diff --git a/configuration.nix b/configuration.nix
index 7b1a415..9ce668c 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -39,18 +39,12 @@ in {
   environment.systemPackages = with pkgs; [
     wget
     hyfetch
-    vulnix
+    vulnix #
     tree
     file
     util-linux
     btop
     linuxPackages.perf
-    gitea
-    matrix-synapse-tools.synadm
-    matrix-synapse
-
-    pufferpanel
-    (writeShellScriptBin "pufferpanel-nix" "pufferpanel --workDir /var/lib/pufferpanel $@")
   ];
 
   environment.sessionVariables = {
@@ -60,13 +54,19 @@ in {
 
   networking.firewall = {
     enable = true;
-    allowedTCPPorts = [ 80 443 ];
     allowPing = true;
     allowedUDPPortRanges = [];
   };
   
-#  services.nginx.package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
+
+  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  networking.hostName = "grimmauld-nixos-server";
+  networking.domain = "grimmauld.de";
+  services.openssh.enable = true;
+  system.stateVersion = "23.11";
+
   services.nginx = {
+    # package = pkgs.nginxStable.override { openssl = pkgs.libressl; };
     enable = true;
     recommendedGzipSettings = true;
     recommendedOptimisation = true;
@@ -86,12 +86,9 @@ in {
 
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
   nixpkgs.config.allowUnfree = true;
-
   boot.tmp.cleanOnBoot = true;
-  system.stateVersion = "unstable";
+  
   zramSwap.enable = true;
-  networking.hostName = "grimmauld-nixos-server";
-  networking.domain = "grimmauld.de";
-  services.openssh.enable = true;
-#  users.users.root.openssh.authorizedKeys.keys = (import ./authorizedKeys.nix);
+
+  #  users.users.root.openssh.authorizedKeys.keys = (import ./authorizedKeys.nix);
 }
diff --git a/modules/gitea.nix b/modules/gitea.nix
index 0b1a4ee..63dbb18 100644
--- a/modules/gitea.nix
+++ b/modules/gitea.nix
@@ -27,6 +27,10 @@ in {
     lfs.enable = true;
   };
 
+  environment.systemPackages = with pkgs; [
+    gitea
+  ];
+
 
   security.acme.certs."${domain}".extraDomainNames = [ gitea_host];
   networking.firewall.allowedTCPPorts = [ gitea_ssh_port ];
diff --git a/modules/matrix.nix b/modules/matrix.nix
index 700ea41..963e8d1 100644
--- a/modules/matrix.nix
+++ b/modules/matrix.nix
@@ -111,6 +111,10 @@ host    replication     all             ::1/128                 md5
     mode = "0600";
   };
 
+  environment.systemPackages = with pkgs; [
+    matrix-synapse-tools.synadm
+    matrix-synapse
+  ];
 
   services.nginx = {
     enable = true;
diff --git a/modules/puffer.nix b/modules/puffer.nix
index 0b9ce66..ec63366 100644
--- a/modules/puffer.nix
+++ b/modules/puffer.nix
@@ -43,4 +43,8 @@ in {
 #  virtualisation.podman.enable = true;
   virtualisation.docker.enable = true;
 
+  environment.systemPackages = with pkgs; [
+    pufferpanel
+    (writeShellScriptBin "pufferpanel-nix" "pufferpanel --workDir /var/lib/pufferpanel $@")
+  ];
 }