diff --git a/assets/default.nix b/assets/default.nix
index 4d50261..3a194b1 100644
--- a/assets/default.nix
+++ b/assets/default.nix
@@ -1,6 +1,7 @@
 {lib, ...}: {
   options.assets = lib.mkOption {
     type = lib.types.unspecified;
+    readOnly = true;
   };
 
   config.assets = {
diff --git a/assets/ssh.nix b/assets/ssh.nix
index 2ccf33f..b59783a 100644
--- a/assets/ssh.nix
+++ b/assets/ssh.nix
@@ -9,6 +9,7 @@
 
     hijiri-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6tfXLB6xhcl3rtI5x9NXSs12U4LVy06RRlyZxiORa0 nikodem@rabulinski.com";
     kazuki = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIImsFb9qRxX0n2Bmy00T8iPam+Fc3mgKkm7dfM7AQRHN nikodem@rabulinski.com";
+    legion = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHX2MNGZGSTedYAepZHgcx+KK0A6ASulwSrpf9ytb5h nikodem@rabulinski.com";
   };
 
   system = {
diff --git a/hosts/default.nix b/hosts/default.nix
index 5b188da..948d479 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -51,13 +51,7 @@
       time.timeZone = lib.mkDefault "Europe/Warsaw";
     };
   in {
-    nixos = name: module: let
-      defaultOptions = {
-        _file = ./default.nix;
-
-        i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
-      };
-    in
+    nixos = name: module:
       inputs.nixpkgs.lib.nixosSystem {
         modules = [
           inputs.agenix.nixosModules.age
@@ -68,17 +62,12 @@
           self.nixosModules.settei
           self.nixosModules.common
           sharedOptions
-          defaultOptions
           module
         ];
         specialArgs.configurationName = name;
       };
 
-    darwin = name: module: let
-      defaultOptions = {
-        _file = ./default.nix;
-      };
-    in
+    darwin = name: module:
       inputs.darwin.lib.darwinSystem {
         modules = [
           inputs.agenix.darwinModules.age
@@ -87,7 +76,6 @@
           self.darwinModules.settei
           self.darwinModules.common
           sharedOptions
-          defaultOptions
           module
         ];
         specialArgs.configurationName = name;
diff --git a/modules/darwin/common/default.nix b/modules/darwin/common/default.nix
index 9ec50c5..d0ca2f2 100644
--- a/modules/darwin/common/default.nix
+++ b/modules/darwin/common/default.nix
@@ -1,3 +1,7 @@
 {
+  imports = [
+    ../../shared/common
+  ];
+
   system.stateVersion = 4;
 }
diff --git a/modules/nixos/common/default.nix b/modules/nixos/common/default.nix
index 0bac4c7..1978013 100644
--- a/modules/nixos/common/default.nix
+++ b/modules/nixos/common/default.nix
@@ -1,12 +1,17 @@
-{
+{lib, ...}: {
   imports = [
+    ../../shared/common
     ./hercules.nix
   ];
 
-  config = {
-    system.stateVersion = "22.05";
+  system.stateVersion = "22.05";
 
-    # https://github.com/NixOS/nixpkgs/issues/254807
-    boot.swraid.enable = false;
+  # https://github.com/NixOS/nixpkgs/issues/254807
+  boot.swraid.enable = false;
+
+  i18n.defaultLocale = lib.mkDefault "en_US.UTF-8";
+
+  settei.user.config = {
+    services.ssh-agent.enable = true;
   };
 }
diff --git a/modules/nixos/settei/sane-defaults.nix b/modules/nixos/settei/sane-defaults.nix
index c8a045c..09c8064 100644
--- a/modules/nixos/settei/sane-defaults.nix
+++ b/modules/nixos/settei/sane-defaults.nix
@@ -21,6 +21,7 @@ in {
         home = "/home/${username}";
         group = username;
         extraGroups = ["wheel"];
+        # TODO: Probably move this out into common
         openssh.authorizedKeys.keys = let
           configName' =
             args.configurationName
diff --git a/modules/shared/common/default.nix b/modules/shared/common/default.nix
new file mode 100644
index 0000000..853de92
--- /dev/null
+++ b/modules/shared/common/default.nix
@@ -0,0 +1,24 @@
+{
+  config,
+  configurationName,
+  lib,
+  ...
+}: {
+  settei.user.config = {
+    programs.git = {
+      enable = true;
+      difftastic.enable = true;
+      lfs.enable = true;
+      userName = "Nikodem Rabuliński";
+      userEmail = lib.mkDefault "nikodem@rabulinski.com";
+      signing = {
+        key = config.settei.sane-defaults.allSshKeys.${configurationName};
+        signByDefault = true;
+      };
+      extraConfig = {
+        gpg.format = "ssh";
+        push.followTags = true;
+      };
+    };
+  };
+}
diff --git a/modules/shared/settei/sane-defaults.nix b/modules/shared/settei/sane-defaults.nix
index a8ea3c3..e87a092 100644
--- a/modules/shared/settei/sane-defaults.nix
+++ b/modules/shared/settei/sane-defaults.nix
@@ -36,6 +36,9 @@
       or (throw "pass configurationName to module arguments or set networking.hostName yourself")
     );
 
+    # Flakes are unusable without git present so pull it into the environment by default
+    settei.user.config.programs.git.enable = lib.mkDefault true;
+
     nix = {
       settings = {
         experimental-features = ["nix-command" "flakes" "repl-flake" "auto-allocate-uids"];