diff --git a/flake.nix b/flake.nix
index 89b06bd..3297afe 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,7 +3,7 @@
     "Flake to define configurations of 'elss' - ellmauthaler stefan's systems";
 
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
 
     #nix = {
@@ -15,7 +15,7 @@
     nixos-hardware = { url = "github:NixOS/nixos-hardware/master"; };
 
     home-manager = {
-      url = "github:nix-community/home-manager/release-22.11";
+      url = "github:nix-community/home-manager/release-23.05";
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
@@ -79,6 +79,8 @@
             "vscode-extension-ms-vscode-cpptools"
             "zoom"
           ];
+        # testing purposes till https://github.com/NixOS/nixpkgs/issues/224505 is resolved
+        permittedInsecurePackages = [ "openssl-1.1.1t" ];
       };
 
       channels.nixpkgs.overlaysBuilder = channels: [
diff --git a/machines/nucturne/hardware-configuration.nix b/machines/nucturne/hardware-configuration.nix
index eb3c7cc..2d37c5b 100644
--- a/machines/nucturne/hardware-configuration.nix
+++ b/machines/nucturne/hardware-configuration.nix
@@ -1,21 +1,14 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
+{ config, lib, pkgs, modulesPath, ... }: {
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
 
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/da267a3c-34e3-4218-933f-10738ee61eb6";
@@ -32,11 +25,8 @@
     fsType = "vfat";
   };
 
-  swapDevices = [
-    {device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e";}
-  ];
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/0069f1fa-dd8e-4c0a-8f01-a576af29909e"; }];
 
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  # high-resolution display
-  hardware.video.hidpi.enable = lib.mkDefault true;
 }
diff --git a/machines/stel-xps/hardware-configuration.nix b/machines/stel-xps/hardware-configuration.nix
index 6835325..689ef3d 100644
--- a/machines/stel-xps/hardware-configuration.nix
+++ b/machines/stel-xps/hardware-configuration.nix
@@ -1,39 +1,30 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
-{
-  config,
-  lib,
-  pkgs,
-  modulesPath,
-  ...
-}: {
-  imports = [
-    (modulesPath + "/installer/scan/not-detected.nix")
-  ];
+{ config, lib, pkgs, modulesPath, ... }: {
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
 
-  boot.initrd.availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
-  boot.initrd.kernelModules = [];
-  boot.kernelModules = ["kvm-intel"];
-  boot.extraModulePackages = [];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
 
   fileSystems."/" = {
     device = "/dev/disk/by-uuid/6b7f9f80-af34-4317-b017-f883a2316674";
     fsType = "ext4";
   };
 
-  boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/9c84f143-023d-4fcb-a49c-ca78ce69e0e0";
+  boot.initrd.luks.devices."crypted".device =
+    "/dev/disk/by-uuid/9c84f143-023d-4fcb-a49c-ca78ce69e0e0";
 
   fileSystems."/boot" = {
     device = "/dev/disk/by-uuid/39E0-047B";
     fsType = "vfat";
   };
 
-  swapDevices = [
-    {device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0";}
-  ];
+  swapDevices =
+    [{ device = "/dev/disk/by-uuid/93381a25-6704-408e-b091-cfda6cddbda0"; }];
 
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  # high-resolution display
-  hardware.video.hidpi.enable = lib.mkDefault true;
 }
diff --git a/modules/server/gitea.nix b/modules/server/gitea.nix
index 76af8ec..6f32f56 100644
--- a/modules/server/gitea.nix
+++ b/modules/server/gitea.nix
@@ -1,40 +1,29 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 with lib; {
-  config = let
-    cfg = config.elss.server.gitea;
-  in
-    mkIf cfg.enable {
-      services.nginx.virtualHosts."git.ellmauthaler.net" = {
-        enableACME = true;
-        forceSSL = true;
-        locations."/" = {
-          proxyPass = "http://localhost:3001";
-        };
-      };
+  config = let cfg = config.elss.server.gitea;
+  in mkIf cfg.enable {
+    services.nginx.virtualHosts."git.ellmauthaler.net" = {
+      enableACME = true;
+      forceSSL = true;
+      locations."/" = { proxyPass = "http://localhost:3001"; };
+    };
 
-      services.gitea = {
-        enable = true;
-        settings.service = {
-          DISABLE_REGISTRATION = true;
-        };
-        appName = "gitea: ellmauthaler.net gitea service";
-        database = {
-          type = "postgres";
-          host = "/run/posgresql";
-        };
-        domain = "git.ellmauthaler.net";
-        rootUrl = "https://git.ellmauthaler.net";
-        httpPort = 3001;
-        settings = {
-          repository = {
-            DEFAULT_BRANCH = "main";
-          };
+    services.gitea = {
+      enable = true;
+      settings.service = { DISABLE_REGISTRATION = true; };
+      appName = "gitea: ellmauthaler.net gitea service";
+      database = {
+        type = "postgres";
+        host = "/run/posgresql";
+      };
+      settings = {
+        repository = { DEFAULT_BRANCH = "main"; };
+        server = {
+          ROOT_URL = "https://git.ellmauthaler.net";
+          HTTP_PORT = 3001;
+          DOMAIN = "git.ellmauthaler.net";
         };
       };
     };
+  };
 }
diff --git a/modules/server/nextcloud.nix b/modules/server/nextcloud.nix
index 0ca1fa5..1cd4af8 100644
--- a/modules/server/nextcloud.nix
+++ b/modules/server/nextcloud.nix
@@ -1,47 +1,40 @@
-{
-  config,
-  pkgs,
-  lib,
-  ...
-}:
+{ config, pkgs, lib, ... }:
 with lib; {
-  config = let
-    cfg = config.elss.server.nextcloud;
-  in
-    mkIf cfg.enable {
-      elss.server.sql.enable = mkDefault true;
-      services.nextcloud = {
-        enable = true;
-        package = pkgs.nextcloud25;
-        hostName = "cloudstore.ellmauthaler.net";
-        https = true;
-        enableBrokenCiphersForSSE = false;
-        config = {
-          dbtype = "pgsql";
-          dbuser = "nextcloud";
-          dbname = "nextcloud";
-          adminuser = "storemin";
-          adminpassFile = config.sops.secrets.storemin.path;
-          dbhost = "/run/postgresql";
-          defaultPhoneRegion = "DE";
-        };
-      };
-
-      services.nginx.virtualHosts."cloudstore.ellmauthaler.net" = {
-        enableACME = true;
-        forceSSL = true;
-      };
-
-      systemd.services."nextcloud-setup" = {
-        requires = ["postgresql.service"];
-        after = ["postrgresql.service"];
-      };
-      sops.secrets = {
-        storemin = {
-          owner = "nextcloud";
-          group = "nextcloud";
-          sopsFile = ../../secrets/server.yaml;
-        };
+  config = let cfg = config.elss.server.nextcloud;
+  in mkIf cfg.enable {
+    elss.server.sql.enable = mkDefault true;
+    services.nextcloud = {
+      enable = true;
+      package = pkgs.nextcloud26;
+      hostName = "cloudstore.ellmauthaler.net";
+      https = true;
+      enableBrokenCiphersForSSE = false;
+      config = {
+        dbtype = "pgsql";
+        dbuser = "nextcloud";
+        dbname = "nextcloud";
+        adminuser = "storemin";
+        adminpassFile = config.sops.secrets.storemin.path;
+        dbhost = "/run/postgresql";
+        defaultPhoneRegion = "DE";
       };
     };
+
+    services.nginx.virtualHosts."cloudstore.ellmauthaler.net" = {
+      enableACME = true;
+      forceSSL = true;
+    };
+
+    systemd.services."nextcloud-setup" = {
+      requires = [ "postgresql.service" ];
+      after = [ "postrgresql.service" ];
+    };
+    sops.secrets = {
+      storemin = {
+        owner = "nextcloud";
+        group = "nextcloud";
+        sopsFile = ../../secrets/server.yaml;
+      };
+    };
+  };
 }
diff --git a/modules/ssh.nix b/modules/ssh.nix
index a9ba863..0ddf300 100644
--- a/modules/ssh.nix
+++ b/modules/ssh.nix
@@ -1,20 +1,15 @@
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
+{ config, lib, pkgs, ... }:
 with lib; {
   options.elss.sshd.enable = mkEnableOption "Set up sshd";
 
-  config = let
-    cfg = config.elss.sshd;
-  in
-    mkIf cfg.enable {
-      services.openssh = {
-        enable = true;
-        passwordAuthentication = false;
-        permitRootLogin = "no";
+  config = let cfg = config.elss.sshd;
+  in mkIf cfg.enable {
+    services.openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = "no";
       };
     };
+  };
 }
diff --git a/templates/base/flake.nix b/templates/base/flake.nix
index 3f769af..04f6283 100644
--- a/templates/base/flake.nix
+++ b/templates/base/flake.nix
@@ -2,29 +2,18 @@
   description = "basic tool setup flake";
 
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
     flake-utils.url = "github:numtide/flake-utils";
     flake-utils-plus.url = "github:gytis-ivaskevicius/flake-utils-plus";
   };
 
-  outputs = {
-    self,
-    nixpkgs,
-    nixpkgs-unstable,
-    flake-utils,
-    flake-utils-plus,
-    ...
-  } @ inputs:
-    {}
-    // (flake-utils.lib.eachDefaultSystem (
-      system: let
-        unstable = import nixpkgs-unstable {
-          inherit system;
-        };
-        pkgs = import nixpkgs {
-          inherit system;
-        };
+  outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, flake-utils-plus
+    , ... }@inputs:
+    { } // (flake-utils.lib.eachDefaultSystem (system:
+      let
+        unstable = import nixpkgs-unstable { inherit system; };
+        pkgs = import nixpkgs { inherit system; };
       in rec {
         devShell = pkgs.mkShell {
           buildInputs = [
@@ -32,6 +21,5 @@
             # pkgs.clingo
           ];
         };
-      }
-    ));
+      }));
 }
diff --git a/templates/rust/flake.nix b/templates/rust/flake.nix
index 0ff252b..d96fa30 100644
--- a/templates/rust/flake.nix
+++ b/templates/rust/flake.nix
@@ -2,7 +2,7 @@
   description = "basic rust flake";
 
   inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
     rust-overlay = {
       url = "github:oxalica/rust-overlay";
@@ -18,24 +18,16 @@
     };
   };
 
-  outputs = {
-    self,
-    nixpkgs,
-    nixpkgs-unstable,
-    flake-utils,
-    gitignoresrc,
-    rust-overlay,
-    ...
-  } @ inputs:
+  outputs = { self, nixpkgs, nixpkgs-unstable, flake-utils, gitignoresrc
+    , rust-overlay, ... }@inputs:
     {
       #overlay = import ./nix { inherit gitignoresrc; };
-    }
-    // (flake-utils.lib.eachDefaultSystem (
-      system: let
-        unstable = import nixpkgs-unstable {inherit system;};
+    } // (flake-utils.lib.eachDefaultSystem (system:
+      let
+        unstable = import nixpkgs-unstable { inherit system; };
         pkgs = import nixpkgs {
           inherit system;
-          overlays = [(import rust-overlay)];
+          overlays = [ (import rust-overlay) ];
         };
       in rec {
         devShell = pkgs.mkShell {
@@ -54,6 +46,5 @@
             pkgs.kcov
           ];
         };
-      }
-    ));
+      }));
 }