diff --git a/assets/grafana_dashboards/alloy-logs.json b/assets/grafana_dashboards/alloy-logs.json
deleted file mode 100644
index 36021c1..0000000
--- a/assets/grafana_dashboards/alloy-logs.json
+++ /dev/null
@@ -1,594 +0,0 @@
-{
-  "annotations": {
-    "list": [
-      {
-        "$$hashKey": "object:75",
-        "builtIn": 1,
-        "datasource": {
-          "uid": "-- Grafana --"
-        },
-        "enable": true,
-        "hide": true,
-        "iconColor": "rgba(0, 211, 255, 1)",
-        "name": "Annotations & Alerts",
-        "type": "dashboard"
-      }
-    ]
-  },
-  "description": "Log Viewer Dashboard for Loki",
-  "editable": true,
-  "fiscalYearStartMonth": 0,
-  "graphTooltip": 0,
-  "id": 20,
-  "links": [
-    {
-      "$$hashKey": "object:59",
-      "icon": "bolt",
-      "includeVars": true,
-      "keepTime": true,
-      "tags": [],
-      "targetBlank": true,
-      "title": "View In Explore",
-      "type": "link",
-      "url": "/explore?orgId=1&left=[\"now-1h\",\"now\",\"Loki\",{\"expr\":\"{job=\\\"$app\\\"}\"},{\"ui\":[true,true,true,\"none\"]}]"
-    },
-    {
-      "$$hashKey": "object:61",
-      "icon": "external link",
-      "tags": [],
-      "targetBlank": true,
-      "title": "Learn LogQL",
-      "type": "link",
-      "url": "https://grafana.com/docs/loki/latest/logql/"
-    }
-  ],
-  "panels": [
-    {
-      "datasource": {
-        "uid": "bfesvtbn7l534f"
-      },
-      "fieldConfig": {
-        "defaults": {
-          "color": {
-            "mode": "fixed"
-          },
-          "custom": {
-            "hideFrom": {
-              "legend": false,
-              "tooltip": false,
-              "viz": false
-            }
-          },
-          "fieldMinMax": false,
-          "mappings": [],
-          "noValue": "0",
-          "unit": "short"
-        },
-        "overrides": [
-          {
-            "matcher": {
-              "id": "byName",
-              "options": "error"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-red",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byName",
-              "options": "warn"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-yellow",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byName",
-              "options": "info"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-green",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byName",
-              "options": "debug"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-blue",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          }
-        ]
-      },
-      "gridPos": {
-        "h": 10,
-        "w": 8,
-        "x": 0,
-        "y": 0
-      },
-      "id": 6,
-      "options": {
-        "displayLabels": [],
-        "legend": {
-          "displayMode": "list",
-          "placement": "right",
-          "showLegend": true,
-          "values": [
-            "percent"
-          ]
-        },
-        "pieType": "donut",
-        "reduceOptions": {
-          "calcs": [
-            "lastNotNull"
-          ],
-          "fields": "",
-          "values": false
-        },
-        "sort": "none",
-        "tooltip": {
-          "hideZeros": true,
-          "mode": "multi",
-          "sort": "none"
-        }
-      },
-      "pluginVersion": "12.3.3",
-      "targets": [
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} | detected_level = \"debug\" [$__auto])) by (detected_level)",
-          "hide": false,
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "D",
-          "step": ""
-        },
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} | detected_level = \"info\" [$__auto])) by (detected_level)",
-          "hide": false,
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "C",
-          "step": ""
-        },
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} | detected_level = \"unknown\" [$__auto])) by (detected_level)",
-          "hide": false,
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "E",
-          "step": ""
-        },
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} | detected_level = \"warn\" [$__auto])) by (detected_level)",
-          "hide": false,
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "B",
-          "step": ""
-        },
-        {
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} | detected_level = \"error\" [$__auto])) by (detected_level)",
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "A",
-          "step": ""
-        }
-      ],
-      "title": "Type log pie chart",
-      "transparent": true,
-      "type": "piechart"
-    },
-    {
-      "datasource": {
-        "type": "loki",
-        "uid": "bfesvtbn7l534f"
-      },
-      "fieldConfig": {
-        "defaults": {
-          "color": {
-            "mode": "palette-classic"
-          },
-          "custom": {
-            "axisBorderShow": false,
-            "axisCenteredZero": false,
-            "axisColorMode": "text",
-            "axisLabel": "",
-            "axisPlacement": "auto",
-            "axisSoftMin": 0,
-            "barAlignment": 0,
-            "barWidthFactor": 0.6,
-            "drawStyle": "bars",
-            "fillOpacity": 100,
-            "gradientMode": "none",
-            "hideFrom": {
-              "legend": false,
-              "tooltip": false,
-              "viz": false
-            },
-            "insertNulls": false,
-            "lineInterpolation": "linear",
-            "lineWidth": 0,
-            "pointSize": 0,
-            "scaleDistribution": {
-              "type": "linear"
-            },
-            "showPoints": "auto",
-            "showValues": false,
-            "spanNulls": false,
-            "stacking": {
-              "group": "A",
-              "mode": "normal"
-            },
-            "thresholdsStyle": {
-              "mode": "off"
-            }
-          },
-          "mappings": [],
-          "thresholds": {
-            "mode": "absolute",
-            "steps": [
-              {
-                "color": "green",
-                "value": 0
-              },
-              {
-                "color": "red",
-                "value": 80
-              }
-            ]
-          },
-          "unit": "short"
-        },
-        "overrides": [
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^(info|information)$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-green",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^debug$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-blue",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^(warn|warning)$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-orange",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^(error|errors)$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "semi-dark-red",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^(crit|critical|fatal|severe)$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "#705da0",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          },
-          {
-            "matcher": {
-              "id": "byRegexp",
-              "options": "/^(logs|unknown)$/i"
-            },
-            "properties": [
-              {
-                "id": "color",
-                "value": {
-                  "fixedColor": "darkgray",
-                  "mode": "fixed"
-                }
-              }
-            ]
-          }
-        ]
-      },
-      "gridPos": {
-        "h": 10,
-        "w": 16,
-        "x": 8,
-        "y": 0
-      },
-      "id": 9,
-      "interval": "5s",
-      "maxDataPoints": 500,
-      "options": {
-        "legend": {
-          "calcs": [
-            "sum"
-          ],
-          "displayMode": "list",
-          "placement": "bottom",
-          "showLegend": true
-        },
-        "tooltip": {
-          "hideZeros": false,
-          "mode": "single",
-          "sort": "none"
-        }
-      },
-      "pluginVersion": "12.3.3",
-      "targets": [
-        {
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "sum(count_over_time({job=\"systemd-journal\"} [$__auto])) by (detected_level)",
-          "legendFormat": "{{detected_level}}",
-          "queryType": "range",
-          "refId": "A"
-        }
-      ],
-      "title": "Metric query",
-      "transparent": true,
-      "type": "timeseries"
-    },
-    {
-      "datasource": {
-        "type": "loki",
-        "uid": "bfesvtbn7l534f"
-      },
-      "description": "All warn/error's logs will be printed here",
-      "fieldConfig": {
-        "defaults": {},
-        "overrides": []
-      },
-      "gridPos": {
-        "h": 18,
-        "w": 12,
-        "x": 0,
-        "y": 10
-      },
-      "id": 8,
-      "maxDataPoints": "",
-      "options": {
-        "dedupStrategy": "none",
-        "detailsMode": "inline",
-        "enableInfiniteScrolling": true,
-        "enableLogDetails": true,
-        "prettifyLogMessage": false,
-        "showControls": false,
-        "showLabels": false,
-        "showTime": true,
-        "sortOrder": "Descending",
-        "syntaxHighlighting": true,
-        "timestampResolution": "ms",
-        "wrapLogMessage": false
-      },
-      "pluginVersion": "12.3.3",
-      "targets": [
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "{job=\"$app\"} | logfmt | detected_level =~ `err|error|emerg|emergency|fatal|crit|critical|warn` | line_format \"Service: {{ if .logger }}{{ .logger }}{{ else }}Loki{{ end }} | Message: {{ if .msg }}{{ .msg }}{{ else }}No Message{{ end }}\"",
-          "hide": false,
-          "legendFormat": "",
-          "queryType": "range",
-          "refId": "A"
-        }
-      ],
-      "title": "Warn/Error's logs",
-      "transparent": true,
-      "type": "logs"
-    },
-    {
-      "datasource": {
-        "type": "loki",
-        "uid": "bfesvtbn7l534f"
-      },
-      "description": "All infos logs will be printed here",
-      "fieldConfig": {
-        "defaults": {},
-        "overrides": []
-      },
-      "gridPos": {
-        "h": 18,
-        "w": 12,
-        "x": 12,
-        "y": 10
-      },
-      "id": 7,
-      "maxDataPoints": "",
-      "options": {
-        "dedupStrategy": "none",
-        "detailsMode": "inline",
-        "enableInfiniteScrolling": true,
-        "enableLogDetails": true,
-        "prettifyLogMessage": false,
-        "showControls": false,
-        "showLabels": false,
-        "showTime": true,
-        "sortOrder": "Descending",
-        "syntaxHighlighting": true,
-        "timestampResolution": "ms",
-        "wrapLogMessage": false
-      },
-      "pluginVersion": "12.3.3",
-      "targets": [
-        {
-          "datasource": {
-            "type": "loki",
-            "uid": "bfesvtbn7l534f"
-          },
-          "direction": "backward",
-          "editorMode": "code",
-          "expr": "{job=\"$app\"} | logfmt | detected_level =~ `info|notice|debug|trace` | line_format \"Service: {{ if .logger }}{{ .logger }}{{ else }}Loki{{ end }} | Message: {{ if .msg }}{{ .msg }}{{ else }}No Message{{ end }}\"",
-          "hide": false,
-          "legendFormat": "",
-          "queryType": "range",
-          "refId": "A"
-        }
-      ],
-      "title": "Logs Informative",
-      "transparent": true,
-      "type": "logs"
-    }
-  ],
-  "preload": false,
-  "refresh": "",
-  "schemaVersion": 42,
-  "tags": [],
-  "templating": {
-    "list": [
-      {
-        "current": {
-          "text": "systemd-journal",
-          "value": "systemd-journal"
-        },
-        "datasource": "bfesvtbn7l534f",
-        "definition": "label_values(job)",
-        "includeAll": false,
-        "label": "App",
-        "name": "app",
-        "options": [],
-        "query": "label_values(job)",
-        "refresh": 1,
-        "regex": "",
-        "type": "query"
-      },
-      {
-        "current": {
-          "text": "",
-          "value": ""
-        },
-        "label": "String Match",
-        "name": "search",
-        "options": [
-          {
-            "selected": true,
-            "text": "",
-            "value": ""
-          }
-        ],
-        "query": "",
-        "type": "textbox"
-      }
-    ]
-  },
-  "time": {
-    "from": "now-1h",
-    "to": "now"
-  },
-  "timepicker": {
-    "refresh_intervals": [
-      "10s",
-      "30s",
-      "1m",
-      "5m",
-      "15m",
-      "30m",
-      "1h",
-      "2h",
-      "1d"
-    ]
-  },
-  "timezone": "",
-  "title": "Logs / App",
-  "uid": "sadlil-loki-apps-dashboard",
-  "version": 13
-}
diff --git a/flake.nix b/flake.nix
index c1f1508..c6fb519 100644
--- a/flake.nix
+++ b/flake.nix
@@ -45,7 +45,6 @@
             ./hosts/fix/configuration.nix
             home-manager.nixosModules.home-manager
             {
-              home-manager.sharedModules = [ catppuccin.homeModules.catppuccin ];
               home-manager.useGlobalPkgs = true;
               home-manager.useUserPackages = true;
               home-manager.extraSpecialArgs = {
@@ -54,7 +53,7 @@
                 nixvim = inputs.nixvim.packages."x86_64-linux".default;
                 zen-browser = inputs.zen-browser.packages."x86_64-linux".default;
               };
-              home-manager.users.raphael = import hm-config.outputs.homeModules.fix;
+              home-manager.users.raphael = hm-config.homeConfigurations."hm-fix";
             }
           ];
           specialArgs = {
diff --git a/hosts/fix/configuration.nix b/hosts/fix/configuration.nix
index 3d1fb03..44d74f4 100644
--- a/hosts/fix/configuration.nix
+++ b/hosts/fix/configuration.nix
@@ -6,12 +6,6 @@
   ...
 }:
 
-let
-  mullvad-autostart = pkgs.makeAutostartItem {
-    name = "mullvad-vpn";
-    package = pkgs.mullvad-vpn;
-  };
-in
 {
   imports = [
     ../global.nix
@@ -25,23 +19,7 @@ in
     hostName = "nixos-fix";
     firewall.enable = false;
     networkmanager.enable = true;
-  };
-
-  hardware = {
-    graphics = {
-      enable = true;
-      enable32Bit = true;
-    };
-    nvidia = {
-      open = false;
-      modesetting.enable = true;
-      powerManagement = {
-        enable = false;
-        finegrained = false;
-      };
-      nvidiaSettings = true;
-      package = config.boot.kernelPackages.nvidiaPackages.stable;
-    };
+    wireless.enable = false;
   };
 
   games = {
@@ -59,7 +37,27 @@ in
     swaylock = { };
   };
 
-  users.defaultUserShell = pkgs.zsh;
+  users = {
+    defaultUserShell = pkgs.zsh;
+    users = {
+      deb = {
+        isNormalUser = true;
+        initialPassword = "pasadmin1234";
+        description = "deb";
+        useDefaultShell = true;
+        extraGroups = [
+          "networkmanager"
+          "dialout"
+          "docker"
+          "video"
+        ];
+        packages = with pkgs; [
+          gnome-session
+          home-manager
+        ];
+      };
+    };
+  };
 
   # Bootloader.
   boot.loader = {
@@ -68,36 +66,31 @@ in
   };
 
   programs = {
-    thunderbird.enable = true;
     hyprland = {
       enable = true;
       xwayland.enable = true;
     };
   };
 
-  environment.systemPackages = with pkgs; [
-    mullvad-autostart
-    pciutils
-    vulkan-tools
-  ];
-
   services = {
-    mullvad-vpn = {
-        enable = true;
-        package = pkgs.mullvad-vpn;
-    };
-    xserver.videoDrivers = [ "nvidia" ];
     seatd.enable = true;
+    xserver = {
+      desktopManager.gnome.enable = true;
+      displayManager.gdm.wayland = true;
+    };
     greetd = {
       enable = true;
       settings = {
         default_session = {
-          command = "${pkgs.tuigreet}/bin/tuigreet --remember --user-menu --remember-user-session --time";
+          command = "${pkgs.greetd.tuigreet}/bin/tuigreet --remember --user-menu --remember-user-session --time";
         };
       };
-      useTextGreeter = true;
     };
     dbus.enable = true;
+    openssh = {
+      enable = true;
+      ports = [ 42131 ];
+    };
     pipewire = {
       enable = true;
       alsa.enable = true;
@@ -122,7 +115,6 @@ in
     enable = true;
     extraPortals = [
       pkgs.xdg-desktop-portal-hyprland
-      pkgs.xdg-desktop-portal-gtk
     ];
     config.common.default = "*";
   };
diff --git a/hosts/fix/hardware-configuration.nix b/hosts/fix/hardware-configuration.nix
index 9eb70cc..a202e4a 100644
--- a/hosts/fix/hardware-configuration.nix
+++ b/hosts/fix/hardware-configuration.nix
@@ -1,36 +1,83 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}:
 
 {
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  #	services.dbus.enable = true;
+  boot = {
+    initrd = {
+      availableKernelModules = [
+        "xhci_pci"
+        "ahci"
+        "usbhid"
+        "sd_mod"
+      ];
+      kernelModules = [ ];
+    };
+    kernelModules = [
+      "kvm-intel"
     ];
+    extraModulePackages = [ ];
+  };
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "sd_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "/dev/disk/by-uuid/2eec2aaa-4576-4591-9b9e-6d36ee4b0d02";
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/a943d592-57d3-497e-bf43-49b50ac73f0b";
       fsType = "ext4";
     };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/FE5B-8026";
+    "/boot" = {
+      device = "/dev/disk/by-uuid/5AAB-0026";
       fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
+      options = [
+        "fmask=0077"
+        "dmask=0077"
+      ];
     };
-
-  fileSystems."/mnt/data" =
-    { device = "/dev/disk/by-uuid/416367e1-a2dc-4724-b9f5-9c10da4d87a5";
+    "/mnt/data" = {
+      device = "/dev/disk/by-uuid/5729d30c-5806-4ccd-8a2a-080a258084dc";
       fsType = "ext4";
+      options = [
+        "acl"
+        "exec"
+      ];
     };
+  };
 
   swapDevices = [ ];
 
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.docker0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+
+  services.xserver.videoDrivers = [ "nvidia" ];
+
+  hardware = {
+    graphics.enable = true;
+    nvidia = {
+      open = false;
+      modesetting.enable = true;
+      powerManagement.enable = false;
+      powerManagement.finegrained = false;
+      nvidiaSettings = true;
+      package = config.boot.kernelPackages.nvidiaPackages.stable;
+    };
+  };
+
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
diff --git a/hosts/global.nix b/hosts/global.nix
index 034d314..f3e6d9e 100644
--- a/hosts/global.nix
+++ b/hosts/global.nix
@@ -45,7 +45,6 @@
           "wheel"
           "docker"
           "video"
-          "render"
         ];
       };
     };
@@ -76,7 +75,6 @@
   };
 
   environment.systemPackages = with pkgs; [
-    uwsm
     git
     postgresql
     vim
diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix
index 60f8f62..f2ea58b 100644
--- a/hosts/server/configuration.nix
+++ b/hosts/server/configuration.nix
@@ -7,7 +7,7 @@
 }:
 
 let
-  sshKeyMac = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIML4yVz1fhccwaTL0iHixkNkU5zUWU1rsit9u2TIIa5r raphael@raphaels-MacBook-Pro.local";
+  sshKeyMac = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKbHk7YasSMK5FBCArKLeqIoaGXsN+WlgVquObyC5Zec raphael@MacBook-Pro-de-raphael.local";
 in
 {
   imports = [
@@ -26,6 +26,7 @@ in
     hostName = "nixos-server";
     firewall.enable = false;
     networkmanager.enable = true;
+    wireless.enable = false;
     interfaces.enp0s31f6.ipv4.addresses = [
       {
         address = "192.168.1.1";
@@ -58,16 +59,15 @@ in
       nextcloud = true;
       jellyfin = true;
       sso = true;
-      vault = true;
     };
-    forty_two.irc = false;
+    forty_two.irc = true;
     web.portefolio = true;
     server = {
-      minecraft = true;
+      minecraft = false;
       teamspeak = true;
     };
     bot_discord = {
-      master = false;
+      master = true;
       bde = false;
       tut = false;
       marty = false;
@@ -78,49 +78,46 @@ in
     };
   };
 
-  environment.systemPackages =
-    with pkgs;
-    [
-      age
-      bat
-      cairo
-      dconf
-      fastfetch
-      git
-      home-manager
-      lego
-      libjpeg
-      libpng
-      libuuid
-      linux-manual
-      man
-      man-pages
-      man-pages-posix
-      networkmanager
-      openssl
-      pkg-config
-      postgresql
-      protonup-ng
-      python3
-      python3Packages.pip
-      qFlipper
-      ripgrep
-      swaylock
-      swaylock-fancy
-      tmux
-      unzip
-      vim
-      wget
-      wl-clipboard
-      xclip
-      xdg-desktop-portal-hyprland
-      xsel
-      yarn
-      zsh
-    ]
-    ++ [
-      inputs.agenix.packages.${pkgs.system}.agenix
-    ];
+  environment.systemPackages = with pkgs; [
+    age
+    bat
+    cairo
+    dconf
+    fastfetch
+    git
+    home-manager
+    lego
+    libjpeg
+    libpng
+    libuuid
+    linux-manual
+    man
+    man-pages
+    man-pages-posix
+    networkmanager
+    openssl
+    pkg-config
+    postgresql
+    protonup-ng
+    python3
+    python3Packages.pip
+    qFlipper
+    ripgrep
+    swaylock
+    swaylock-fancy
+    tmux
+    unzip
+    vim
+    wget
+    wl-clipboard
+    xclip
+    xdg-desktop-portal-hyprland
+    xsel
+    yarn
+    zsh
+  ] ++ [
+    inputs.agenix.packages.${pkgs.system}.agenix
+  ];
 
   # Bootloader.
   boot.loader = {
@@ -143,7 +140,7 @@ in
     openssh = {
       enable = true;
       ports = [
-        42131
+	      42131
       ];
     };
     udev.extraRules = ''
diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix
index 68b3b48..955eb4c 100644
--- a/hosts/server/hardware-configuration.nix
+++ b/hosts/server/hardware-configuration.nix
@@ -1,51 +1,28 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}:
+{ config, lib, pkgs, modulesPath, ... }:
 
 {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
 
-  boot.initrd.availableKernelModules = [
-    "xhci_pci"
-    "ahci"
-    "usbhid"
-    "sd_mod"
-  ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-intel" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-uuid/67b9f544-f7d6-4203-a1ee-3d527f0c4ace";
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/67b9f544-f7d6-4203-a1ee-3d527f0c4ace";
       fsType = "ext4";
     };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/C2ED-90A4";
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/C2ED-90A4";
       fsType = "vfat";
-      options = [
-        "fmask=0077"
-        "dmask=0077"
-      ];
+      options = [ "fmask=0077" "dmask=0077" ];
     };
-    "/mnt/data" = {
-      device = "/dev/disk/by-uuid/efa8669d-d141-4858-9e66-d3efa9a88816";
-      fsType = "ext4";
-      options = [
-        "acl"
-        "exec"
-      ];
-    };
-  };
 
   swapDevices = [ ];
 
diff --git a/hosts/server/secrets.nix b/hosts/server/secrets.nix
index c90b5e5..cc754ff 100644
--- a/hosts/server/secrets.nix
+++ b/hosts/server/secrets.nix
@@ -5,100 +5,66 @@
 
   age.identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
 
-  age.secrets."wireguard-secret" = {
-    file = ../../secrets/wireguard-secret.age;
-    owner = "root";
-    group = "root";
-    mode = "0400";
-  };
-
   age.secrets."mailjet-user" = {
     file = ../../secrets/mailjet-user.age;
     owner = "root";
     group = "root";
-    mode = "0400";
+    mode  = "0400";
   };
   age.secrets."mailjet-pass" = {
     file = ../../secrets/mailjet-pass.age;
     owner = "root";
     group = "root";
-    mode = "0400";
+    mode  = "0400";
   };
 
   age.secrets."nextcloud-admin-pass" = {
     file = ../../secrets/nextcloud-admin-pass.age;
     owner = "nextcloud";
     group = "nextcloud";
-    mode = "0400";
+    mode  = "0400";
   };
 
   age.secrets."nextcloud-oidc-secret" = {
     file = ../../secrets/nextcloud-oidc-secret.age;
     owner = "kanidm";
     group = "kanidm";
-    mode = "0400";
+    mode  = "0400";
   };
 
   age.secrets."grafana-oidc-secret" = {
     file = ../../secrets/grafana-oidc-secret.age;
     owner = "kanidm";
     group = "grafana";
-    mode = "0440";
-  };
-
-  age.secrets."grafana-secret-key" = {
-    file = ../../secrets/grafana-secret-key.age;
-    owner = "grafana";
-    group = "grafana";
-    mode = "0440";
+    mode  = "0440";
   };
 
   age.secrets."forgejo-oidc-secret" = {
     file = ../../secrets/forgejo-oidc-secret.age;
     owner = "kanidm";
     group = "forgejo";
-    mode = "0440";
-  };
-
-  age.secrets."forgejo-runner-token" = {
-    file = ../../secrets/forgejo-runner-token.age;
-    owner = "forgejo";
-    group = "forgejo";
-    mode = "0440";
+    mode  = "0440";
   };
 
   age.secrets."nextcloud-database" = {
     file = ../../secrets/nextcloud-database.age;
     owner = "nextcloud";
     group = "nextcloud";
-    mode = "0400";
+    mode  = "0400";
   };
 
   age.secrets."kanidm-admin" = {
     file = ../../secrets/kandim-admin.age;
     owner = "kanidm";
     group = "kanidm";
-    mode = "0400";
+    mode  = "0400";
   };
 
   age.secrets."kanidm-idmAdmin" = {
     file = ../../secrets/kandim-idmAdmin.age;
     owner = "kanidm";
     group = "kanidm";
-    mode = "0400";
+    mode  = "0400";
   };
 
-  age.secrets."vault-oidc-secret" = {
-    file = ../../secrets/vault-oidc-secret.age;
-    owner = "kanidm";
-    group = "kanidm";
-    mode = "0400";
-  };
-
-  age.secrets."vault-secret-env" = {
-    file = ../../secrets/vault-secret-env.age;
-    owner = "vaultwarden";
-    group = "vaultwarden";
-    mode = "0400";
-  };
 }
diff --git a/modules/games/steam.nix b/modules/games/steam.nix
index ca3bde0..bc81d4d 100644
--- a/modules/games/steam.nix
+++ b/modules/games/steam.nix
@@ -22,7 +22,6 @@ in
     };
 
     environment.systemPackages = with pkgs; [
-      gamescope
       wine-staging
       lutris
       dxvk
diff --git a/secrets/forgejo-runner-token.age b/secrets/forgejo-runner-token.age
deleted file mode 100644
index 47e7e7f..0000000
Binary files a/secrets/forgejo-runner-token.age and /dev/null differ
diff --git a/secrets/grafana-secret-key.age b/secrets/grafana-secret-key.age
deleted file mode 100644
index af16ce7..0000000
--- a/secrets/grafana-secret-key.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 Iy+0iw a6V5MbX371JEVJM4L1AiL0f3/W4oPhc0EeydmBlCwzI
-QnsMyhcDyrCGkkJaQWA04u5YdiVrlIISyp/PEnY7emE
--> ssh-ed25519 ocqiLQ 6vkETQNUq8iMWqPD3uf+UrVcY34xz8KBPLWK2WRHjgk
-ttdk+iK/DFYoshfffBN+tbxXkWHgVPz5fYQ+m4684aM
---- gBW+PH1fOqhXi0ChESyPAj7fqM21Lb9UYPJ5JWVuoFk
-%�Alb3��Sd��T���P��Hf{&�.5@����;V�Pkz�׶��������+���lZ��v��V��� 	
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 3c4d101..8810616 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -10,18 +10,13 @@ let
   ];
 in
 {
-  "wireguard-secret.age".publicKeys = users ++ systems;
   "mailjet-user.age".publicKeys = users ++ systems;
   "mailjet-pass.age".publicKeys = users ++ systems;
   "nextcloud-admin-pass.age".publicKeys = users ++ systems;
   "nextcloud-database.age".publicKeys = users ++ systems;
   "nextcloud-oidc-secret.age".publicKeys = users ++ systems;
   "grafana-oidc-secret.age".publicKeys = users ++ systems;
-  "grafana-secret-key.age".publicKeys = users ++ systems;
   "forgejo-oidc-secret.age".publicKeys = users ++ systems;
-  "forgejo-runner-token.age".publicKeys = users ++ systems;
   "kandim-admin.age".publicKeys = users ++ systems;
   "kandim-idmAdmin.age".publicKeys = users ++ systems;
-  "vault-secret-env.age".publicKeys = users ++ systems;
-  "vault-oidc-secret.age".publicKeys = users ++ systems;
 }
diff --git a/secrets/vault-oidc-secret.age b/secrets/vault-oidc-secret.age
deleted file mode 100644
index 752b97a..0000000
Binary files a/secrets/vault-oidc-secret.age and /dev/null differ
diff --git a/secrets/vault-secret-env.age b/secrets/vault-secret-env.age
deleted file mode 100644
index e5cfb4b..0000000
--- a/secrets/vault-secret-env.age
+++ /dev/null
@@ -1,9 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 Iy+0iw rpRn2BgDtK3p1tHofUH/nCEwRh4z7rjAwLbvbhCTSkg
-6ZiVqx6pNZyYmhsDhZh3YG6+LKiRsnuWMfN8KzJLyhw
--> ssh-ed25519 ocqiLQ AguX30lc6+1ckV3ENiHhboGyNyf2pN0hqIytsTAjwz4
-rAGWhtuROHn8p0eAGEKS6Xp+PyYmpbw2EbdadbfJxt0
---- WA9Zus5yXPXPD+TiHyUlEIqozmvhAxWQTE6s2olZ1fs
-2*8ց3��g� �E(���+��<�t��������F����#v7C�+|
-ң��Z�Y(�.�۴D�.��r`�`�z�@����)141}�@��_��&����2���q�OH>��w[���<�r��3���rI¦M�b+��o90H�*D'�y�&�]�h1� 솥ݞ�s&����<�
�
-"�p������iQ�^�p9����b#�)ch*�;'"�g�Cv�f�����}���v
\ No newline at end of file
diff --git a/secrets/wireguard-secret.age b/secrets/wireguard-secret.age
deleted file mode 100644
index 8ece065..0000000
--- a/secrets/wireguard-secret.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 Iy+0iw 65IsIObRg7SuYCZnDp/LKpSn1tpnJTLaXFcc7/9gRkA
-3L16P+XHyyfwSZLInsPv3UPMVYsPpYAV2E+/kl+oQbA
--> ssh-ed25519 ocqiLQ R3CkxF9zthAEZGE3CZypFGb/uwLazrBpwWT97N+1izA
-EP6vUm4Y511GMctNJi0FO7bzUw6qHMqPRzxJiSTD23M
---- JqhMdyVwELZA++21d9WMdbGTciFtsea44hbbC+WWLHI
-'���N ��=�x��0TEP���ܯP���mʒ=ȝa�h�*�p`���%�Q���w��o+�WJ�@�Ok�K�TR���
\ No newline at end of file
diff --git a/services/self_host.nix b/services/self_host.nix
index 92ecb5d..9a146e3 100644
--- a/services/self_host.nix
+++ b/services/self_host.nix
@@ -71,14 +71,6 @@ let
       lib
       ;
   };
-  vault = import ./self_host/vault.nix {
-    inherit
-      inputs
-      config
-      pkgs
-      lib
-      ;
-  };
   cfg = config.service.selfhost;
 in
 {
@@ -91,7 +83,6 @@ in
     nextcloud
     ollama
     sso
-    vault
   ];
 
   config = {
@@ -138,12 +129,7 @@ in
     sso = lib.mkOption {
       type = lib.types.bool;
       default = false;
-      description = "Enable the sso";
-    };
-    vault = lib.mkOption {
-      type = lib.types.bool;
-      default = false;
-      description = "Enable the vault";
+      description = "Enable the nextcloud";
     };
   };
 }
diff --git a/services/self_host/git.nix b/services/self_host/git.nix
index 902c291..191d46d 100644
--- a/services/self_host/git.nix
+++ b/services/self_host/git.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 
 let
   gitDomain = "git.enium.eu";
@@ -35,14 +30,13 @@ in
           AUTH_URL = "https://git.enium.eu/ui/oauth2";
           TOKEN_URL = "https://git.enium.eu/oauth2/token";
           API_URL = "https://git.enium.eu/oauth2/openid/forgejo/userinfo";
-          REDIRECT_URI = "https://git.enium.eu/user/oauth2/Enium/callback";
           CODE_CHALLENGE_METHOD = "S256";
           ENABLE_AUTO_REGISTRATION = true;
           UPDATE_AVATAR = true;
         };
 
         service = {
-          DISABLE_REGISTRATION = false;
+          DISABLE_REGISTRATION = true;
           ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
           SHOW_REGISTRATION_BUTTON = false;
           DISABLE_PASSWORD_SIGNIN_FORM = true;
@@ -52,18 +46,7 @@ in
         };
       };
     };
-    gitea-actions-runner = {
-      package = pkgs.forgejo-runner;
-      instances.default = {
-        enable = true;
-        name = "monolith";
-        url = "https://git.enium.eu";
-        tokenFile = config.age.secrets.forgejo-runner-token.path;
-        labels = [
-          "ubuntu-latest:docker://node:16-bullseye"
-        ];
-      };
-    };
+
     nginx.virtualHosts."${gitDomain}" = {
       enableACME = true;
       forceSSL = true;
diff --git a/services/self_host/jellyfin.nix b/services/self_host/jellyfin.nix
index 0c1d50d..a0e558f 100644
--- a/services/self_host/jellyfin.nix
+++ b/services/self_host/jellyfin.nix
@@ -1,128 +1,84 @@
 {
-  config,
-  pkgs,
-  lib,
-  ...
+config,
+pkgs,
+lib,
+...
 }:
 let
   cfg = config.service.selfhost.jellyfin;
-  wireguard-key = config.age.secrets."wireguard-secret".path;
 in
-{
+  {
   config = lib.mkIf cfg {
-    virtualisation = {
-      docker.enable = true;
-      oci-containers = {
-        backend = "docker";
-        containers = {
-          gluetun = {
-            image = "qmcgaw/gluetun:latest";
-            autoStart = true;
-            extraOptions = [
-              "--cap-add=NET_ADMIN"
-              "--device=/dev/net/tun"
-            ];
-            environment = {
-              VPN_SERVICE_PROVIDER = "mullvad";
-              VPN_TYPE = "wireguard";
-              WIREGUARD_PRIVATE_KEY = builtins.readFile wireguard-key;
-              BLOCK_MALICIOUS = "off";
-              BLOCK_SURVEILLANCE = "off";
-              BLOCK_ADS = "off";
-              WIREGUARD_ADDRESSES = "10.70.168.94/32";
-              SERVER_COUNTRIES = "Sweden";
-              SERVER_CITIES = "Stockholm";
-              SERVER_HOSTNAMES = "se-sto-wg-206";
-              TZ = "Europe/Paris";
-            };
-            ports = [
-              "8080:8080"
-              "7878:7878"
-              "8989:8989"
-              "9696:9696"
-            ];
-          };
-          qbittorrent = {
-            image = "lscr.io/linuxserver/qbittorrent:latest";
-            autoStart = true;
-            extraOptions = [
-              "--network=container:gluetun"
-            ];
-            environment = {
-              PUID = "1000";
-              PGID = "991";
-              WEBUI_PORT = "8080";
-              TZ = "Europe/Paris";
-            };
-            volumes = [
-              "/mnt/data/qbittorrent/config:/config"
-              "/mnt/data/downloads:/downloads"
-            ];
-          };
-          radarr = {
-            image = "lscr.io/linuxserver/radarr:latest";
-            autoStart = true;
-            extraOptions = [
-              "--network=container:gluetun"
-            ];
-            environment = {
-              PUID = "1000";
-              PGID = "991";
-              TZ = "Europe/Paris";
-            };
-            volumes = [
-              "/mnt/data/radarr/config:/config"
-              "/mnt/data/downloads:/downloads"
-              "/mnt/data:/data"
-            ];
-          };
-          sonarr = {
-            image = "lscr.io/linuxserver/sonarr:latest";
-            autoStart = true;
-            extraOptions = [
-              "--network=container:gluetun"
-            ];
-            environment = {
-              PUID = "1000";
-              PGID = "991";
-              TZ = "Europe/Paris";
-            };
-            volumes = [
-              "/mnt/data/sonarr/config:/config"
-              "/mnt/data/downloads:/downloads"
-              "/mnt/data:/data"
-            ];
-          };
-          prowlarr = {
-            image = "lscr.io/linuxserver/prowlarr:latest";
-            autoStart = true;
-            extraOptions = [
-              "--network=container:gluetun"
-            ];
-            environment = {
-              PUID = "1000";
-              PGID = "991";
-              TZ = "Europe/Paris";
-            };
-            volumes = [
-              "/mnt/data/prowlarr/config:/config"
-            ];
-          };
-        };
-      };
-    };
     users = {
       groups.datausers = { };
       users = {
         jellyfin.extraGroups = [ "datausers" ];
+        radarr.extraGroups = [ "datausers" ];
+        sonarr.extraGroups = [ "datausers" ];
       };
     };
     services = {
       jellyfin = {
         enable = true;
-        dataDir = "/mnt/data/jellyfin";
+        dataDir = "/mnt/data/media";
         openFirewall = true;
       };
+
+      qbittorrent = {
+        enable = true;
+        openFirewall = true;
+        user = "qbittorrent";
+        group = "datausers";
+
+        webuiPort = 8137;
+
+        serverConfig = {
+          Preferences = {
+            Downloads = {
+              SavePath = "/mnt/data/downloads";
+              TempPathEnabled = false;
+            };
+            General = {
+              Locale = "fr_FR";
+            };
+            WebUI = {
+              Username = "raphael";
+              Password_PBKDF2 = "@ByteArray(CmH/e4LVehCMTT2BUTVo5g==:VqhgnDIsg0owhZqINmi6O0Ac3tXgz6JYAkxB7sqSH18VPQ6R6Tz9jT2a6KXtld4wG6ld41nFXSst0UqRFTUTUw==)";
+            };
+          };
+        };
+      };
+
+      flaresolverr = {
+        enable = true;
+        openFirewall = true;
+        port = 8191;
+      };
+
+      sonarr = {
+        enable = true;
+        dataDir = "/var/lib/sonarr";
+        user = "sonarr";
+        group = "datausers";
+        openFirewall = true;
+      };
+
+      radarr = {
+        enable = true;
+        dataDir = "/var/lib/radarr";
+        user = "radarr";
+        group = "datausers";
+        openFirewall = true;
+      };
+
+      prowlarr = {
+        enable = true;
+        dataDir = "/var/lib/prowlarr";
+        openFirewall = true;
+      };
+
+      bazarr.enable = true;
+
       nginx.virtualHosts = {
         "jellyfin.enium.eu" = {
           enableACME = true;
diff --git a/services/self_host/mail.nix b/services/self_host/mail.nix
index 6844985..eb0b401 100644
--- a/services/self_host/mail.nix
+++ b/services/self_host/mail.nix
@@ -22,7 +22,7 @@ in
       shell = "/run/current-system/sw/bin/nologin";
     };
     users.groups = {
-      vmail = { };
+      vmail = {};
     };
     systemd.tmpfiles.rules = [
       "d /run/dovecot 0755 dovecot dovecot - -"
@@ -84,22 +84,14 @@ in
           chroot = false;
           command = "smtpd";
           args = [
-            "-o"
-            "smtpd_recipient_restrictions=permit_sasl_authenticated,reject"
-            "-o"
-            "smtpd_sasl_auth_enable=yes"
-            "-o"
-            "smtpd_sasl_security_options=noanonymous"
-            "-o"
-            "smtpd_sender_login_maps=hash:/var/lib/postfix/sender_login"
-            "-o"
-            "smtpd_sender_restrictions=reject_sender_login_mismatch"
-            "-o"
-            "smtpd_tls_auth_only=yes"
-            "-o"
-            "smtpd_tls_security_level=encrypt"
-            "-o"
-            "syslog_name=postfix/submission"
+            "-o" "smtpd_recipient_restrictions=permit_sasl_authenticated,reject"
+            "-o" "smtpd_sasl_auth_enable=yes"
+            "-o" "smtpd_sasl_security_options=noanonymous"
+            "-o" "smtpd_sender_login_maps=hash:/var/lib/postfix/sender_login"
+            "-o" "smtpd_sender_restrictions=reject_sender_login_mismatch"
+            "-o" "smtpd_tls_auth_only=yes"
+            "-o" "smtpd_tls_security_level=encrypt"
+            "-o" "syslog_name=postfix/submission"
           ];
         };
       };
@@ -219,19 +211,16 @@ in
       raphael@enium.eu:{SHA512-CRYPT}$6$rIsn6/dLJ6MbITx5$vMo82dgkQZoV8BQIaO6Bs9J86ZjgcJ.LqMuIqnXVfuBRgZOqY/YiURBUOcS1P2wAo5h4TCFkKExfcjjX1reUU.
       benjamin@enium.eu:{SHA512-CRYPT}$6$.34vS2JkrmGnioYo$pUF.vN5Q3njn5WRTLdMU5n7vGJdwk64bB/si0vQXFw.ioky4xlHUVocFXC8GI9wkVJNif.2kHvAYEcEtXvU2I0
       deborah@enium.eu:{SHA512-CRYPT}$6$IZ7Dd31uZ4VKzz04$z5IhS25Jve8KsX0GIIXB8GUiPYd3eSuxlDz9RZQHa2tE4hptgtXQVU3av42MIRpaN9GPqG9iM6jiQUwRZ9V39/
-      rchouraqui@enium.eu:{SHA512-CRYPT}$6$.YW4sF83D1EZXQW8$AZoxbni6XFGf3XuSp1sKhZ9cHjU5CcryEH8C45Fbu5s2nJHixDRnDeH6Vl5EvfQfH09wrxhDYp0Tld.TiUSpn.
     '';
     environment.etc."postfix-vmailbox".text = ''
       raphael@enium.eu enium.eu/raphael/
       benjamin@enium.eu enium.eu/benjamin/
       deborah@enium.eu enium.eu/deborah/
-      rchouraqui@enium.eu enium.eu/rchouraqui/
     '';
     environment.etc."postfix-sender_login".text = ''
       raphael@enium.eu raphael@enium.eu
       benjamin@enium.eu benjamin@enium.eu
       deborah@enium.eu deborah@enium.eu
-      rchouraqui@enium.eu rchouraqui@enium.eu
 
       no-reply@enium.eu raphael@enium.eu, benjamin@enium.eu
       direction@enium.eu raphael@enium.eu, benjamin@enium.eu
@@ -240,7 +229,7 @@ in
     '';
     environment.etc."postfix-virtual".text = ''
       direction@enium.eu raphael@enium.eu, benjamin@enium.eu
-      recrutement@enium.eu raphael@enium.eu, benjamin@enium.eu, rchouraqui@enium.eu
+      recrutement@enium.eu raphael@enium.eu, benjamin@enium.eu
       contact@enium.eu raphael@enium.eu, benjamin@enium.eu
     '';
 
@@ -248,68 +237,68 @@ in
       enable = true;
       postfix.enable = true;
       extraConfig = ''
-                worker "controller" {
-                  bind_socket = "127.0.0.1:11334";
-                  password = "admin";
-                };
+        worker "controller" {
+          bind_socket = "127.0.0.1:11334";
+          password = "admin";
+        };
 
-                worker "normal" {
-                  bind_socket = "127.0.0.1:11333";
-                };
+        worker "normal" {
+          bind_socket = "127.0.0.1:11333";
+        };
 
-                worker "rspamd_proxy" {
-                  bind_socket = "127.0.0.1:11332";
-                  milter = yes;
-                  timeout = 120s;
-                  upstream "local" {
-                    self_scan = yes;
-                  };
-                };
+        worker "rspamd_proxy" {
+          bind_socket = "127.0.0.1:11332";
+          milter = yes;
+          timeout = 120s;
+          upstream "local" {
+            self_scan = yes;
+          };
+        };
 
-                actions {
-                  reject = 12;
-                  add_header = 6;
-                  greylist = 4;
-                };
+        actions {
+          reject = 12;
+          add_header = 6;
+          greylist = 4;
+        };
 
-                classifier "bayes" {
-                  backend = "redis";
-                  servers = "127.0.0.1:6381";
-                  autolearn = true;
-                  min_learns = 200;
-                  new_schema = true;
-                  cache = true;
+        classifier "bayes" {
+          backend = "redis";
+          servers = "127.0.0.1:6381";
+          autolearn = true;
+          min_learns = 200;
+          new_schema = true;
+          cache = true;
 
-                  statfile {
-                    symbol = "BAYES_HAM";
-                    spam = false;
-                  };
+          statfile {
+            symbol = "BAYES_HAM";
+            spam = false;
+          };
 
-                  statfile {
-                    symbol = "BAYES_SPAM";
-                    spam = true;
-                  };
+          statfile {
+            symbol = "BAYES_SPAM";
+            spam = true;
+          };
 
-                learn_condition = <<EOD
-        return function(task)
-          return true
-        end
-        EOD;
-                };
+        learn_condition = <<EOD
+return function(task)
+  return true
+end
+EOD;
+        };
 
-                rbl {
-                  enabled = true;
-                  rbls = {
-                    spamhaus = {
-                      symbol = "RBL_SPAMHAUS";
-                      rbl = "zen.spamhaus.org";
-                    };
-                    barracuda = {
-                      symbol = "RBL_BARRACUDA";
-                      rbl = "b.barracudacentral.org";
-                    };
-                  };
-                };
+        rbl {
+          enabled = true;
+          rbls = {
+            spamhaus = {
+              symbol = "RBL_SPAMHAUS";
+              rbl = "zen.spamhaus.org";
+            };
+            barracuda = {
+              symbol = "RBL_BARRACUDA";
+              rbl = "b.barracudacentral.org";
+            };
+          };
+        };
       '';
     };
     services.redis.servers.rspamd = {
diff --git a/services/self_host/monitor.nix b/services/self_host/monitor.nix
index 682b103..bbc25a7 100644
--- a/services/self_host/monitor.nix
+++ b/services/self_host/monitor.nix
@@ -8,8 +8,6 @@
 let
   cfg = config.service.selfhost.monitor;
   dashboardsDir = ../../assets/grafana_dashboards;
-  oidc-secret = config.age.secrets.grafana-oidc-secret.path;
-  encryption-key = config.age.secrets.grafana-secret-key.path;
   monitored = [
     "nginx"
     "grafana"
@@ -17,332 +15,247 @@ let
 in
 {
   config = lib.mkIf cfg {
-    services = {
-      grafana = {
-        enable = true;
-        package = pkgs.grafana;
-        dataDir = "/var/lib/grafana";
-        provision = {
-          dashboards.settings.providers = [
-            {
-              name = "nixos-dashboards";
-              type = "file";
-              updateIntervalSeconds = 30;
-              editable = false;
+    services.grafana = {
+      enable = true;
+      package = pkgs.grafana;
+      dataDir = "/var/lib/grafana";
+      provision = {
+        dashboards.settings.providers = [
+          {
+            name = "nixos-dashboards";
+            type = "file";
+            updateIntervalSeconds = 30;
+            editable = false;
 
-              options = {
-                path = "/etc/grafana/dashboards";
-                foldersFromFilesStructure = false;
-              };
-            }
-          ];
-          datasources.settings.datasources = [
-            {
-              name = "Prometheus";
-              type = "prometheus";
-              uid = "prometheus";
-              access = "proxy";
-              url = "http://127.0.0.1:9090";
-              isDefault = true;
-              editable = false;
-              jsonData = {
-                httpMethod = "POST";
-                timeInterval = "15s";
-              };
-            }
-          ];
-        };
-        settings = {
-          server = {
-            root_url = "https://monitor.enium.eu";
-            domain = "monitor.enium.eu";
-            serve_from_sub_path = false;
-          };
-
-          "auth.generic_oauth" = {
-            enabled = true;
-            name = "Enium";
-            allow_sign_up = true;
-            client_id = "grafana";
-            client_secret = "$__file{${oidc-secret}}";
-            scopes = "openid profile email groups";
-            auth_url = "https://auth.enium.eu/ui/oauth2";
-            token_url = "https://auth.enium.eu/oauth2/token";
-            api_url = "https://auth.enium.eu/oauth2/openid/grafana/userinfo";
-            redirect_uri = "https://monitor.enium.eu/login/generic_oauth";
-            use_pkce = true;
-            use_refresh_token = true;
-            login_attribute_path = "preferred_username";
-            name_attribute_path = "name";
-            email_attribute_path = "email";
-            groups_attribute_path = "groups";
-            role_attribute_path = "contains(groups, 'grafana_superadmins@enium.eu') && 'GrafanaAdmin' || contains(groups, 'grafana_admins@enium.eu') && 'Admin' || contains(groups, 'grafana_editors@enium.eu') && 'Editor' || 'Viewer'";
-            allow_assign_grafana_admin = true;
-            role_attribute_strict = false;
-            skip_org_role_sync = false;
-          };
-          log.level = "debug";
-          auth = {
-            disable_login_form = true;
-            disable_signout_menu = false;
-          };
-          security = {
-            secret_key = "$__file{${encryption-key}}";
-            cookie_secure = true;
-            cookie_samesite = "none";
-            allow_embedding = true;
-          };
-        };
-      };
-      prometheus = {
-        enable = true;
-        checkConfig = false;
-        exporters = {
-          blackbox = {
-            enable = true;
-            configFile = pkgs.writeText "blackbox-exporter.yml" ''
-              modules:
-                http_2xx:
-                  prober: http
-                  timeout: 5s
-                  http:
-                    valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
-                    valid_status_codes: []
-                    method: GET
-                    no_follow_redirects: false
-                    fail_if_not_ssl: false
-            '';
-          };
-          node.enable = true;
-          systemd.enable = true;
-        };
-        scrapeConfigs = [
-          {
-            job_name = "systemd_exporter";
-            metrics_path = "/metrics";
-            static_configs = [
-              {
-                targets = [
-                  "127.0.0.1:9558"
-                ];
-              }
-            ];
-          }
-          {
-            job_name = "node_exporter";
-            static_configs = [
-              {
-                targets = [
-                  "127.0.0.1:9100"
-                ];
-              }
-            ];
-          }
-          {
-            job_name = "process_exporter";
-            metrics_path = "/metrics";
-            scheme = "http";
-            static_configs = [
-              {
-                targets = [
-                  "127.0.0.1:9256"
-                ];
-              }
-            ];
-          }
-          {
-            job_name = "blackbox_http_probe";
-            metrics_path = "/probe";
-            params = {
-              module = [
-                "http_2xx"
-              ];
+            options = {
+              path = "/etc/grafana/dashboards";
+              foldersFromFilesStructure = false;
+            };
+          }
+        ];
+        datasources.settings.datasources = [
+          {
+            name = "Prometheus";
+            type = "prometheus";
+            uid = "prometheus";
+            access = "proxy";
+            url = "http://127.0.0.1:9090";
+            isDefault = true;
+            editable = false;
+            jsonData = {
+              httpMethod = "POST";
+              timeInterval = "15s";
             };
-            static_configs = [
-              {
-                targets = [
-                  "https://raphael.parodi.pro"
-                  "https://nextcloud.enium.eu"
-                  "https://htop.enium.eu"
-                  "https://monitor.enium.eu"
-                  "https://ollama.enium.eu"
-                  "http://relance-pas-stp.me:4242"
-                ];
-              }
-            ];
-            relabel_configs = [
-              {
-                source_labels = [ "__address__" ];
-                target_label = "__param_target";
-              }
-              {
-                source_labels = [ "__param_target" ];
-                target_label = "instance";
-              }
-              {
-                target_label = "__address__";
-                replacement = "127.0.0.1:9115";
-              }
-            ];
-            proxy_url = "http://127.0.0.1:9115";
           }
         ];
-        ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
       };
-      loki = {
-        enable = true;
-        configuration = {
-          auth_enabled = false;
-          server = {
-            http_listen_port = 3100;
-            grpc_listen_port = 9095;
-          };
-          common = {
-            path_prefix = "/var/lib/loki";
-            storage = {
-              filesystem = {
-                chunks_directory = "/var/lib/loki/chunks";
-                rules_directory = "/var/lib/loki/rules";
-              };
-            };
-            replication_factor = 1;
-            ring = {
-              instance_addr = "127.0.0.1";
-              kvstore.store = "inmemory";
-            };
-          };
-          schema_config = {
-            configs = [
-              {
-                from = "2024-01-01";
-                store = "tsdb";
-                object_store = "filesystem";
-                schema = "v13";
-                index = {
-                  prefix = "index_";
-                  period = "24h";
-                };
-              }
+      settings = {
+        server = {
+          root_url = "https://monitor.enium.eu";
+          domain = "monitor.enium.eu";
+          serve_from_sub_path = false;
+        };
+
+        "auth.generic_oauth" = {
+          enabled = true;
+          name = "Enium";
+          allow_sign_up = true;
+          client_id = "grafana";
+          client_secret = "$__file{${config.age.secrets.grafana-oidc-secret.path}}";
+          scopes = "openid profile email groups";
+          auth_url = "https://auth.enium.eu/ui/oauth2";
+          token_url = "https://auth.enium.eu/oauth2/token";
+          api_url = "https://auth.enium.eu/oauth2/openid/grafana/userinfo";
+          redirect_uri = "https://monitor.enium.eu/login/generic_oauth";
+          use_pkce = true;
+          use_refresh_token = true;
+          login_attribute_path = "preferred_username";
+          name_attribute_path = "name";
+          email_attribute_path = "email";
+          groups_attribute_path = "groups";
+          role_attribute_path = "contains(groups, 'grafana_superadmins@enium.eu') && 'GrafanaAdmin' || contains(groups, 'grafana_admins@enium.eu') && 'Admin' || contains(groups, 'grafana_editors@enium.eu') && 'Editor' || 'Viewer'";
+          allow_assign_grafana_admin = true;
+          role_attribute_strict = false;
+          skip_org_role_sync = false;
+        };
+        log.level = "debug";
+        auth = {
+          disable_login_form = true;
+          disable_signout_menu = false;
+        };
+        security = {
+          cookie_secure = true;
+          cookie_samesite = "none";
+          allow_embedding = true;
+        };
+      };
+    };
+
+    environment.etc."process-exporter.json".text = builtins.toJSON {
+      procMatchers = lib.map (svc: {
+        name = svc;
+        cmdline = [
+          "${svc}:"
+        ];
+      }) monitored;
+    };
+
+    systemd.services.process_exporter = {
+      description = "Prometheus Process Exporter";
+      after = [ "network.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
+        Restart = "always";
+      };
+    };
+
+    services.prometheus = {
+      enable = true;
+      checkConfig = false;
+      exporters = {
+        blackbox = {
+          enable = true;
+          configFile = pkgs.writeText "blackbox-exporter.yml" ''
+            modules:
+              http_2xx:
+                prober: http
+                timeout: 5s
+                http:
+                  valid_http_versions: ["HTTP/1.1", "HTTP/2.0"]
+                  valid_status_codes: []
+                  method: GET
+                  no_follow_redirects: false
+                  fail_if_not_ssl: false
+          '';
+        };
+        node.enable = true;
+        systemd.enable = true;
+      };
+      scrapeConfigs = [
+        {
+          job_name = "systemd_exporter";
+          metrics_path = "/metrics";
+          static_configs = [
+            {
+              targets = [
+                "127.0.0.1:9558"
+              ];
+            }
+          ];
+        }
+        {
+          job_name = "node_exporter";
+          static_configs = [
+            {
+              targets = [
+                "127.0.0.1:9100"
+              ];
+            }
+          ];
+        }
+        {
+          job_name = "process_exporter";
+          metrics_path = "/metrics";
+          scheme = "http";
+          static_configs = [
+            {
+              targets = [
+                "127.0.0.1:9256"
+              ];
+            }
+          ];
+        }
+        {
+          job_name = "blackbox_http_probe";
+          metrics_path = "/probe";
+          params = {
+            module = [
+              "http_2xx"
             ];
           };
-        };
-      };
-      alloy = {
-        enable = true;
-        configPath = pkgs.writeText "config.alloy" ''
-          loki.source.journal "systemd" {
-            forward_to = [loki.relabel.journal.receiver]
-            relabel_rules = loki.relabel.journal.rules
-            labels = {
-              job = "systemd-journal",
+          static_configs = [
+            {
+              targets = [
+                "https://raphael.parodi.pro"
+                "https://nextcloud.enium.eu"
+                "https://htop.enium.eu"
+                "https://monitor.enium.eu"
+                "https://ollama.enium.eu"
+                "http://relance-pas-stp.me:4242"
+              ];
             }
-          }
-
-          loki.relabel "journal" {
-            forward_to = [loki.write.local.receiver]
-
-            rule {
-              source_labels = ["__journal__systemd_unit"]
-              target_label  = "unit"
-            }
-
-            rule {
-              source_labels = ["__journal_priority_keyword"]
-              target_label  = "level"
-            }
-
-            rule {
-              source_labels = ["__journal__hostname"]
-              target_label  = "hostname"
-            }
-
-            rule {
-              source_labels = ["__journal_syslog_identifier"]
-              target_label  = "syslog_identifier"
-            }
-          }
-
-          loki.write "local" {
-            endpoint {
-              url = "http://localhost:3100/loki/api/v1/push"
-            }
-          }
-        '';
-      };
-      nginx.virtualHosts."monitor.enium.eu" = {
-        enableACME = true;
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://127.0.0.1:3000";
-          proxyWebsockets = true;
-        };
-      };
-    };
-
-    systemd.services = {
-      alloy.serviceConfig.SupplementaryGroups = [ "systemd-journal" ];
-      process_exporter = {
-        description = "Prometheus Process Exporter";
-        after = [ "network.target" ];
-        wantedBy = [ "multi-user.target" ];
-        serviceConfig = {
-          ExecStart = "${pkgs.prometheus-process-exporter}/bin/process-exporter --config.path /etc/process-exporter.json";
-          Restart = "always";
-        };
-      };
-    };
-
-    environment.etc = {
-      "process-exporter.json".text = builtins.toJSON {
-        procMatchers = lib.map (svc: {
-          name = svc;
-          cmdline = [
-            "${svc}:"
           ];
-        }) monitored;
-      };
-      "grafana/dashboards".source = dashboardsDir;
-      "prometheus/services.rules".text = ''
-        groups:
-        - name: services
-          rules:
-          - alert: nginxServiceDown
-            expr: process_up{job="process_exporter",name="nginx"} == 0
-            for: 1m
-            labels:
-              severity: critical
-            annotations:
-              summary: "Processus nginx arrêté"
-              description: "Le processus nginx ne tourne plus depuis >1m."
-
-          - alert: nginxServiceUp
-            expr: process_up{job="process_exporter",name="nginx"} == 1
-            for: 1m
-            labels:
-              severity: info
-            annotations:
-              summary: "Processus nginx rétabli"
-              description: "Le processus nginx tourne de nouveau."
-
-          - alert: grafanaServiceDown
-            expr: process_up{job="process_exporter",name="grafana"} == 0
-            for: 1m
-            labels:
-              severity: critical
-            annotations:
-              summary: "Processus grafana arrêté"
-              description: "Le processus grafana ne tourne plus depuis >1m."
-
-          - alert: grafanaServiceUp
-            expr: process_up{job="process_exporter",name="grafana"} == 1
-            for: 1m
-            labels:
-              severity: info
-            annotations:
-              summary: "Processus grafana rétabli"
-              description: "Le processus grafana tourne de nouveau."
-      '';
+          relabel_configs = [
+            {
+              source_labels = [ "__address__" ];
+              target_label = "__param_target";
+            }
+            {
+              source_labels = [ "__param_target" ];
+              target_label = "instance";
+            }
+            {
+              target_label = "__address__";
+              replacement = "127.0.0.1:9115";
+            }
+          ];
+          proxy_url = "http://127.0.0.1:9115";
+        }
+      ];
+      ruleFiles = lib.mkForce [ "/etc/prometheus/services.rules" ];
     };
 
+    environment.etc."grafana/dashboards".source = dashboardsDir;
+
+    environment.etc."prometheus/services.rules".text = ''
+      groups:
+      - name: services
+        rules:
+        - alert: nginxServiceDown
+          expr: process_up{job="process_exporter",name="nginx"} == 0
+          for: 1m
+          labels:
+            severity: critical
+          annotations:
+            summary: "Processus nginx arrêté"
+            description: "Le processus nginx ne tourne plus depuis >1m."
+
+        - alert: nginxServiceUp
+          expr: process_up{job="process_exporter",name="nginx"} == 1
+          for: 1m
+          labels:
+            severity: info
+          annotations:
+            summary: "Processus nginx rétabli"
+            description: "Le processus nginx tourne de nouveau."
+
+        - alert: grafanaServiceDown
+          expr: process_up{job="process_exporter",name="grafana"} == 0
+          for: 1m
+          labels:
+            severity: critical
+          annotations:
+            summary: "Processus grafana arrêté"
+            description: "Le processus grafana ne tourne plus depuis >1m."
+
+        - alert: grafanaServiceUp
+          expr: process_up{job="process_exporter",name="grafana"} == 1
+          for: 1m
+          labels:
+            severity: info
+          annotations:
+            summary: "Processus grafana rétabli"
+            description: "Le processus grafana tourne de nouveau."
+    '';
+
+    services.nginx.virtualHosts."monitor.enium.eu" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = {
+        proxyPass = "http://127.0.0.1:3000";
+        proxyWebsockets = true;
+      };
+    };
   };
 }
diff --git a/services/self_host/nextcloud.nix b/services/self_host/nextcloud.nix
index d5bb96e..5e8b2d6 100644
--- a/services/self_host/nextcloud.nix
+++ b/services/self_host/nextcloud.nix
@@ -1,9 +1,4 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 
 let
   cfg = config.service.selfhost.nextcloud;
@@ -11,7 +6,7 @@ let
   nextcloud-database = config.age.secrets."nextcloud-database".path;
   dataDir = "/mnt/data/nextcloud";
 in
-{
+  {
   config = lib.mkIf cfg {
     environment.systemPackages = with pkgs; [
       php
@@ -71,7 +66,7 @@ in
       nextcloud = {
         enable = true;
         https = true;
-        package = pkgs.nextcloud33;
+        package = pkgs.nextcloud32;
         hostName = "nextcloud.enium.eu";
         datadir = dataDir;
         config = {
diff --git a/services/self_host/sso.nix b/services/self_host/sso.nix
index aa102a8..e83b5e3 100644
--- a/services/self_host/sso.nix
+++ b/services/self_host/sso.nix
@@ -9,7 +9,8 @@ let
   cfg = config.service.selfhost.sso;
   kanidm-admin = config.age.secrets."kanidm-admin".path;
   kanidm-idmAdmin = config.age.secrets."kanidm-idmAdmin".path;
-  forgejoLogo = pkgs.fetchurl {
+  imagesDir = "/user/share/kanidm/assets";
+  kanidmLogo = pkgs.fetchurl {
     url = "https://raw.githubusercontent.com/doc-sheet/forgejo/refs/heads/forgejo/assets/logo.svg";
     name = "kanidm.svg";
     sha256 = "sha256-rP7aZURtHBfF2OYuGLcKZhbvIN+B596T/3kaOxHUvig=";
@@ -24,16 +25,11 @@ let
     name = "nextcloud.svg";
     sha256 = "sha256-hL51zJkFxUys1CoM8yUxiH8BDw111wh3Qv7eTLm+XYo=";
   };
-  vaultLogo = pkgs.fetchurl {
-    url = "https://raw.githubusercontent.com/dani-garcia/vaultwarden/ba5519167634ebe1e1f0fc10d610d10d1f405101/resources/vaultwarden-icon.svg";
-    name = "vault.svg";
-    sha256 = "sha256-xY/pFVS9puG+Ub0M9WrISrY/eY1Rc+QeceGqHeUVx+8=";
-  };
 in
-{
+  {
   config = lib.mkIf cfg {
     users = {
-      groups.kanidm = { };
+      groups.kanidm = {};
       users.kanidm = {
         isSystemUser = true;
         group = "kanidm";
@@ -43,21 +39,17 @@ in
     security.acme.certs."auth.enium.eu".group = "nginx";
     services = {
       kanidm = {
-        package = pkgs.kanidmWithSecretProvisioning_1_9;
-        server = {
-          enable = true;
-          settings = {
-            domain = "enium.eu";
-            origin = "https://auth.enium.eu";
-            bindaddress = "127.0.0.1:9000";
-            tls_chain = "/var/lib/acme/auth.enium.eu/fullchain.pem";
-            tls_key = "/var/lib/acme/auth.enium.eu/key.pem";
-          };
-        };
-        client = {
-          enable = true;
-          settings.uri = config.services.kanidm.server.settings.origin;
+        package = pkgs.kanidmWithSecretProvisioning_1_8;
+        enableServer = true;
+        serverSettings = {
+          domain = "enium.eu";
+          origin = "https://auth.enium.eu";
+          bindaddress = "127.0.0.1:9000";
+          tls_chain = "/var/lib/acme/auth.enium.eu/fullchain.pem";
+          tls_key = "/var/lib/acme/auth.enium.eu/key.pem";
         };
+        enableClient = true;
+        clientSettings.uri = config.services.kanidm.serverSettings.origin;
         provision = {
           enable = true;
           autoRemove = false;
@@ -74,19 +66,6 @@ in
                 "grafana_superadmins"
                 "forgejo_admins"
                 "nextcloud_user"
-                "vault_admins"
-              ];
-            };
-            deborah = {
-              displayName = "Deborah";
-              legalName = "Deborah Parodi";
-              mailAddresses = [
-                "deborah@enium.eu"
-              ];
-              groups = [
-                "grafana_superadmins"
-                "forgejo_users"
-                "vault_users"
               ];
             };
           };
@@ -109,12 +88,6 @@ in
             forgejo_users = {
               present = true;
             };
-            vault_admins = {
-              present = true;
-            };
-            vault_users = {
-              present = true;
-            };
             nextcloud_user = {
               present = true;
             };
@@ -123,8 +96,8 @@ in
             forgejo = {
               present = true;
               displayName = "Forjego";
-              imageFile = forgejoLogo;
               originUrl = "https://git.enium.eu";
+              imageFile = kanidmLogo;
               originLanding = "https://git.enium.eu/user/oauth2/Enium/callback";
               basicSecretFile = config.age.secrets.forgejo-oidc-secret.path;
               public = false;
@@ -238,47 +211,23 @@ in
                 email = {
                   joinType = "array";
                   valuesByGroup = {
-                    nextcloud_user = [ "mail" ];
+                    nextcloud_user = ["mail"];
                   };
                 };
                 preferred_username = {
                   joinType = "array";
                   valuesByGroup = {
-                    nextcloud_user = [ "name" ];
+                    nextcloud_user = ["name"];
                   };
                 };
                 name = {
                   joinType = "array";
                   valuesByGroup = {
-                    nextcloud_user = [ "displayname" ];
+                    nextcloud_user = ["displayname"];
                   };
                 };
               };
             };
-            vault = {
-              present = true;
-              displayName = "Vault";
-              imageFile = vaultLogo;
-              originUrl = "https://vault.enium.eu";
-              originLanding = "https://vault.enium.eu/identity/connect/oidc-signin";
-              basicSecretFile = config.age.secrets.vault-oidc-secret.path;
-              public = false;
-              enableLocalhostRedirects = false;
-              allowInsecureClientDisablePkce = false;
-              preferShortUsername = true;
-              scopeMaps = {
-                vault_admins = [
-                  "openid"
-                  "profile"
-                  "email"
-                ];
-                vault_users = [
-                  "openid"
-                  "profile"
-                  "email"
-                ];
-              };
-            };
           };
         };
       };
diff --git a/services/self_host/vault.nix b/services/self_host/vault.nix
deleted file mode 100644
index 62f1511..0000000
--- a/services/self_host/vault.nix
+++ /dev/null
@@ -1,35 +0,0 @@
-{ config, ... }:
-
-let
-  vaultEnv = config.age.secrets.vault-secret-env.path;
-in
-{
-  services.vaultwarden = {
-    enable = true;
-
-    environmentFile = vaultEnv;
-
-    config = {
-      DOMAIN = "https://vault.enium.eu";
-      ROCKET_PORT = 8222;
-      SIGNUPS_ALLOWED = false;
-      SSO_ENABLED = true;
-      SSO_CLIENT_ID = "vault";
-      SSO_CLIENT_SECRET = "cat ${config.age.secrets.vault-oidc-secret.path}";
-      SSO_AUTHORITY = "https://auth.enium.eu/oauth2/openid/vault";
-      SSO_SIGNUPS_MATCH_EMAIL = true;
-      SSO_PKCE = true;
-      SSO_SCOPES = "openid profile email";
-      SSO_ONLY = true;
-    };
-  };
-
-  services.nginx.virtualHosts."vault.enium.eu" = {
-    forceSSL = true;
-    enableACME = true;
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:8222";
-      proxyWebsockets = true;
-    };
-  };
-}
diff --git a/services/server/minecraft.nix b/services/server/minecraft.nix
index b719e30..310dc77 100644
--- a/services/server/minecraft.nix
+++ b/services/server/minecraft.nix
@@ -24,67 +24,18 @@ in
 
       servers.enium-pv = {
         enable = true;
-        autoStart = true;
-        package = pkgs.fabricServers.fabric-1_21_11;
-        restart = "always";
-        jvmOpts = "-Xms2048M -Xmx8192M";
+        package = pkgs.fabricServers.fabric-1_20_1;
+        jvmOpts = "-Xms4092M -Xmx4092M";
         serverProperties = {
-          difficulty = 2;
+          difficulty = 3;
           gamemode = 0;
           max-players = 42;
           motd = "§l §3                       Enium Survival§r\n§l   §b                  Whitelisted Server";
-          server-port = 25565;
-          spawn-protection = 0;
+          server-port = 64421;
+          spawn-protection = 16;
           white-list = true;
         };
-        symlinks = {
-          mods = pkgs.linkFarmFromDrvs "mods" (
-            builtins.attrValues {
-              graves = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/kieAM9Us/versions/YiPkk2xn/ly-graves-v3.0.1.jar";
-                sha512 = "sha512-Wo+Sw6nVyqcaS7PWr+p3/+AkTYGAcuqk7heyBos/0jQYkCS/Z9q4Or6DInECkv8Cg4ZctmzrLOt6S8nr/sQYHw==";
-              };
-              lithium = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/gvQqBUqZ/versions/gl30uZvp/lithium-fabric-0.21.2%2Bmc1.21.11.jar";
-                sha512 = "sha512-lGJVEAE+DarxwuK22KRjyTL/YiD5G6WwzV+GhlghXwRtlNB7NGVmD1dsTcJ6WqGD373ByTA/EYlLWyWh3Gw7tg==";
-              };
-              jei = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/u6dRKJwZ/versions/9i2DXscL/jei-1.21.11-fabric-27.3.0.14.jar";
-                sha512 = "sha512-ua8at0LkNpFFIleVM6D6GQthBZvuIh7rt8GSuY0mKjMIJ+dJr5G0wIKqcnsT8oBwkQvlWuitfWAz/cnM1maM9A==";
-              };
-              jade = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/nvQzSEkH/versions/7cBo3s22/Jade-1.21.11-Fabric-21.0.1.jar";
-                sha512 = "sha512-aj1lnOyaPiH+AG6HYN6mNQtkqm1xGA+PCHouKn2U3t2mpfJ+r7+T3nCtxgbHXAe9/NncJb46Ds9ZTgIt7odRGw==";
-              };
-              chuncky = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/fALzjamp/versions/1CpEkmcD/Chunky-Fabric-1.4.55.jar";
-                sha512 = "sha512-O+DgSePepiVrOVzLH33MycayPLex9qcXp80cpV+dvaSJZ53zKGjHJmTrsoygXyw2ZZDR4aEfDcX2n5R5A7rYMw==";
-              };
-              fabric_api = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/gB6TkYEJ/fabric-api-0.140.2%2B1.21.11.jar";
-                sha512 = "sha512-r0RleX2AQBAhpq78jFRyAOfA+MrhNCmb8/r7wxD6gfBVJGsGFPwOA3U49KhE5VqtMKv6PGdGBCKFPfxCbwhtAA==";
-              };
-              create_fly = pkgs.fetchurl {
-                url = "https://cdn.modrinth.com/data/dKvj0eNn/versions/be2IkC5H/create-fly-1.21.11-6.0.8-4.jar";
-                sha512 = "1r9qx8q5s49xlycs9k02ylb0cgn5x0d3s0crl0942kwf2r6vvnk8pv46bxj6p4jnqg4r5c6b4526zjxwdjc1d5fg7613sgv6f71817x";
-              };
-            }
-          );
-        };
-        whitelist = {
-          EniumRaphael = "3134072d-eb2f-49d5-afb4-2a3cc4375100";
-          EniumBenjamin = "63e7d8d3-5090-4323-a7e6-c89707747b4b";
-          EniumTeam = "d4706408-ccfc-4a3d-b128-07db95b34843";
-          Zeldraft = "01cf2ab1-68a5-48c1-a948-76cda9574ae5";
-          dprive05 = "0ad8a45a-417a-40d3-aa10-b67765792c42";
-        };
-        operators = {
-          Zeldraft = {
-            uuid = "01cf2ab1-68a5-48c1-a948-76cda9574ae5";
-            level = 4;
-            bypassesPlayerLimit = true;
-          };
-        };
+        restart = "no";
       };
     };
   };
diff --git a/services/server/teamspeak.nix b/services/server/teamspeak.nix
index c5f4411..4eb26d1 100644
--- a/services/server/teamspeak.nix
+++ b/services/server/teamspeak.nix
@@ -21,13 +21,6 @@ in
         locations."/" = {
           proxyPass = "http://127.0.0.1:9987";
           proxyWebsockets = true;
-          extraConfig = ''
-            proxy_ssl_verify off;
-            proxy_set_header Host $host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Proto https;
-          '';
         };
       };
     };
diff --git a/services/web/portefolio.nix b/services/web/portefolio.nix
index 87db8e1..d54ef44 100644
--- a/services/web/portefolio.nix
+++ b/services/web/portefolio.nix
@@ -36,8 +36,8 @@ in
     };
     security.acme = {
       certs = {
-        "parodi.pro" = { };
-        "raphael.parodi.pro" = { };
+        "parodi.pro" = {};
+        "raphael.parodi.pro" = {};
       };
     };
   };