diff --git a/modules/home/desktop/qutebrowser.nix b/modules/home/desktop/qutebrowser.nix
index 4ff23d7..569e8e1 100644
--- a/modules/home/desktop/qutebrowser.nix
+++ b/modules/home/desktop/qutebrowser.nix
@@ -1,11 +1,6 @@
+{ pkgs, ... }:
 {
-  pkgs,
-  lib,
-  config,
-  ...
-}:
-{
-  programs.qutebrowser = lib.mkIf config.settei.desktop.enable {
+  programs.qutebrowser = {
     # TODO: Enable again
     enable = pkgs.stdenv.isLinux;
     searchEngines = {
diff --git a/modules/system/sane-defaults.nix b/modules/system/sane-defaults.nix
index 9d881bb..2df8471 100644
--- a/modules/system/sane-defaults.nix
+++ b/modules/system/sane-defaults.nix
@@ -108,11 +108,6 @@ let
     boot.kernel.sysctl."kernel.yama.ptrace_scope" = 0;
 
     settei.user.config.services.ssh-agent.enable = true;
-
-    nix.settings = {
-      experimental-features = [ "cgroups" ];
-      use-cgroups = true;
-    };
   };
 
   darwinConfig = lib.optionalAttrs (!isLinux) {
diff --git a/secrets/kanidm-admin-pass.age b/secrets/kanidm-admin-pass.age
deleted file mode 100644
index 2b229b2..0000000
--- a/secrets/kanidm-admin-pass.age
+++ /dev/null
@@ -1,7 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 84j9mw W4+Z4WjOyUl4mWPqVykNWRhf2/8qfVOSM7QCFPNMZTA
-0ndQjslMwjQqguN25nBQtCchpCLhoD/vrxh1yNVeTNw
--> ssh-ed25519 GKhvwg H8XcFJDZTA3IzxmK6wbB+PVM2gCZ4ysAPjL5j0LgeE0
-kehTMRIVOZ5ubtO7w8WF+gU3sjYXMQtd5hH+wcv3uSE
---- 72ntrRbWq8pdkk/GrsVupTttfY9t+w3l+2KQbQyNn/I
-iydìû$vVl TK$4G[€â· ©âMI[™#t—¹ °ôz:‰ñÍÙr9~½ESÃA»6Œ}×µ
\ No newline at end of file
diff --git a/secrets/kanidm-idm-admin-pass.age b/secrets/kanidm-idm-admin-pass.age
deleted file mode 100644
index 0eac321..0000000
--- a/secrets/kanidm-idm-admin-pass.age
+++ /dev/null
@@ -1,8 +0,0 @@
-age-encryption.org/v1
--> ssh-ed25519 84j9mw 8zYeVXx36dpC8TxMdoM1GdERoNNj902KwTF4h/r4inM
-n3mYra0BeM4gWsZ7Roilu14o/GajX1iWw0fcy0q31yc
--> ssh-ed25519 GKhvwg cqd7YmVpbxqZxaVluHDZ8Yw0gNfJCKMmoWa4mEoXym8
-Gbcj+PJaqyPRRGX4olr7mmJ5IoEGlQaogYbj7i9E/98
---- LoQPWI+m8s3NjalUh0+xdW54c8lgddBmhPoIiPbmR8I
-‘ê¢èÒ–ÆœÜ‰ ÈY
-ž9˜ä­Å!4šÞ2DV³£P²·‘9¡N]G;ÎÏ?ˆÐ‰S± '
\ No newline at end of file
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 6cccbf7..c36fbb5 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -93,12 +93,4 @@ in
     keys.system.youko
     keys.other.bootstrap
   ];
-  "kanidm-admin-pass.age".publicKeys = [
-    keys.system.kazuki
-    keys.other.bootstrap
-  ];
-  "kanidm-idm-admin-pass.age".publicKeys = [
-    keys.system.kazuki
-    keys.other.bootstrap
-  ];
 }
diff --git a/services/default.nix b/services/default.nix
index 2fde026..ea3614e 100644
--- a/services/default.nix
+++ b/services/default.nix
@@ -4,6 +4,5 @@
     ./forgejo-runner.nix
     ./forgejo.nix
     ./paperless.nix
-    ./kanidm.nix
   ];
 }
diff --git a/services/kanidm.nix b/services/kanidm.nix
deleted file mode 100644
index 7ebaac7..0000000
--- a/services/kanidm.nix
+++ /dev/null
@@ -1,85 +0,0 @@
-{
-  config.services.kanidm =
-    let
-      port = 8443;
-      domain = "auth.rabulinski.com";
-    in
-    {
-      host = "kazuki";
-      ports = [ port ];
-      module =
-        { config, pkgs, ... }:
-        let
-          cert = config.security.acme.certs.${domain};
-        in
-        {
-          age.secrets.rabulinski-com-cf = {
-            file = ../secrets/rabulinski-com-cf.age;
-            owner = config.services.nginx.user;
-          };
-          age.secrets.kanidm-admin-pass = {
-            file = ../secrets/kanidm-admin-pass.age;
-            owner = "kanidm";
-          };
-          age.secrets.kanidm-idm-admin-pass = {
-            file = ../secrets/kanidm-idm-admin-pass.age;
-            owner = "kanidm";
-          };
-
-          services.kanidm = {
-            enableServer = true;
-            package = pkgs.kanidmWithSecretProvisioning;
-            serverSettings = {
-              bindaddress = "127.0.0.1:${toString port}";
-              inherit domain;
-              origin = "https://${domain}";
-              trust_x_forward_for = true;
-              tls_chain = "${cert.directory}/fullchain.pem";
-              tls_key = "${cert.directory}/key.pem";
-            };
-            provision = {
-              enable = true;
-              idmAdminPasswordFile = config.age.secrets.kanidm-idm-admin-pass.path;
-              adminPasswordFile = config.age.secrets.kanidm-admin-pass.path;
-            };
-          };
-
-          systemd.services.kanidm.serviceConfig = {
-            SupplementaryGroups = [ cert.group ];
-          };
-
-          users.users.nginx.extraGroups = [ "acme" ];
-          networking.firewall.allowedTCPPorts = [
-            80
-            443
-          ];
-
-          services.nginx = {
-            enable = true;
-            recommendedProxySettings = true;
-            recommendedGzipSettings = true;
-            recommendedOptimisation = true;
-            recommendedTlsSettings = true;
-            virtualHosts."auth.rabulinski.com" = {
-              forceSSL = true;
-              enableACME = true;
-              acmeRoot = null;
-              locations."/" = {
-                proxyPass = "https://localhost:${toString port}";
-                proxyWebsockets = true;
-                extraConfig = ''
-                  proxy_ssl_verify off;
-                  proxy_ssl_name ${domain};
-                '';
-              };
-            };
-          };
-
-          security.acme.certs.${domain} = {
-            dnsProvider = "cloudflare";
-            credentialsFile = config.age.secrets.rabulinski-com-cf.path;
-            reloadServices = [ "kanidm" ];
-          };
-        };
-    };
-}