diff --git a/TODO.md b/TODO.md
index beb6a6c..a9f40e1 100755
--- a/TODO.md
+++ b/TODO.md
@@ -1,5 +1,4 @@
 ## Next
-- [ ] use the Nix module system instead of projectOnto for `cerulean.mkNexus`
 - [ ] add `options.experimental` for snowflake
 - [ ] add `legacyImports` support
 
@@ -26,29 +25,19 @@
 
 - [ ] go through all flake inputs (recursively) and ENSURE we remove all duplicates by using follows!!
 
-- [X] rename nixos-modules/ to nixos/
-- [X] ensure all machines are in groups.all by default
-
-- [X] fix nixpkgs.nix not working (default not respected)
-- [X] remove dependence on nixpkgs
-
 - [ ] allow multiple privesc methods, the standard is pam_ssh_agent_auth
 
 ## Low Priority
-- [X] rename extraModules to modules?
-- [X] rename specialArgs to args?
-
 - [ ] make an extension to the nix module system (different to mix)
       that allows transformations (ie a stop post config, ie outputs, which
       it then returns instead of config)
+- [ ] support `legacyImports` (?)
 
 - [ ] patch microvm so that acpi=off https://github.com/microvm-nix/microvm.nix/commit/b59a26962bb324cc0a134756a323f3e164409b72
       cause otherwise 2GB causes a failure
 
-- [ ] rewrite the ceru cli in rust
-- [ ] make `ceru` do local and remote deployments
+- [ ] write the cerulean cli
 
-- [ ] support `legacyImports` 
 
 ```nix
 # REF: foxora
diff --git a/cerulean/nixos/default.nix b/cerulean/nixos/default.nix
index edc85cd..664a10c 100644
--- a/cerulean/nixos/default.nix
+++ b/cerulean/nixos/default.nix
@@ -33,7 +33,7 @@
     ]
     ++ (
       if _cerulean.homeManager != null
-      then [./home-manager.nix]
+      then [./home.nix]
       else []
     );
 
diff --git a/cerulean/nixos/home-manager.nix b/cerulean/nixos/home-manager.nix
deleted file mode 100644
index d4d8748..0000000
--- a/cerulean/nixos/home-manager.nix
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright 2025-2026 _cry64 (Emile Clark-Boman)
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#    http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-{
-  root,
-  config,
-  lib,
-  _cerulean,
-  ...
-} @ args: let
-  inherit
-    (builtins)
-    attrNames
-    filter
-    pathExists
-    ;
-in {
-  imports = [
-    _cerulean.homeManager.nixosModules.default
-  ];
-
-  home-manager = {
-    users =
-      config.users.users
-      |> attrNames
-      |> filter (x: pathExists /${root}/homes/${x})
-      |> (x:
-        lib.genAttrs x (y:
-          import /${root}/homes/${y}));
-
-    extraSpecialArgs = _cerulean.specialArgs;
-    sharedModules = [
-      # user configuration
-      (import /${root}/nixpkgs.nix)
-      # options declarations
-      (import ./nixpkgs.nix (args // {contextName = "homes";}))
-
-      ./home.nix
-    ];
-  };
-}
diff --git a/cerulean/nixos/home.nix b/cerulean/nixos/home.nix
index 417e2b7..a63b6e8 100644
--- a/cerulean/nixos/home.nix
+++ b/cerulean/nixos/home.nix
@@ -1,3 +1,69 @@
-{...}: {
-  programs.home-manager.enable = true; # DEBUG: why didn't i enable it already?
+# Copyright 2025-2026 _cry64 (Emile Clark-Boman)
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+{
+  root,
+  config,
+  lib,
+  _cerulean,
+  ...
+} @ args: let
+  inherit
+    (builtins)
+    attrNames
+    filter
+    pathExists
+    ;
+in {
+  imports = [
+    _cerulean.homeManager.nixosModules.default
+  ];
+
+  options = {
+    users.users = lib.mkOption {
+      type = lib.types.attrsOf (lib.types.submodule {
+        options.manageHome = lib.mkOption {
+          type = lib.types.bool;
+          default = true;
+          example = false;
+          description = ''
+            Whether Cerulean should automatically enable home-manager for this user,
+            and manage their home configuration declaratively.
+
+            Enabled by default, but can be disabled if necessary.
+          '';
+        };
+      });
+    };
+  };
+
+  config = {
+    home-manager = {
+      users =
+        config.users.users
+        |> attrNames
+        |> filter (x: pathExists (root + "/homes/${x}"))
+        |> (x:
+          lib.genAttrs x (y:
+            import (root + "/homes/${y}")));
+
+      extraSpecialArgs = _cerulean.specialArgs;
+      sharedModules = [
+        # user configuration
+        (import (root + "/nixpkgs.nix"))
+        # options declarations
+        (import ./nixpkgs.nix (args // {contextName = "homes";}))
+      ];
+    };
+  };
 }
diff --git a/cerulean/nixos/nixpkgs.nix b/cerulean/nixos/nixpkgs.nix
index 03925c8..40a3d57 100644
--- a/cerulean/nixos/nixpkgs.nix
+++ b/cerulean/nixos/nixpkgs.nix
@@ -31,7 +31,7 @@ in {
     default = {};
     description = "Declare package repositories";
     example = {
-      "pkgs" = {
+      "npkgs" = {
         source = "inputs.nixpkgs";
         system = "x86-64-linux";
         config = {
@@ -53,7 +53,7 @@ in {
   config = let
     repos =
       cfg
-      |> (xs: removeAttrs xs ["default"])
+      |> (xs: removeAttrs xs ["base"])
       |> mapAttrs (
         name: args:
           lib.mkForce (
@@ -65,30 +65,27 @@ in {
           )
       );
 
-    # XXX: TODO: would it work to use `base` instead of having default?
-    defaultPkgs =
-      cfg.default or (throw ''
-        Your `nixpkgs.nix` file does not declare a default package source.
-        Ensure you set `nixpkgs.channels.*.default = ...;`
-      '');
+    basePkgs = cfg.base or {};
   in {
     # NOTE: _module.args is a special option that allows us to
     # NOTE: set extend specialArgs from inside the modules.
     # WARNING: pkgs is a reserved specialArg
-    _module.args = removeAttrs repos ["pkgs" "default"];
+    _module.args = removeAttrs repos ["pkgs" "base"];
 
-    nixpkgs =
+    nixpkgs = let
+      nixpkgConfig = {
+        config = lib.mkForce (basePkgs.config or {});
+        overlays = lib.mkForce (basePkgs.overlays or []);
+      };
+    in
       if contextName == "hosts"
-      then {
-        flake.source = lib.mkForce base; # DEBUG: temp while getting base to work
-        overlays = lib.mkForce (defaultPkgs.overlays or {});
-        config = lib.mkForce (defaultPkgs.config or {});
-      }
+      then
+        nixpkgConfig
+        // {
+          flake.source = lib.mkForce base;
+        }
       else if contextName == "homes"
-      then {
-        config = lib.mkForce (defaultPkgs.config or {});
-        overlays = lib.mkForce (defaultPkgs.overlays or []);
-      }
+      then nixpkgConfig
       else {};
   };
 }