diff --git a/common/users/default.nix b/common/users/default.nix
index 7d57210..2dfeed0 100644
--- a/common/users/default.nix
+++ b/common/users/default.nix
@@ -7,10 +7,12 @@
 in {
   users.mutableUsers = false;
   users.users = {
-    root.hashedPassword = user.root.hashedPassword;
+    root = {
+      inherit (user.root) hashedPassword;
+    };
     "${user.primary.userName}" = {
       uid = 1000;
-      hashedPassword = user.primary.hashedPassword;
+      inherit (user.primary) hashedPassword;
       description = user.primary.realName;
       isNormalUser = true;
       extraGroups = ["docker" "libvirtd" "networkmanager" "tss" "wheel"];
diff --git a/home/default.nix b/home/default.nix
index b518631..e141a46 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   imports = [./programs ./services ./wm ./gtk.nix ./persistence.nix];
 
   home.stateVersion = "23.11";
diff --git a/home/persistence.nix b/home/persistence.nix
index 3575b3e..ebbb0e4 100644
--- a/home/persistence.nix
+++ b/home/persistence.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   home.persistence."/persist/home" = {
     allowOther = true;
     directories = [
diff --git a/home/programs/aria2.nix b/home/programs/aria2.nix
index 4ac95e0..a62b8e4 100644
--- a/home/programs/aria2.nix
+++ b/home/programs/aria2.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.aria2 = {
     enable = true;
     settings = {
diff --git a/home/programs/bat.nix b/home/programs/bat.nix
index 8a3a971..bb41bf9 100644
--- a/home/programs/bat.nix
+++ b/home/programs/bat.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.bat = {
     enable = true;
     config = {
diff --git a/home/programs/btop.nix b/home/programs/btop.nix
index d658ceb..f9f78d0 100644
--- a/home/programs/btop.nix
+++ b/home/programs/btop.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   xdg.desktopEntries."btop" = {
     name = "btop++";
     exec = "btop";
diff --git a/home/programs/direnv.nix b/home/programs/direnv.nix
index 3a7b8ad..37f6d99 100644
--- a/home/programs/direnv.nix
+++ b/home/programs/direnv.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.direnv = {
     enable = true;
     nix-direnv.enable = true;
diff --git a/home/programs/exa.nix b/home/programs/exa.nix
index 0e89267..d536373 100644
--- a/home/programs/exa.nix
+++ b/home/programs/exa.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.exa = {
     enable = true;
     enableAliases = true;
diff --git a/home/programs/gnupg.nix b/home/programs/gnupg.nix
index bc51463..4b0dbbd 100644
--- a/home/programs/gnupg.nix
+++ b/home/programs/gnupg.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.gpg = {
     enable = true;
     settings = {
diff --git a/home/programs/starship.nix b/home/programs/starship.nix
index f27893d..b2acd1a 100644
--- a/home/programs/starship.nix
+++ b/home/programs/starship.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.starship = {
     enable = true;
     settings = {
diff --git a/home/programs/yt-dlp.nix b/home/programs/yt-dlp.nix
index 11611d8..83110e5 100644
--- a/home/programs/yt-dlp.nix
+++ b/home/programs/yt-dlp.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.yt-dlp = {
     enable = true;
     settings = {
diff --git a/home/services/default.nix b/home/services/default.nix
index 7d5e760..a6b7596 100644
--- a/home/services/default.nix
+++ b/home/services/default.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   imports = [
     ./aria2c.nix
     ./gpg-agent.nix
diff --git a/home/services/gpg-agent.nix b/home/services/gpg-agent.nix
index 7e0d281..b1a07d0 100644
--- a/home/services/gpg-agent.nix
+++ b/home/services/gpg-agent.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   services = {
     gpg-agent = {
       enable = true;
diff --git a/home/wm/addon/kanshi.nix b/home/wm/addon/kanshi.nix
index d7ce529..5be4f68 100644
--- a/home/wm/addon/kanshi.nix
+++ b/home/wm/addon/kanshi.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   services.kanshi = {
     enable = true;
     systemdTarget = "graphical-session.target";
diff --git a/hosts/rico2/containers/adtya.xyz.nix b/hosts/rico2/containers/adtya.xyz.nix
index 02450c3..15c11c2 100644
--- a/hosts/rico2/containers/adtya.xyz.nix
+++ b/hosts/rico2/containers/adtya.xyz.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   virtualisation.oci-containers.containers."adtya.xyz" = {
     image = "ghcr.io/adtya/adtya.xyz:latest";
     ports = ["3000:80"];
diff --git a/hosts/rico2/hardware/filesystem.nix b/hosts/rico2/hardware/filesystem.nix
index 841fa07..c790e1e 100644
--- a/hosts/rico2/hardware/filesystem.nix
+++ b/hosts/rico2/hardware/filesystem.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   fileSystems."/" = {
     device = "/dev/disk/by-partlabel/NIXOS_ROOT";
     fsType = "btrfs";
diff --git a/hosts/rico2/programs/neovim.nix b/hosts/rico2/programs/neovim.nix
index bf374b2..a70af6e 100644
--- a/hosts/rico2/programs/neovim.nix
+++ b/hosts/rico2/programs/neovim.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.neovim = {
     enable = true;
     defaultEditor = true;
diff --git a/hosts/rico2/programs/starship.nix b/hosts/rico2/programs/starship.nix
index bccee50..3de1b05 100644
--- a/hosts/rico2/programs/starship.nix
+++ b/hosts/rico2/programs/starship.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.starship = {
     enable = true;
     settings = {
diff --git a/hosts/rico2/programs/zsh.nix b/hosts/rico2/programs/zsh.nix
index c2f0082..2a3cb10 100644
--- a/hosts/rico2/programs/zsh.nix
+++ b/hosts/rico2/programs/zsh.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs = {
     zsh = {
       enable = true;
diff --git a/hosts/rico2/security.nix b/hosts/rico2/security.nix
index 534449d..9cca61a 100644
--- a/hosts/rico2/security.nix
+++ b/hosts/rico2/security.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   security = {
     apparmor = {
       enable = true;
diff --git a/hosts/rico2/services/caddy.nix b/hosts/rico2/services/caddy.nix
index d7442e5..31ee96d 100644
--- a/hosts/rico2/services/caddy.nix
+++ b/hosts/rico2/services/caddy.nix
@@ -1,7 +1,7 @@
 {secrets, ...}: {
   services.caddy = {
     enable = true;
-    email = secrets.caddy_config.email;
+    inherit (secrets.caddy_config) email;
 
     virtualHosts."proofs.adtya.xyz" = {
       extraConfig = ''
diff --git a/hosts/rico2/services/frpc.nix b/hosts/rico2/services/frpc.nix
index 46d99ef..878c327 100644
--- a/hosts/rico2/services/frpc.nix
+++ b/hosts/rico2/services/frpc.nix
@@ -3,7 +3,7 @@
   secrets,
   ...
 }: let
-  frp_config = secrets.frp_config;
+  inherit (secrets) frp_config;
 in {
   systemd.services.frpc = {
     enable = true;
diff --git a/hosts/rico2/services/ssh.nix b/hosts/rico2/services/ssh.nix
index 0e47ec2..dc87d2f 100644
--- a/hosts/rico2/services/ssh.nix
+++ b/hosts/rico2/services/ssh.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   services.openssh = {
     enable = true;
     settings = {
diff --git a/hosts/skipper/hardware/filesystem.nix b/hosts/skipper/hardware/filesystem.nix
index 8d89f74..13a6449 100644
--- a/hosts/skipper/hardware/filesystem.nix
+++ b/hosts/skipper/hardware/filesystem.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   fileSystems = {
     "/" = {
       device = "/dev/vg0/system";
diff --git a/hosts/skipper/persistence.nix b/hosts/skipper/persistence.nix
index eacc4bb..d493117 100644
--- a/hosts/skipper/persistence.nix
+++ b/hosts/skipper/persistence.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   environment.persistence."/persist/system" = {
     hideMounts = true;
     directories = [
diff --git a/hosts/skipper/programs/default.nix b/hosts/skipper/programs/default.nix
index b6f769b..8717644 100644
--- a/hosts/skipper/programs/default.nix
+++ b/hosts/skipper/programs/default.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   imports = [
     ./gnupg.nix
     ./neovim.nix
diff --git a/hosts/skipper/programs/gnupg.nix b/hosts/skipper/programs/gnupg.nix
index d85e1b0..6bcc59a 100644
--- a/hosts/skipper/programs/gnupg.nix
+++ b/hosts/skipper/programs/gnupg.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.gnupg.agent = {
     enable = true;
     enableExtraSocket = true;
diff --git a/hosts/skipper/programs/neovim.nix b/hosts/skipper/programs/neovim.nix
index bb21f4c..f8022d5 100644
--- a/hosts/skipper/programs/neovim.nix
+++ b/hosts/skipper/programs/neovim.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   programs.neovim = {
     enable = true;
     defaultEditor = true;
diff --git a/hosts/skipper/rollback.nix b/hosts/skipper/rollback.nix
index 4abbd24..76c1347 100644
--- a/hosts/skipper/rollback.nix
+++ b/hosts/skipper/rollback.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   boot.initrd.systemd.services.rollback = {
     description = "Rollback root subvolume to blank state";
     wantedBy = ["initrd.target"];
diff --git a/hosts/skipper/services/pipewire.nix b/hosts/skipper/services/pipewire.nix
index 78a8a81..313d21b 100644
--- a/hosts/skipper/services/pipewire.nix
+++ b/hosts/skipper/services/pipewire.nix
@@ -1,4 +1,4 @@
-{...}: {
+_: {
   services.pipewire = {
     enable = true;
     alsa.enable = true;