diff --git a/hosts/alexandria/default.nix b/hosts/alexandria/default.nix
index 756f401..daaec7a 100644
--- a/hosts/alexandria/default.nix
+++ b/hosts/alexandria/default.nix
@@ -18,6 +18,7 @@ in
     ])
     (with self.nixosModules; [
       hetzner
+      nginx
     ])
     inputs.disko.nixosModules.disko
     inputs.sops-nix.nixosModules.sops
diff --git a/hosts/byzantium/default.nix b/hosts/byzantium/default.nix
index be50cd3..8ae2828 100644
--- a/hosts/byzantium/default.nix
+++ b/hosts/byzantium/default.nix
@@ -17,6 +17,7 @@ in
     ])
     (with self.nixosModules; [
       hetzner
+      nginx
     ])
     inputs.disko.nixosModules.disko
     ../../disko/hetzner-osdisk.nix
diff --git a/modules/attic.nix b/modules/attic.nix
index d70c036..a6be872 100644
--- a/modules/attic.nix
+++ b/modules/attic.nix
@@ -10,11 +10,10 @@
 
   systemd.services.attic-watch-store = {
     wantedBy = [ "multi-user.target" ];
-    after = [
+    requires = [
       "network-online.target"
       "nss-lookup.target"
     ];
-    requires = [ "network-online.target" ];
     environment.HOME = "/var/lib/attic-watch-store";
     path = [ pkgs.attic-client ];
 
diff --git a/modules/common.nix b/modules/common.nix
index 2ed371d..36fb7e0 100644
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -28,7 +28,19 @@
   };
 
   security = {
-    polkit.enable = true;
+    polkit = {
+      enable = true;
+
+      # allow me to use systemd without password every time
+      extraConfig = ''
+        polkit.addRule(function(action, subject) {
+          if (action.id == "org.freedesktop.systemd1.manage-units" &&
+            subject.user == "${user.name}") {
+            return polkit.Result.YES;
+          }
+        });
+      '';
+    };
 
     sudo = {
       execWheelOnly = true;
@@ -89,6 +101,9 @@
       vim
       wget
       neofetch
+      pciutils
+      usbutils
+      dig
     ];
   };
 }
diff --git a/modules/default.nix b/modules/default.nix
index db7ef4d..c83612c 100644
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -50,7 +50,6 @@ in
       ];
       server = with modules; [
         headless
-        nginx
         node-exporter
         ssh-access
       ];
diff --git a/modules/home/common.nix b/modules/home/common.nix
index 2a2a860..ac42392 100644
--- a/modules/home/common.nix
+++ b/modules/home/common.nix
@@ -62,14 +62,11 @@
     # utils
     tree
     rsync
-    pciutils
-    usbutils
     ffmpeg-full
     nix-diff
     p7zip
     yq-go
     file
     jq
-    dig
   ];
 }
diff --git a/modules/home/discord/default.nix b/modules/home/discord/default.nix
index a68fb68..9a88826 100644
--- a/modules/home/discord/default.nix
+++ b/modules/home/discord/default.nix
@@ -1,4 +1,8 @@
-{ pkgs, inputs, ... }:
+{
+  pkgs,
+  inputs,
+  ...
+}:
 {
   imports = [ inputs.nixcord.homeManagerModules.nixcord ];
 
@@ -20,7 +24,7 @@
         };
 
         pnpmDeps = prev.pnpmDeps.overrideAttrs (_: {
-          outputHash = "sha256-trrzmHL6PSQKwfaDweIzyfFjGo7SQg5dzaLJvweKsxg=";
+          outputHash = "sha256-K+VHyBOZPWL5OhhcrqdUb2ieTICfS6kyBIC1L+AbMR0=";
         });
 
         # Stop crashing when settings are read-only
diff --git a/modules/networking.nix b/modules/networking.nix
index 8a62988..3b17a39 100644
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -4,10 +4,9 @@
     networkmanager = {
       enable = true;
       wifi = {
-        # backend = "iwd";
+        backend = "iwd";
         powersave = true;
       };
-      dns = "systemd-resolved";
     };
 
     firewall.enable = true;