diff --git a/hosts/chidi/default.nix b/hosts/chidi/default.nix
index 838728b..255a7b8 100644
--- a/hosts/chidi/default.nix
+++ b/hosts/chidi/default.nix
@@ -2,7 +2,7 @@
 	inputs,
 	pkgs,
 	user,
-	constants,
+	hostname,
 	...
 }: {
 	imports = [
@@ -18,8 +18,8 @@
 		inputs.sops-nix.darwinModules.sops
 	];
 
-	networking.hostName = "chidi";
-	networking.computerName = "Chidi";
+	networking.hostName = hostname;
+	networking.computerName = hostname;
 
 	home-manager.users.${user} = {
 		imports = [
diff --git a/hosts/chidi/secrets.nix b/hosts/chidi/secrets.nix
index c660d41..c40a1f6 100644
--- a/hosts/chidi/secrets.nix
+++ b/hosts/chidi/secrets.nix
@@ -1,18 +1,14 @@
-{user, ...}: {
+{
+	user,
+	hostname,
+	...
+}: let
+	secrets = import ../../lib/secrets.nix;
+in {
 	sops.age.keyFile = "/Users/${user}/.config/sops/age/keys.txt";
 
-	sops.secrets = {
-		chidi-syncthing-cert = {
-			sopsFile = ../../secrets/chidi-syncthing-cert;
-			format = "binary";
-			owner = user;
-			path = "/Users/${user}/.config/syncthing/cert.pem";
-		};
-		chidi-syncthing-key = {
-			sopsFile = ../../secrets/chidi-syncthing-key;
-			format = "binary";
-			owner = user;
-			path = "/Users/${user}/.config/syncthing/key.pem";
-		};
+	sops.secrets = secrets.mkSyncthingSecrets {
+		inherit hostname user;
+		isDarwin = true;
 	};
 }
diff --git a/hosts/jason/default.nix b/hosts/jason/default.nix
index 1fe2f6d..d9e70d9 100644
--- a/hosts/jason/default.nix
+++ b/hosts/jason/default.nix
@@ -1,6 +1,7 @@
 {
 	inputs,
 	user,
+	hostname,
 	...
 }: {
 	imports = [
@@ -16,8 +17,8 @@
 		inputs.sops-nix.darwinModules.sops
 	];
 
-	networking.hostName = "jason";
-	networking.computerName = "Jason";
+	networking.hostName = hostname;
+	networking.computerName = hostname;
 
 	home-manager.users.${user} = {
 		imports = [
diff --git a/hosts/jason/secrets.nix b/hosts/jason/secrets.nix
index 4225bd3..4be567f 100644
--- a/hosts/jason/secrets.nix
+++ b/hosts/jason/secrets.nix
@@ -1,20 +1,16 @@
-{user, ...}: {
+{
+	user,
+	hostname,
+	...
+}: let
+	secrets = import ../../lib/secrets.nix;
+in {
 	sops.age.keyFile = "/Users/${user}/.config/sops/age/keys.txt";
 	sops.age.sshKeyPaths = [];
 	sops.gnupg.sshKeyPaths = [];
 
-	sops.secrets = {
-		jason-syncthing-cert = {
-			sopsFile = ../../secrets/jason-syncthing-cert;
-			format = "binary";
-			owner = user;
-			path = "/Users/${user}/.config/syncthing/cert.pem";
-		};
-		jason-syncthing-key = {
-			sopsFile = ../../secrets/jason-syncthing-key;
-			format = "binary";
-			owner = user;
-			path = "/Users/${user}/.config/syncthing/key.pem";
-		};
+	sops.secrets = secrets.mkSyncthingSecrets {
+		inherit hostname user;
+		isDarwin = true;
 	};
 }
diff --git a/hosts/michael/default.nix b/hosts/michael/default.nix
index f97613b..a56a58f 100644
--- a/hosts/michael/default.nix
+++ b/hosts/michael/default.nix
@@ -3,7 +3,6 @@
 	hostname,
 	inputs,
 	user,
-	constants,
 	...
 }: {
 	imports = [
@@ -23,11 +22,6 @@
 	];
 
 	home-manager.users.${user} = {
-		pkgs,
-		lib,
-		...
-	}: {
-		_module.args = {inherit user constants inputs;};
 		imports = [
 			inputs.nixvim.homeModules.nixvim
 			../../profiles/bash.nix
diff --git a/hosts/mindy/default.nix b/hosts/mindy/default.nix
index 9a72576..ed8a06c 100644
--- a/hosts/mindy/default.nix
+++ b/hosts/mindy/default.nix
@@ -3,7 +3,6 @@
 	hostname,
 	inputs,
 	user,
-	constants,
 	...
 }: {
 	imports = [
@@ -25,11 +24,6 @@
 	];
 
 	home-manager.users.${user} = {
-		pkgs,
-		lib,
-		...
-	}: {
-		_module.args = {inherit user constants inputs;};
 		imports = [
 			inputs.nixvim.homeModules.nixvim
 			../../profiles/bash.nix
diff --git a/hosts/tahani/default.nix b/hosts/tahani/default.nix
index 9b58737..88adb5c 100644
--- a/hosts/tahani/default.nix
+++ b/hosts/tahani/default.nix
@@ -2,7 +2,7 @@
 	inputs,
 	pkgs,
 	user,
-	constants,
+	hostname,
 	...
 }: {
 	imports = [
@@ -20,11 +20,6 @@
 	];
 
 	home-manager.users.${user} = {
-		pkgs,
-		lib,
-		...
-	}: {
-		_module.args = {inherit user constants inputs;};
 		imports = [
 			inputs.nixvim.homeModules.nixvim
 			../../profiles/atuin.nix
@@ -60,4 +55,6 @@
 	};
 
 	virtualisation.docker.enable = true;
+
+	networking.hostName = hostname;
 }
diff --git a/hosts/tahani/secrets.nix b/hosts/tahani/secrets.nix
index fc28381..0151420 100644
--- a/hosts/tahani/secrets.nix
+++ b/hosts/tahani/secrets.nix
@@ -1,20 +1,19 @@
-{user, ...}: {
-	sops.secrets = {
-		tahani-syncthing-cert = {
-			sopsFile = ../../secrets/tahani-syncthing-cert;
-			format = "binary";
-			owner = user;
-			path = "/home/${user}/.config/syncthing/cert.pem";
+{
+	user,
+	hostname,
+	...
+}: let
+	secrets = import ../../lib/secrets.nix;
+in {
+	sops.secrets =
+		secrets.mkSyncthingSecrets {
+			inherit hostname user;
+			isDarwin = false;
+		}
+		// {
+			tahani-paperless-password = {
+				sopsFile = ../../secrets/tahani-paperless-password;
+				format = "binary";
+			};
 		};
-		tahani-syncthing-key = {
-			sopsFile = ../../secrets/tahani-syncthing-key;
-			format = "binary";
-			owner = user;
-			path = "/home/${user}/.config/syncthing/key.pem";
-		};
-		tahani-paperless-password = {
-			sopsFile = ../../secrets/tahani-paperless-password;
-			format = "binary";
-		};
-	};
 }
diff --git a/lib/constants.nix b/lib/constants.nix
index 8495a95..d3d7d6b 100644
--- a/lib/constants.nix
+++ b/lib/constants.nix
@@ -11,4 +11,10 @@
 		nixos = "25.11";
 		homeManager = "25.11";
 	};
+
+	syncthingDeviceIds = {
+		tahani = "6B7OZZF-TEAMUGO-FBOELXP-Z4OY7EU-5ZHLB5T-V6Z3UDB-Q2DYR43-QBYW6QM";
+		jason = "42II2VO-QYPJG26-ZS3MB2I-AOPVZ67-JJNSE76-U54CO5Y-634A5OG-ECU4YQA";
+		chidi = "N7W6SUT-QO6J4BE-T3Y65SM-OFGYGNV-TGYBJPX-JVN4Z72-AENZ247-KWXOQA6";
+	};
 }
diff --git a/lib/secrets.nix b/lib/secrets.nix
new file mode 100644
index 0000000..d28ed5e
--- /dev/null
+++ b/lib/secrets.nix
@@ -0,0 +1,25 @@
+{
+	mkSyncthingSecrets = {
+		hostname,
+		user,
+		isDarwin,
+	}: let
+		homeDir =
+			if isDarwin
+			then "/Users/${user}"
+			else "/home/${user}";
+	in {
+		"${hostname}-syncthing-cert" = {
+			sopsFile = ../secrets/${hostname}-syncthing-cert;
+			format = "binary";
+			owner = user;
+			path = "${homeDir}/.config/syncthing/cert.pem";
+		};
+		"${hostname}-syncthing-key" = {
+			sopsFile = ../secrets/${hostname}-syncthing-key;
+			format = "binary";
+			owner = user;
+			path = "${homeDir}/.config/syncthing/key.pem";
+		};
+	};
+}
diff --git a/profiles/darwin.nix b/profiles/darwin.nix
index 44d4290..e36cc8f 100644
--- a/profiles/darwin.nix
+++ b/profiles/darwin.nix
@@ -53,7 +53,7 @@
 	};
 
 	users.users.${user} = {
-		name = "${user}";
+		name = user;
 		home = "/Users/${user}";
 		isHidden = false;
 		shell = pkgs.fish;
diff --git a/profiles/nixos.nix b/profiles/nixos.nix
index 9113f53..5f95b13 100644
--- a/profiles/nixos.nix
+++ b/profiles/nixos.nix
@@ -2,6 +2,7 @@
 	pkgs,
 	user,
 	constants,
+	inputs,
 	...
 }: {
 	security.sudo.enable = true;
@@ -9,8 +10,12 @@
 	system.stateVersion = constants.stateVersions.nixos;
 	time.timeZone = "UTC";
 
+	home-manager.sharedModules = [
+		{_module.args = {inherit user constants inputs;};}
+	];
+
 	nix = {
-		settings.trusted-users = ["${user}"];
+		settings.trusted-users = [user];
 		gc.dates = "weekly";
 		nixPath = ["nixos-config=/home/${user}/.local/share/src/nixos-config:/etc/nixos"];
 	};
diff --git a/profiles/opencode.nix b/profiles/opencode.nix
index 91270da..1f82e35 100644
--- a/profiles/opencode.nix
+++ b/profiles/opencode.nix
@@ -41,7 +41,6 @@
 					'';
 				};
 			};
-			# Antigravity Google models (for opencode-antigravity-auth plugin)
 			provider = {
 				google = {
 					models = {
@@ -128,10 +127,6 @@
 		};
 	};
 
-	# oh-my-opencode configuration
-	# - Disables built-in google_auth (using antigravity plugin instead)
-	# - Oracle uses Zen API (opencode/gpt-5.2) instead of ChatGPT subscription
-	# - Frontend/document/multimodal agents use Antigravity Gemini models
 	home.file.".config/opencode/oh-my-opencode.json".text = builtins.toJSON {
 		"$schema" = "https://raw.githubusercontent.com/code-yeongyu/oh-my-opencode/master/assets/oh-my-opencode.schema.json";
 		google_auth = false;
diff --git a/profiles/syncthing.nix b/profiles/syncthing.nix
index 92f135e..87080b5 100644
--- a/profiles/syncthing.nix
+++ b/profiles/syncthing.nix
@@ -1,6 +1,7 @@
 {
 	user,
 	pkgs,
+	constants,
 	...
 }: let
 	isDarwin = pkgs.stdenv.isDarwin;
@@ -12,36 +13,37 @@
 		if isDarwin
 		then "staff"
 		else "users";
+	deviceIds = constants.syncthingDeviceIds;
 in {
 	services.syncthing = {
 		enable = true;
 		openDefaultPorts = !isDarwin;
 		dataDir = "${homeDir}/.local/share/syncthing";
 		configDir = "${homeDir}/.config/syncthing";
-		user = "${user}";
-		group = group;
+		user = user;
+		inherit group;
 		guiAddress = "0.0.0.0:8384";
 		overrideFolders = true;
 		overrideDevices = true;
 
 		settings = {
 			devices = {
-				"tahani" = {
-					id = "6B7OZZF-TEAMUGO-FBOELXP-Z4OY7EU-5ZHLB5T-V6Z3UDB-Q2DYR43-QBYW6QM";
+				tahani = {
+					id = deviceIds.tahani;
 					addresses = ["tcp://tahani:22000"];
 				};
-				"jason" = {
-					id = "42II2VO-QYPJG26-ZS3MB2I-AOPVZ67-JJNSE76-U54CO5Y-634A5OG-ECU4YQA";
+				jason = {
+					id = deviceIds.jason;
 					addresses = ["tcp://jason:22000"];
 				};
-				"chidi" = {
-					id = "N7W6SUT-QO6J4BE-T3Y65SM-OFGYGNV-TGYBJPX-JVN4Z72-AENZ247-KWXOQA6";
+				chidi = {
+					id = deviceIds.chidi;
 					addresses = ["tcp://chidi:22000"];
 				};
 			};
 
 			folders = {
-				"nixos-config" = {
+				nixos-config = {
 					path = "${homeDir}/nixos-config";
 					devices = ["tahani" "jason" "chidi"];
 				};