diff --git a/README.md b/README.md
index eafa717..50ec854 100644
--- a/README.md
+++ b/README.md
@@ -18,7 +18,6 @@ sudo ./rebuild.sh switch
 
 1. Install the latest unstable nix from https://github.com/numtide/nix-unstable-installer (to get nix flakes)
 1. Install nix-darwin: https://github.com/LnL7/nix-darwin
-1. Add home-manager channel: `nix-channel --add https://github.com/nix-community/home-manager/archive/master.tar.gz home-manager; nix-channel --update` (TODO: this requirement should be removed in the future)
 
 ```sh
 ./rebuild.sh switch
diff --git a/common/packages.nix b/common/packages.nix
index bbbb81a..23b154d 100644
--- a/common/packages.nix
+++ b/common/packages.nix
@@ -92,7 +92,6 @@ in
 
         # imaging
         gifsicle
-        gimp
 
         # video
         youtube-dl
@@ -195,6 +194,7 @@ in
         deluge
         discord
         firefox
+        gimp
         minecraft
         postman
         signal-desktop
diff --git a/flake.lock b/flake.lock
index 86ad928..33756ad 100644
--- a/flake.lock
+++ b/flake.lock
@@ -27,11 +27,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1624746582,
-        "narHash": "sha256-5RXicZDUxLjzz64oWXoRqAaTsfnG1oucIB3UIQa0rMI=",
+        "lastModified": 1624796413,
+        "narHash": "sha256-uQWxfcs4MGeWNUJxTRfuPvqaTVLTJAngc4IvxWNaCXs=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "8d3b273afef0e6c3d6d6e4239c9c9d79b1ab6ed7",
+        "rev": "f4998f0adccc60a2b463f1892e3eb42b9715a8ee",
         "type": "github"
       },
       "original": {
diff --git a/flake.nix b/flake.nix
index 227ab67..9917389 100644
--- a/flake.nix
+++ b/flake.nix
@@ -1,15 +1,20 @@
 {
+  description = "nixos and macos configurations";
+
   inputs = {
     home-manager = {
       url = "github:nix-community/home-manager";
-      inputs.nixpkgs.follows = "/nixpkgs";
+      inputs.nixpkgs.follows = "nixpkgs";
     };
 
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
+
     nixos-hardware.url = "github:NixOS/nixos-hardware/master";
 
-    darwin.url = "github:lnl7/nix-darwin";
-    darwin.inputs.nixpkgs.follows = "nixpkgs";
+    darwin = {
+      url = "github:lnl7/nix-darwin";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
   };
 
   outputs = { self, darwin, home-manager, nixpkgs, nixos-hardware }: {
@@ -42,7 +47,7 @@
                 trustedUsers = [ "root" "dave" ];
               };
 
-              nixpkgs.overlays = [ (import ./overlays) ];
+              nixpkgs.overlays = [ (import ./modules/overlays) ];
 
               home-manager = {
                 useGlobalPkgs = true;
@@ -65,13 +70,15 @@
     darwinConfigurations = {
       demeter = darwin.lib.darwinSystem {
         modules = [
+          home-manager.darwinModules.home-manager
           ./common/darwin.nix
           ./common/packages.nix
           ./machines/demeter/configuration.nix
+          ./modules/darwin/default.nix
 
           ({ config, ... }: {
             config = {
-              nixpkgs.overlays = [ (import ./overlays) ];
+              nixpkgs.overlays = [ (import ./modules/overlays) ];
               home-manager = {
                 useGlobalPkgs = true;
                 useUserPackages = true;
diff --git a/machines/demeter/configuration.nix b/machines/demeter/configuration.nix
index 180794f..8547943 100644
--- a/machines/demeter/configuration.nix
+++ b/machines/demeter/configuration.nix
@@ -1,49 +1,12 @@
 { pkgs, ... }:
 
 {
-  imports = [ <home-manager/nix-darwin> ];
-
   nixpkgs.config.allowUnfree = true;
 
   environment = { variables = { LANG = "en_US.UTF-8"; }; };
 
   networking = { hostName = "demeter"; };
 
-  system.defaults = {
-    NSGlobalDomain = {
-      AppleMeasurementUnits = "Centimeters";
-      AppleMetricUnits = 1;
-      AppleShowScrollBars = "Automatic";
-      AppleTemperatureUnit = "Celsius";
-      AppleKeyboardUIMode = 3;
-      ApplePressAndHoldEnabled = false;
-      InitialKeyRepeat = 10;
-      KeyRepeat = 3;
-      _HIHideMenuBar = true;
-    };
-
-    dock = {
-      autohide = true;
-      mru-spaces = false;
-      tilesize = 512;
-    };
-
-    finder = {
-      AppleShowAllExtensions = true;
-      QuitMenuItem = true;
-      FXEnableExtensionChangeWarning = false;
-    };
-
-    trackpad = {
-      Clicking = true;
-      TrackpadThreeFingerDrag = true;
-      TrackpadRightClick = true;
-    };
-
-    # Login and lock screen
-    loginwindow = { GuestEnabled = false; };
-  };
-
   # Auto upgrade nix package and the daemon service.
   services.nix-daemon.enable = true;
   nix.package = pkgs.nixFlakes;
diff --git a/modules/darwin/brew.nix b/modules/darwin/brew.nix
new file mode 100644
index 0000000..4f90578
--- /dev/null
+++ b/modules/darwin/brew.nix
@@ -0,0 +1,43 @@
+{ config, lib, pkgs, ... }:
+
+let
+  checkBrew = "command -v brew > /dev/null";
+in
+{
+  environment = {
+    extraInit = ''
+      ${checkBrew} || >&2 echo "brew is not installed (install it via https://brew.sh)"
+    '';
+  };
+
+  homebrew = {
+    enable = true;
+    autoUpdate = true;
+    global = {
+      brewfile = true;
+      noLock = true;
+    };
+
+    brews = [
+      "aws-sam-cli"
+      "fabianishere/personal/pam_reattach"
+      "netdata"
+    ];
+
+    casks = [
+      "1password"
+      "visual-studio-code"
+    ];
+
+    taps = [
+      "aws/tap"
+      "homebrew/bundle"
+      "homebrew/cask"
+      "homebrew/cask-fonts"
+      "homebrew/cask-versions"
+      "homebrew/core"
+      "homebrew/services"
+    ];
+
+  };
+}
diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix
new file mode 100644
index 0000000..7a55216
--- /dev/null
+++ b/modules/darwin/default.nix
@@ -0,0 +1,6 @@
+{ pkgs, ... }: {
+  imports = [
+    ./brew.nix
+    ./preferences.nix
+  ];
+}
diff --git a/modules/darwin/preferences.nix b/modules/darwin/preferences.nix
new file mode 100644
index 0000000..ae47269
--- /dev/null
+++ b/modules/darwin/preferences.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, ... }: {
+
+  system.defaults = {
+    loginwindow = {
+      GuestEnabled = false;
+      SHOWFULLNAME = false;
+    };
+
+    finder = {
+      AppleShowAllExtensions = true;
+      FXEnableExtensionChangeWarning = true;
+      _FXShowPosixPathInTitle = true;
+    };
+
+    trackpad = {
+      ActuationStrength = 0;
+      Clicking = true;
+      FirstClickThreshold = 1;
+      SecondClickThreshold = 1;
+      TrackpadRightClick = false;
+    };
+
+    # firewall
+    alf = {
+      # 0 = disabled 1 = enabled 2 = blocks all connections except for essential services
+      globalstate = 1;
+      loggingenabled = 0;
+      stealthenabled = 1;
+    };
+
+    dock = {
+      autohide = true;
+      autohide-delay = "0.0";
+      autohide-time-modifier = "1.0";
+      tilesize = 50;
+      static-only = false;
+      showhidden = false;
+      show-recents = false;
+      show-process-indicators = true;
+      orientation = "bottom";
+      mru-spaces = false;
+    };
+
+    NSGlobalDomain = {
+      "com.apple.sound.beep.feedback" = 0;
+      "com.apple.sound.beep.volume" = "0.000";
+      ApplePressAndHoldEnabled = false;
+      # delay before repeating keystrokes
+      InitialKeyRepeat = 10;
+      # delay between repeated keystrokes upon holding a key
+      KeyRepeat = 1;
+      AppleShowAllExtensions = true;
+      AppleShowScrollBars = "Automatic";
+    };
+  };
+
+}
diff --git a/overlays/aws-connect/default.nix b/modules/overlays/aws-connect/default.nix
similarity index 100%
rename from overlays/aws-connect/default.nix
rename to modules/overlays/aws-connect/default.nix
diff --git a/overlays/changedetection.io/default.nix b/modules/overlays/changedetection.io/default.nix
similarity index 100%
rename from overlays/changedetection.io/default.nix
rename to modules/overlays/changedetection.io/default.nix
diff --git a/overlays/changedetection.io/setup.patch b/modules/overlays/changedetection.io/setup.patch
similarity index 100%
rename from overlays/changedetection.io/setup.patch
rename to modules/overlays/changedetection.io/setup.patch
diff --git a/overlays/default.nix b/modules/overlays/default.nix
similarity index 100%
rename from overlays/default.nix
rename to modules/overlays/default.nix
diff --git a/overlays/lastpass/default.nix b/modules/overlays/lastpass/default.nix
similarity index 100%
rename from overlays/lastpass/default.nix
rename to modules/overlays/lastpass/default.nix
diff --git a/overlays/rfd/default.nix b/modules/overlays/rfd/default.nix
similarity index 100%
rename from overlays/rfd/default.nix
rename to modules/overlays/rfd/default.nix
diff --git a/overlays/srv/default.nix b/modules/overlays/srv/default.nix
similarity index 100%
rename from overlays/srv/default.nix
rename to modules/overlays/srv/default.nix
diff --git a/overlays/vpngate/default.nix b/modules/overlays/vpngate/default.nix
similarity index 100%
rename from overlays/vpngate/default.nix
rename to modules/overlays/vpngate/default.nix
diff --git a/overlays/yar/default.nix b/modules/overlays/yar/default.nix
similarity index 100%
rename from overlays/yar/default.nix
rename to modules/overlays/yar/default.nix
diff --git a/rebuild.sh b/rebuild.sh
index 2405ebc..6b9e42d 100755
--- a/rebuild.sh
+++ b/rebuild.sh
@@ -4,17 +4,17 @@ cd "$(dirname "$0")" || exit
 
 uname="$(uname -s)"
 case "${uname}" in
-    Linux*)     machine=linux;;
-    Darwin*)    machine=mac;;
-    *)          machine="unknown"
+Linux*) machine=linux ;;
+Darwin*) machine=mac ;;
+*) machine="unknown" ;;
 esac
 
-if [[ "$machine" ==  "linux" ]]; then
-    exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#'
-elif [[ "$machine" ==  "mac" ]]; then
-    exec darwin-rebuild "$@" --flake . --impure # TODO: What is causing this impurity?
-else 
-    echo 'Unsupported OS.'
-    echo 'Exiting...'
-    exit 1
+if [[ "$machine" == "linux" ]]; then
+	exec nixos-rebuild -I nixos-config="machines/$(hostname)/configuration.nix" "$@" --flake '.#'
+elif [[ "$machine" == "mac" ]]; then
+	exec darwin-rebuild "$@" --flake .
+else
+	echo 'Unsupported OS.'
+	echo 'Exiting...'
+	exit 1
 fi