diff --git a/modules/core/base.nix b/modules/core/base.nix
new file mode 100755
index 0000000..1d4b942
--- /dev/null
+++ b/modules/core/base.nix
@@ -0,0 +1,112 @@
+{ pkgs, config, ... }: {
+  nix = {
+    package = pkgs.nixUnstable; # or versioned attributes like nix_2_4
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+  };
+
+  system.activationScripts.report-nixos-changes = ''
+    if [ -e /run/current-system ] && [ -e $systemConfig ]; then
+      echo System package diff:
+      ${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
+    fi
+
+    NO_FORMAT="\033[0m"
+    F_BOLD="\033[1m"
+    C_RED="\033[38;5;9m"
+    ${pkgs.diffutils}/bin/cmp --silent \
+      <(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
+      <(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
+      || echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
+  '';
+
+  # Select internationalisation properties.
+  console = {
+    #font = "Lat2-Terminus16";
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
+    keyMap = pkgs.lib.mkForce "uk";
+  };
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+  programs.mosh.enable = true;
+
+  # vs code server
+  services.vscode-server.enable = true;
+
+  # set root ssh keys
+  users.users.root.openssh.authorizedKeys = {
+    keys = [
+      # RSA keys go into keyFiles because they're shamefully long
+      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS8xkNH7JvKblekx5oel4HVKCz3uBbQYEaR9Z9nzTAr manuel@ifsr.de"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINogGKyXieCXQvVTa1z3ArS1TlqcVl2sSqvMpOjQo/Um jakob@krbs.me"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjNYNRBsY/Dc+/XOaGDui9tRa4VGPsHwYo3irGnMRbR felix@tycho"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdOcXORg+akeN2t3yZlKWdoTURKxtV29eQ7UrIMkCHv felix@entropy"
+      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH73n+ZfJqNzIh9rPh6JYQaI4OAw9WKkPeqj2XRFmRfQ pascal@ifsr.de"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmb1kv+7HU1QKE53+gNxUhrggbwomC40Xjxd9hACkoo bennofs@d-cube"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0X6L7NwTHiOmFzo8mJBCy6H+DKUePAAXU4amm32DAQ fugi@arch"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHD1ZkrAmC9g5eJPDgv4zuEM+UIIEWromDzM1ltHt4TM fugi@macbook"
+      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBtP2ltExnQL5llOvfSKp6OCZKbPWsa2s6P0i00XyrH helene_emilia.hausmann@mailbox.tu-dresden.de"
+      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXMHwy4AZ9B4pMRBa/P/rb7N3SCas9e7Lp89plTHdFS halcyon@eisvogel.moe"
+      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna simon@mayushii"
+      "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLlITzcTVnSi8EpEW3leSuqYCDhbnJyoGCjFOtIJ0Dl5uRNm0UNXS7AbQtLLylEeI1+/qinQDEWAJ6cBDAaPfNw= rouven@thinkpad"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINJgYI2rXmw4uPXAMmOgqgJEwYfwj/IBExTCzs9Dgo+R w0lff"
+    ];
+    keyFiles = [
+      ../../keys/ssh/marcus-sapphire
+      ../../keys/ssh/schrader
+      ../../keys/ssh/jannusch
+      ../../keys/ssh/jannusch-arch
+      ../../keys/ssh/tassilo
+      ../../keys/ssh/jonasga
+      ../../keys/ssh/rouven
+      ../../keys/ssh/joachim
+    ];
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  # basic shell & editor
+  programs.vim.defaultEditor = true;
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    atop
+    btop
+    bat
+    git
+    htop-vim
+    fd
+    ripgrep
+    tldr
+    tmux
+    usbutils
+    wget
+    neovim
+    helix
+    nmap
+    tcpdump
+    bat
+    dig
+    ethtool
+    iftop
+    ipcalc
+    iperf3
+    ipv6calc
+    lsof
+    ltrace
+    strace
+    mtr
+    traceroute
+    smartmontools
+    sysstat
+    tree
+    whois
+    eza
+    zsh
+    unzip
+  ];
+}
+
diff --git a/modules/core/default.nix b/modules/core/default.nix
index 4feaf37..8fb9099 100755
--- a/modules/core/default.nix
+++ b/modules/core/default.nix
@@ -1,5 +1,4 @@
-{ pkgs, config, ... }: {
-
+{ ... }: {
   imports = [
     ./base.nix
     ./logging.nix
@@ -12,114 +11,4 @@
     ./sssd.nix
     ./zsh.nix
   ];
-
-  nix = {
-    extraOptions = ''
-      experimental-features = nix-command flakes
-    '';
-  };
-
-  system.activationScripts.report-nixos-changes = ''
-    if [ -e /run/current-system ] && [ -e $systemConfig ]; then
-      echo System package diff:
-      ${config.nix.package}/bin/nix store diff-closures /run/current-system $systemConfig || true
-    fi
-
-    NO_FORMAT="\033[0m"
-    F_BOLD="\033[1m"
-    C_RED="\033[38;5;9m"
-    ${pkgs.diffutils}/bin/cmp --silent \
-      <(readlink /run/current-system/{initrd,kernel,kernel-modules}) \
-      <(readlink $systemConfig/{initrd,kernel,kernel-modules}) \
-      || echo -e "''${F_BOLD}''${C_RED}Kernel version changed, reboot is advised.''${NO_FORMAT}"
-  '';
-
-  # Select internationalisation properties.
-  console = {
-    #font = "Lat2-Terminus16";
-    font = "${pkgs.terminus_font}/share/consolefonts/ter-u28n.psf.gz";
-    keyMap = pkgs.lib.mkForce "uk";
-  };
-
-  # Enable the OpenSSH daemon.
-  services.openssh.enable = true;
-  programs.mosh.enable = true;
-
-  # vs code server
-  services.vscode-server.enable = true;
-
-  # set root ssh keys
-  users.users.root.openssh.authorizedKeys = {
-    keys = [
-      # RSA keys go into keyFiles because they're shamefully long
-      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPS8xkNH7JvKblekx5oel4HVKCz3uBbQYEaR9Z9nzTAr manuel@ifsr.de"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINogGKyXieCXQvVTa1z3ArS1TlqcVl2sSqvMpOjQo/Um jakob@krbs.me"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICjNYNRBsY/Dc+/XOaGDui9tRa4VGPsHwYo3irGnMRbR felix@tycho"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDdOcXORg+akeN2t3yZlKWdoTURKxtV29eQ7UrIMkCHv felix@entropy"
-      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIH73n+ZfJqNzIh9rPh6JYQaI4OAw9WKkPeqj2XRFmRfQ pascal@ifsr.de"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAmb1kv+7HU1QKE53+gNxUhrggbwomC40Xjxd9hACkoo bennofs@d-cube"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA0X6L7NwTHiOmFzo8mJBCy6H+DKUePAAXU4amm32DAQ fugi@arch"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHD1ZkrAmC9g5eJPDgv4zuEM+UIIEWromDzM1ltHt4TM fugi@macbook"
-      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICBtP2ltExnQL5llOvfSKp6OCZKbPWsa2s6P0i00XyrH helene_emilia.hausmann@mailbox.tu-dresden.de"
-      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEXMHwy4AZ9B4pMRBa/P/rb7N3SCas9e7Lp89plTHdFS halcyon@eisvogel.moe"
-      # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAJ7qUGZUjiDhQ6Se+aXr9DbgRTG2tx69owqVMkd2bna simon@mayushii"
-      "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLlITzcTVnSi8EpEW3leSuqYCDhbnJyoGCjFOtIJ0Dl5uRNm0UNXS7AbQtLLylEeI1+/qinQDEWAJ6cBDAaPfNw= rouven@thinkpad"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINJgYI2rXmw4uPXAMmOgqgJEwYfwj/IBExTCzs9Dgo+R w0lff"
-    ];
-    keyFiles = [
-      ../../keys/ssh/marcus-sapphire
-      ../../keys/ssh/schrader
-      ../../keys/ssh/jannusch
-      ../../keys/ssh/jannusch-arch
-      ../../keys/ssh/tassilo
-      ../../keys/ssh/jonasga
-      ../../keys/ssh/rouven
-      ../../keys/ssh/joachim
-    ];
-  };
-
-  time.timeZone = "Europe/Berlin";
-
-  # basic shell & editor
-  programs.vim.defaultEditor = true;
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [
-    atop
-    btop
-    bat
-    git
-    htop-vim
-    fd
-    ripgrep
-    tldr
-    tmux
-    usbutils
-    wget
-    neovim
-    helix
-    nmap
-    tcpdump
-    bat
-    dig
-    ethtool
-    iftop
-    ipcalc
-    iperf3
-    ipv6calc
-    lsof
-    ltrace
-    strace
-    mtr
-    traceroute
-    smartmontools
-    sysstat
-    tree
-    whois
-    eza
-    zsh
-    unzip
-  ];
 }
-