diff --git a/flake.nix b/flake.nix
index 18e880d..0a2963e 100644
--- a/flake.nix
+++ b/flake.nix
@@ -199,6 +199,7 @@
             hostPlatform = system;
             overlays = [
               (final: prev: {
+                pinix = inputs.pinix.packages.${system}.default;
                 inherit
                   (customPkgs)
                   minijinja-cli
diff --git a/hosts/magus.nix b/hosts/magus.nix
index 6264ddc..ea2d800 100644
--- a/hosts/magus.nix
+++ b/hosts/magus.nix
@@ -12,21 +12,18 @@
     ./server/hardware-configuration.nix
     ./server/networking.nix
     ./server/security.nix
-    ./server/nginx.nix
     ./server/redis.nix
     ./modules/timezone.nix
     ./modules/docker.nix
     ./modules/npm.nix
     ./modules/nixos.nix
     ./modules/appimage.nix
-    ./modules/core.nix
   ];
+  system.stateVersion = "25.11";
 
-  system.stateVersion = "25.05";
-
-  boot = {
-    loader.grub.enable = true;
-    initrd.availableKernelModules = ["xen_blkfront" "virtio_blk"];
+  boot.loader.grub = {
+    enable = true;
+    efiSupport = false;
   };
 
   environment.systemPackages = with pkgs; [
@@ -35,9 +32,8 @@
     ffmpeg
     yt-dlp
     fastfetch
-    zelliq
+    zellij
   ];
-
   nix = {
     gc = {
       automatic = true;
@@ -46,11 +42,8 @@
     };
     settings.auto-optimise-store = true;
   };
-
   services = {
     fstrim.enable = true;
     xserver.enable = false;
   };
-
-  sound.enable = false;
 }
diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix
deleted file mode 100644
index 6acf427..0000000
--- a/hosts/server/configuration.nix
+++ /dev/null
@@ -1,57 +0,0 @@
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/profiles/qemu-guest.nix")
-    ./disk-config.nix
-  ];
-
-  boot.loader.grub = {
-    enable = true;
-  };
-
-  boot.initrd.availableKernelModules = ["xen_blkfront" "virtio_blk"];
-
-  networking = {
-    hostName = "alteur";
-    useDHCP = false;
-    interfaces.enX0.ipv4.addresses = [
-      {
-        address = "redacted";
-        prefixLength = 24;
-      }
-    ];
-    defaultGateway = "redacted";
-    nameservers = ["8.8.8.8" "8.8.4.4"];
-  };
-
-  services.openssh = {
-    enable = true;
-    ports = [8123];
-    settings = {
-      PermitRootLogin = "prohibit-password";
-      PasswordAuthentication = false;
-    };
-  };
-
-  users.users.root.openssh.authorizedKeys.keys = [
-    "redacted"
-  ];
-
-  environment.systemPackages = with pkgs; [
-    curl
-    git
-    htop
-  ];
-
-  networking.firewall = {
-    enable = true;
-    allowedTCPPorts = [8123 80 443];
-  };
-
-  system.stateVersion = "25.05";
-}
diff --git a/hosts/server/disk-config.nix b/hosts/server/disk-config.nix
index 047edcc..6cf4046 100644
--- a/hosts/server/disk-config.nix
+++ b/hosts/server/disk-config.nix
@@ -1,17 +1,33 @@
 {lib, ...}: {
   disko.devices = {
     disk = {
-      main = {
+      boot = {
         type = "disk";
         device = "/dev/xvda";
         content = {
           type = "gpt";
           partitions = {
-            MBR = {
-              type = "EF02";
+            boot = {
               size = "1M";
-              priority = 1;
+              type = "EF02";
             };
+            mbr = {
+              size = "100%";
+              content = {
+                type = "filesystem";
+                format = "ext4";
+                mountpoint = "/boot";
+              };
+            };
+          };
+        };
+      };
+      main = {
+        type = "disk";
+        device = "/dev/xvdb";
+        content = {
+          type = "gpt";
+          partitions = {
             root = {
               size = "100%";
               content = {
diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix
index a6ba248..ae405ca 100644
--- a/hosts/server/hardware-configuration.nix
+++ b/hosts/server/hardware-configuration.nix
@@ -1,16 +1,18 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
 {
-  imports = [ ];
-
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "platform_pci" "sr_mod" "xen_blkfront" ];
-  boot.initrd.kernelModules = [ "dm-snapshot" ];
-  boot.kernelModules = [ ];
-  boot.extraModulePackages = [ ];
-
+  config,
+  lib,
+  pkgs,
+  modulesPath,
+  ...
+}: {
+  imports = [];
+  boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "sr_mod" "xen_blkfront"];
+  boot.initrd.kernelModules = ["dm-snapshot"];
+  boot.kernelModules = [];
+  boot.extraModulePackages = [];
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's
   # still possible to use this option, but it's recommended to use it in conjunction
diff --git a/hosts/server/security.nix b/hosts/server/security.nix
index dcb55de..7850ea7 100644
--- a/hosts/server/security.nix
+++ b/hosts/server/security.nix
@@ -11,18 +11,15 @@
       PasswordAuthentication = false;
     };
   };
-
-  users.users.root.openssh.authorizedKeys.keyFiles = [
-    ../../.secrets/id_ed25519.pub
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK29z1CTXF77ykGyklPM8X3SxeMYM7zHyoIDGi2C9/HU riiidge.racer@gmail.com"
   ];
-
-  users.users.admin = {
+  users.users.alteur = {
     isNormalUser = true;
     extraGroups = ["wheel" "docker"];
-    openssh.authorizedKeys.keyFiles = [
-      ../../.secrets/id_ed25519.pub
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK29z1CTXF77ykGyklPM8X3SxeMYM7zHyoIDGi2C9/HU riiidge.racer@gmail.com"
     ];
   };
-
   security.sudo.wheelNeedsPassword = false;
 }