVQHhxCwpkQs0Oh7NerO3idnG1enckjCuzCotnL8vDhczdL4eZmus= kopatz@nix-laptop
+"
+    ];
+  };
+}
diff --git a/users/home-manager/nvim/nvim.nix b/users/home-manager/nvim/nvim.nix
new file mode 100644
index 0000000..eec5abd
--- /dev/null
+++ b/users/home-manager/nvim/nvim.nix
@@ -0,0 +1,25 @@
+{ user, pkgs, ... }:
+{
+  home-manager.users.${user} = { pkgs, ...}: {
+    home.file.".config/nvim" = {
+      enable = true;
+      recursive = true;
+      source = ../../../.config/nvim;
+      target = ".config/nvim";
+    };
+    programs.neovim = {
+      enable = true;
+      defaultEditor = true;
+      extraPackages = with pkgs; [
+        rnix-lsp
+        gcc
+        ripgrep
+        fd
+        cmake
+        nodePackages.pyright
+        nodePackages.eslint
+        ccls
+      ];
+    };
+  };
+}
diff --git a/users/home-manager/vscode/code.nix b/users/home-manager/vscode/code.nix
new file mode 100644
index 0000000..c1e2c13
--- /dev/null
+++ b/users/home-manager/vscode/code.nix
@@ -0,0 +1,14 @@
+
+{ user, pkgs, ... }:
+{
+  home-manager.users.${user} = { pkgs, ...}: {
+    programs.vscode = {
+      enable = true;
+      package = pkgs.vscodium;
+      extensions = with pkgs.vscode-extensions; [
+        jnoortheen.nix-ide
+        rust-lang.rust-analyzer
+     ];
+    };
+  };
+}
diff --git a/users/kopatz.nix b/users/kopatz.nix
new file mode 100644
index 0000000..aa23b93
--- /dev/null
+++ b/users/kopatz.nix
@@ -0,0 +1,62 @@
+{ pkgs, inputs, ... }:
+let 
+  user = "kopatz";
+in
+{
+  imports = [
+    (
+      import ./home-manager/nvim/nvim.nix ({ user="${user}"; pkgs = pkgs; })
+    )
+    (
+      import ./home-manager/vscode/code.nix ({ user="${user}"; pkgs = pkgs; })
+    )
+  ];
+  home-manager = {
+    useGlobalPkgs = true;
+    extraSpecialArgs = {
+      inherit inputs;
+      headless = false;
+    };
+    useUserPackages = true;
+    users.${user} = {
+      programs.zsh = {
+        enable = true;
+        enableCompletion = true;
+        enableAutosuggestions = true;
+        shellAliases = {
+            ll = "ls -l";
+            update = "sudo nixos-rebuild switch";
+        };
+        oh-my-zsh = {
+          enable = true;
+          plugins = [ "git" ];
+          theme = "eastwood";
+        };
+      };
+      programs.git.enable = true;
+      programs.direnv = {
+        enable = true;
+        enableZshIntegration = true;
+        nix-direnv.enable = true;
+      };
+      home.stateVersion = "23.05";
+    };
+  };
+  
+  programs.zsh.enable = true;
+  users.users.${user} = {
+    isNormalUser = true;
+    description = user;
+    shell = pkgs.zsh;
+    extraGroups = [ "networkmanager" "wheel" "docker" "libvirtd" ];
+    packages = with pkgs; [
+      (discord.override { withVencord = true; })
+      librewolf
+      ungoogled-chromium
+      brave
+    ];
+    openssh.authorizedKeys.keys = [
+       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFeP6qtVqE/gu72ZUZE8cdRi3INiUW9NqDR7SjXIzTw2 lukas"
+    ];
+  };
+}