diff --git a/hosts/dnsc-server/default.nix b/hosts/dnsc-server/default.nix
index f0574d8..41300f1 100644
--- a/hosts/dnsc-server/default.nix
+++ b/hosts/dnsc-server/default.nix
@@ -11,8 +11,11 @@
     inputs.home-manager.nixosModules.home-manager
     ../../modules/docker
     ../../modules/ups
+    ../../modules/restic
+    ../../modules/samba
     ../../modules/openssh
     ../../modules/jellyfin
+    ../../modules/actual-server
   ];
 
   # General
@@ -55,14 +58,6 @@
 
   # Firewall
   networking.firewall.enable = true;
-  networking.firewall.allowedTCPPorts = [
-    8384 # Syncthing GUI
-    22000 # Syncthing
-  ];
-  networking.firewall.allowedUDPPorts = [
-    22000 # Syncthing
-    21027 # Syncthing
-  ];
 
   # My user account
   users.users.dennis = {
@@ -107,100 +102,21 @@
     jellyfin-ffmpeg
     usbutils
     restic
+    actual-server
   ];
 
-  # Programs
   # GnuPG
   programs.gnupg.agent = {
     enable = true;
     enableSSHSupport = true;
   };
 
-  # Root SSH
-  programs.ssh = {
-    extraConfig = ''
-      Host dnsc-storage
-        AddKeysToAgent yes
-        Hostname u295965.your-storagebox.de
-        User u295965
-        IdentityFile /root/.ssh/id_ed25519
-        IdentitiesOnly yes
-        Port 23
-    '';
-  };
-
-  # Services
   # ZFS
   services.zfs = {
     autoSnapshot.enable = true;
     trim.enable = true;
   };
 
-  # Samba
-  services.samba = {
-    enable = true;
-    openFirewall = true;
-    settings = {
-      global = {
-        "workgroup" = "WORKGROUP";
-        "security" = "user";
-        #"use sendfile" = "yes";
-        #"max protocol" = "smb2";
-        # note: localhost is the ipv6 localhost ::1
-        "hosts allow" = "192.168.178. 127.0.0.1 localhost";
-        "hosts deny" = "0.0.0.0/0";
-        "guest account" = "nobody";
-        "map to guest" = "bad user";
-      };
-      "share" = {
-        "path" = "/main/share";
-        "browseable" = "yes";
-        "writeable" = "yes";
-        "read only" = "no";
-        "guest ok" = "yes";
-        "force user" = "dennis";
-        "force group" = "users";
-      };
-    };
-  };
-
-  services.samba-wsdd = {
-    enable = true;
-    openFirewall = true;
-  };
-
-  services.avahi = {
-    publish.enable = true;
-    publish.userServices = true;
-    nssmdns4 = true;
-    enable = true;
-    openFirewall = true;
-  };
-
-  # Tailscale
-  services.tailscale.enable = true;
-
-  # Backups
-  services.restic.backups = {
-    "dnsc-storage" = {
-      initialize = true;
-      passwordFile = config.age.secrets."restic/password".path;
-      repository = "sftp:dnsc-storage:restic/dnsc-server";
-      paths = [
-        "/home/dennis/notes"
-        "/main/share"
-      ];
-      pruneOpts = [
-        "--keep-last 3"
-      ];
-      timerConfig = {
-        onCalendar = "daily";
-        Persistent = true;
-        RandomizedDelaySec = "5h";
-      };
-    };
-  };
-
   # Environment variables
   environment.variables.EDITOR = "nvim";
 
diff --git a/modules/restic/default.nix b/modules/restic/default.nix
new file mode 100644
index 0000000..c02a594
--- /dev/null
+++ b/modules/restic/default.nix
@@ -0,0 +1,39 @@
+{
+  config,
+  ...
+}:
+
+{
+  # Root SSH
+  programs.ssh = {
+    extraConfig = ''
+      Host dnsc-storage
+        AddKeysToAgent yes
+        Hostname u295965.your-storagebox.de
+        User u295965
+        IdentityFile /root/.ssh/id_ed25519
+        IdentitiesOnly yes
+        Port 23
+    '';
+  };
+
+  services.restic.backups = {
+    "dnsc-storage" = {
+      initialize = true;
+      passwordFile = config.age.secrets."restic/password".path;
+      repository = "sftp:dnsc-storage:restic/dnsc-server";
+      paths = [
+        "/home/dennis/notes"
+        "/main/share"
+      ];
+      pruneOpts = [
+        "--keep-last 3"
+      ];
+      timerConfig = {
+        onCalendar = "daily";
+        Persistent = true;
+        RandomizedDelaySec = "5h";
+      };
+    };
+  };
+}
diff --git a/modules/samba/default.nix b/modules/samba/default.nix
new file mode 100644
index 0000000..0c821f0
--- /dev/null
+++ b/modules/samba/default.nix
@@ -0,0 +1,45 @@
+{ ... }:
+
+{
+  # Samba
+  services.samba = {
+    enable = true;
+    openFirewall = true;
+    settings = {
+      global = {
+        "workgroup" = "WORKGROUP";
+        "security" = "user";
+        #"use sendfile" = "yes";
+        #"max protocol" = "smb2";
+        # note: localhost is the ipv6 localhost ::1
+        "hosts allow" = "192.168.178. 127.0.0.1 localhost";
+        "hosts deny" = "0.0.0.0/0";
+        "guest account" = "nobody";
+        "map to guest" = "bad user";
+      };
+      "share" = {
+        "path" = "/main/share";
+        "browseable" = "yes";
+        "writeable" = "yes";
+        "read only" = "no";
+        "guest ok" = "yes";
+        "force user" = "dennis";
+        "force group" = "users";
+      };
+    };
+  };
+
+  services.samba-wsdd = {
+    enable = true;
+    openFirewall = true;
+  };
+
+  services.avahi = {
+    publish.enable = true;
+    publish.userServices = true;
+    nssmdns4 = true;
+    enable = true;
+    openFirewall = true;
+  };
+
+}
diff --git a/modules/tmux/default.nix b/modules/tmux/default.nix
index 7ebfd74..97ab066 100644
--- a/modules/tmux/default.nix
+++ b/modules/tmux/default.nix
@@ -40,8 +40,8 @@
       set -g status-left ""
       set -g status-right "#[bg=default,fg=magenta]>> #S << #[bg=default,fg=white]#H "
       set -g window-status-current-style bg=default,fg=magenta,bold
-      set-window-option -g window-status-format "  [#I] #W#F  "
-      set-window-option -g window-status-current-format "  [#I] #W#F  "
+      set-window-option -g window-status-format " [#I] #W#F "
+      set-window-option -g window-status-current-format " [#I] #W#F "
       set -g pane-border-style fg=#807c9f
       set -g pane-active-border-style fg=magenta