diff --git a/external-hosts/fairphone/default.nix b/external-hosts/fairphone/default.nix
deleted file mode 100644
index a8646b8..0000000
--- a/external-hosts/fairphone/default.nix
+++ /dev/null
@@ -1,29 +0,0 @@
-{ self, ... }:
-{
-  imports = [ self.nixosModules.default ];
-
-  nixpkgs.hostPlatform = "aarch64-linux";
-
-  custom = {
-    networking = {
-      overlay = {
-        address = "10.254.250.74";
-        role = "client";
-      };
-      underlay.useDhcp = true;
-    };
-
-    services = {
-      nebula = {
-        publicKeyPath = toString ./keys/nebula.pub;
-        certificatePath = toString ./keys/nebula.crt;
-      };
-
-      syncthing = {
-        enable = true;
-        deviceId = "6ROH65D-E65I5F6-URI4OUZ-RCHFC3B-PMBSIHH-5DNLJPS-SYSUWQY-HKYGHQG";
-        folders = [ "Documents" ];
-      };
-    };
-  };
-}
diff --git a/external-hosts/fairphone/keys/nebula.crt b/external-hosts/fairphone/keys/nebula.crt
deleted file mode 100644
index b1e8d52..0000000
--- a/external-hosts/fairphone/keys/nebula.crt
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN NEBULA CERTIFICATE V2-----
-MIG9oFeACWZhaXJwaG9uZaEHBAUK/vpKGKMTDAZjbGllbnQMCXN5bmN0aGluZ4UE
-aYZd9oYEayh99IcgFUP+GVuq3tcsxWoMTgOEhDMlEFpe1AjCbmBFMjtzRWiCIElb
-0YB49Bb2JcLlgcwZlPGgzNBIxclJSjQWFW00pdEXg0DPZt5bCLCfd1nPUk6ty6R7
-UU+YZkx6A0p26wH8TeOVUIoD/9MxpPgEtewH3CPBZQhKFnmpWzDYgF3/WJY/LkQP
------END NEBULA CERTIFICATE V2-----
diff --git a/external-hosts/fairphone/keys/nebula.pub b/external-hosts/fairphone/keys/nebula.pub
deleted file mode 100644
index fd518a0..0000000
--- a/external-hosts/fairphone/keys/nebula.pub
+++ /dev/null
@@ -1,3 +0,0 @@
------BEGIN NEBULA X25519 PUBLIC KEY-----
-SVvRgHj0FvYlwuWBzBmU8aDM0EjFyUlKNBYVbTSl0Rc=
------END NEBULA X25519 PUBLIC KEY-----
diff --git a/flake-parts/hosts.nix b/flake-parts/hosts.nix
index cf0d0bb..ffa40f8 100644
--- a/flake-parts/hosts.nix
+++ b/flake-parts/hosts.nix
@@ -6,33 +6,21 @@
 }:
 let
   mkHost =
-    hostDir:
+    hostName:
     inputs.nixpkgs.lib.nixosSystem {
       specialArgs = { inherit inputs self; };
       modules =
-        (lib.singleton {
-          networking.hostName = hostDir |> lib.baseNameOf |> lib.unsafeDiscardStringContext;
-        })
+        (lib.singleton { networking = { inherit hostName; }; })
         ++ (
-          hostDir
+          "${self}/hosts/${hostName}"
           |> builtins.readDir
           |> lib.attrNames
-          |> lib.filter (lib.hasSuffix ".nix")
-          |> lib.map (file: "${hostDir}/${file}")
+          |> lib.filter (file: file |> lib.hasSuffix ".nix")
+          |> lib.map (file: "${self}/hosts/${hostName}/${file}")
         );
     };
-
-  mkHosts =
-    baseDir:
-    baseDir
-    |> builtins.readDir
-    |> lib.filterAttrs (_: type: type == "directory")
-    |> lib.mapAttrs (hostName: _: mkHost "${baseDir}/${hostName}");
 in
 {
-  flake = {
-    nixosConfigurations = mkHosts "${self}/hosts";
-    externalConfigurations = mkHosts "${self}/external-hosts";
-    allHosts = self.nixosConfigurations // self.externalConfigurations;
-  };
+  flake.nixosConfigurations =
+    "${self}/hosts" |> self.lib.listDirectoryNames |> self.lib.genAttrs mkHost;
 }
diff --git a/flake-parts/sops-config.nix b/flake-parts/sops-config.nix
index 0f4bf47..1d9f167 100644
--- a/flake-parts/sops-config.nix
+++ b/flake-parts/sops-config.nix
@@ -18,14 +18,14 @@
           };
 
           hostCreationRules =
-            self.allHosts
+            self.nixosConfigurations
             |> lib.attrValues
             |> lib.map (host: host.config.custom.sops)
             |> lib.filter (sops: sops.enable)
             |> lib.map mkCreationRule;
 
           userCreationRules =
-            self.allHosts
+            self.nixosConfigurations
             |> lib.attrValues
             |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
             |> lib.map (host: host.config.home-manager.users.seb.custom.sops)
diff --git a/justfile b/justfile
index 20e4e8b..0eb077f 100644
--- a/justfile
+++ b/justfile
@@ -16,7 +16,7 @@ repair:
     nix-store --verify --check-contents --repair
 
 repl host='$(hostname)':
-    nix repl .#allHosts.{{ host }}
+    nix repl .#nixosConfigurations.{{ host }}
 
 [group('rebuild')]
 rebuild mode:
diff --git a/modules/system/networking/default.nix b/modules/system/networking/default.nix
index 5b790a4..6e7280d 100644
--- a/modules/system/networking/default.nix
+++ b/modules/system/networking/default.nix
@@ -18,7 +18,7 @@ in
     nodes = lib.mkOption {
       type = lib.types.anything;
       default =
-        self.allHosts
+        self.nixosConfigurations
         |> lib.attrValues
         |> lib.map (host: host.config.custom.networking)
         |> lib.map (
diff --git a/modules/system/networking/overlay.nix b/modules/system/networking/overlay.nix
index 910f3aa..df79c58 100644
--- a/modules/system/networking/overlay.nix
+++ b/modules/system/networking/overlay.nix
@@ -57,7 +57,7 @@ in
     dnsServers = lib.mkOption {
       type = lib.types.anything;
       default =
-        self.allHosts
+        self.nixosConfigurations
         |> lib.attrValues
         |> lib.filter (host: host.config.custom.services.dns.enable)
         |> lib.map (host: host.config.custom.networking.overlay.address);
diff --git a/modules/system/services/dns.nix b/modules/system/services/dns.nix
index f4c204f..5847a97 100644
--- a/modules/system/services/dns.nix
+++ b/modules/system/services/dns.nix
@@ -27,7 +27,7 @@ in
                 netCfg.nodes
                 |> lib.map (node: "\"${node.hostName}.${node.overlay.domain}. A ${node.overlay.address}\"");
               serviceRecords =
-                self.allHosts
+                self.nixosConfigurations
                 |> lib.attrValues
                 |> lib.concatMap (
                   host:
diff --git a/modules/system/services/sshd.nix b/modules/system/services/sshd.nix
index 14f35c7..2996290 100644
--- a/modules/system/services/sshd.nix
+++ b/modules/system/services/sshd.nix
@@ -41,7 +41,7 @@ in
     };
 
     users.users.seb.openssh.authorizedKeys.keyFiles =
-      self.allHosts
+      self.nixosConfigurations
       |> lib.attrValues
       |> lib.filter (host: host.config.networking.hostName != netCfg.hostName)
       |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
diff --git a/modules/system/services/syncthing.nix b/modules/system/services/syncthing.nix
index bdccc4c..a745d10 100644
--- a/modules/system/services/syncthing.nix
+++ b/modules/system/services/syncthing.nix
@@ -87,7 +87,7 @@ in
         settings =
           let
             hosts =
-              self.allHosts
+              self.nixosConfigurations
               |> lib.filterAttrs (_: host: host.config.networking.hostName != config.networking.hostName)
               |> lib.filterAttrs (_: host: host.config.custom.services.syncthing.enable);
           in
diff --git a/modules/system/web-services/gatus.nix b/modules/system/web-services/gatus.nix
index aa8d3f4..475c688 100644
--- a/modules/system/web-services/gatus.nix
+++ b/modules/system/web-services/gatus.nix
@@ -173,7 +173,7 @@ in
       web-services.gatus.endpoints =
         let
           defaultEndpoints =
-            self.allHosts
+            self.nixosConfigurations
             |> lib.mapAttrs (
               _: host:
               host.config.custom.services.caddy.virtualHosts |> lib.attrValues |> lib.map (vHost: vHost.domain)
diff --git a/profiles/core.nix b/profiles/core.nix
index 6fb7510..39ff2cc 100644
--- a/profiles/core.nix
+++ b/profiles/core.nix
@@ -112,4 +112,12 @@
       sshd.enable = true;
     };
   };
+
+  services.syncthing.settings = {
+    devices."fairphone" = {
+      id = "6ROH65D-E65I5F6-URI4OUZ-RCHFC3B-PMBSIHH-5DNLJPS-SYSUWQY-HKYGHQG";
+      addresses = "tcp://10.254.250.74:22000";
+    };
+    folders."Documents".devices = [ config.services.syncthing.settings.devices."fairphone".name ];
+  };
 }
diff --git a/scripts/nebula/recert-all-hosts.nix b/scripts/nebula/recert-all-hosts.nix
index f7526b6..d143bda 100644
--- a/scripts/nebula/recert-all-hosts.nix
+++ b/scripts/nebula/recert-all-hosts.nix
@@ -9,7 +9,7 @@ pkgs.writeShellApplication {
   ];
 
   text = ''
-    hosts="$(nix eval .#allHosts --apply 'builtins.attrNames' --json | jq -r '.[]')"
+    hosts="$(nix eval .#nixosConfigurations --apply 'builtins.attrNames' --json | jq -r '.[]')"
 
     if ! declare -px BW_SESSION >/dev/null 2>&1; then
       BW_SESSION="$(bw unlock --raw || bw login --raw)"
diff --git a/scripts/nebula/recert-host.nix b/scripts/nebula/recert-host.nix
index 1aff425..0db5bf2 100644
--- a/scripts/nebula/recert-host.nix
+++ b/scripts/nebula/recert-host.nix
@@ -14,11 +14,11 @@ pkgs.writeShellApplication {
     fi
 
     host="$1"
-    address="$(nix eval --raw ".#allHosts.$host.config.custom.networking.overlay.cidr")"
-    groups="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.groups" --apply 'builtins.concatStringsSep ","')"
+    address="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.networking.overlay.cidr")"
+    groups="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.groups" --apply 'builtins.concatStringsSep ","')"
     ca_cert='modules/system/services/nebula/ca.crt'
-    host_pub="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.publicKeyPath")"
-    host_cert="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.certificatePath")"
+    host_pub="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.publicKeyPath")"
+    host_cert="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.certificatePath")"
     host_cert="''${host_cert#*-source/}"
 
     if [[ $# -eq 2 ]]; then