diff --git a/flake.lock b/flake.lock
index 65b8f04..d86d6b5 100644
--- a/flake.lock
+++ b/flake.lock
@@ -175,11 +175,11 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1744777043,
-        "narHash": "sha256-O6jgTxz9BKUiaJl03JsVHvSjtCOC8gHfDvC2UCfcLMc=",
+        "lastModified": 1743689281,
+        "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "7a6f7f4c1c69eee05641beaa40e7f85da8e69fb0",
+        "rev": "2bfc080955153be0be56724be6fa5477b4eefabb",
         "type": "github"
       },
       "original": {
diff --git a/flake/home-manager.nix b/flake/home-manager.nix
index 093ae8c..add889e 100644
--- a/flake/home-manager.nix
+++ b/flake/home-manager.nix
@@ -3,11 +3,6 @@ let
   defaultModules = [
     # Include generic settings
     "${self}/modules/home"
-    {
-      nixpkgs.overlays = (lib.attrValues self.overlays) ++ [
-        inputs.nur.overlays.default
-      ];
-    }
     {
       # Basic user information defaults
       home.username = lib.mkDefault "ambroisie";
@@ -26,15 +21,18 @@ let
     # * not letting me set `lib` as an extraSpecialArgs
     # * not respecting `nixpkgs.overlays` [1]
     # [1]: https://github.com/nix-community/home-manager/issues/2954
-    pkgs = inputs.nixpkgs.legacyPackages.${system};
+    pkgs = import inputs.nixpkgs {
+      inherit system;
+
+      overlays = (lib.attrValues self.overlays) ++ [
+        inputs.nur.overlays.default
+      ];
+    };
 
     modules = defaultModules ++ [
       "${self}/hosts/homes/${name}"
     ];
 
-    # Use my extended lib in NixOS configuration
-    inherit (self) lib;
-
     extraSpecialArgs = {
       # Inject inputs to use them in global registry
       inherit inputs;
diff --git a/hosts/homes/ambroisie@bazin/default.nix b/hosts/homes/ambroisie@bazin/default.nix
index 23f0ba5..f52fbce 100644
--- a/hosts/homes/ambroisie@bazin/default.nix
+++ b/hosts/homes/ambroisie@bazin/default.nix
@@ -13,8 +13,8 @@
       enablePassthrough = true;
 
       terminalFeatures = {
-        # HTerm configured to use a more accurate terminfo entry than `xterm-256color`
-        hterm-256color = { };
+        # HTerm uses `xterm-256color` as its `$TERM`, so use that here
+        xterm-256color = { };
       };
     };
 
diff --git a/hosts/homes/ambroisie@mousqueton/default.nix b/hosts/homes/ambroisie@mousqueton/default.nix
index 163fbe2..37884d7 100644
--- a/hosts/homes/ambroisie@mousqueton/default.nix
+++ b/hosts/homes/ambroisie@mousqueton/default.nix
@@ -19,8 +19,8 @@
       enableResurrect = true;
 
       terminalFeatures = {
-        # HTerm configured to use a more accurate terminfo entry than `xterm-256color`
-        hterm-256color = { };
+        # HTerm uses `xterm-256color` as its `$TERM`, so use that here
+        xterm-256color = { };
       };
     };
   };
diff --git a/hosts/nixos/porthos/secrets/secrets.nix b/hosts/nixos/porthos/secrets/secrets.nix
index b3812b4..425756c 100644
--- a/hosts/nixos/porthos/secrets/secrets.nix
+++ b/hosts/nixos/porthos/secrets/secrets.nix
@@ -81,7 +81,6 @@ in
   "pyload/credentials.age".publicKeys = all;
 
   "servarr/autobrr/session-secret.age".publicKeys = all;
-  "servarr/cross-seed/configuration.json.age".publicKeys = all;
 
   "sso/auth-key.age" = {
     owner = "nginx-sso";
diff --git a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age b/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age
deleted file mode 100644
index e9af03f..0000000
Binary files a/hosts/nixos/porthos/secrets/servarr/cross-seed/configuration.json.age and /dev/null differ
diff --git a/hosts/nixos/porthos/services.nix b/hosts/nixos/porthos/services.nix
index 96f15d3..784eb31 100644
--- a/hosts/nixos/porthos/services.nix
+++ b/hosts/nixos/porthos/services.nix
@@ -51,10 +51,6 @@ in
         passwordFile = secrets."forgejo/mail-password".path;
       };
     };
-    # Home inventory
-    homebox = {
-      enable = true;
-    };
     # Jellyfin media server
     jellyfin.enable = true;
     # Gitea mirrorig service
@@ -148,9 +144,6 @@ in
       autobrr = {
         sessionSecretFile = secrets."servarr/autobrr/session-secret".path;
       };
-      cross-seed = {
-        secretSettingsFile = secrets."servarr/cross-seed/configuration.json".path;
-      };
       # ... But not Lidarr because I don't care for music that much
       lidarr = {
         enable = false;
diff --git a/modules/home/atuin/default.nix b/modules/home/atuin/default.nix
index dbd9690..3f06263 100644
--- a/modules/home/atuin/default.nix
+++ b/modules/home/atuin/default.nix
@@ -8,10 +8,6 @@ in
 
     # I want the full experience by default
     package = mkPackageOption pkgs "atuin" { };
-
-    daemon = {
-      enable = my.mkDisableOption "atuin daemon";
-    };
   };
 
   config = lib.mkIf cfg.enable {
@@ -19,18 +15,12 @@ in
       enable = true;
       inherit (cfg) package;
 
-      daemon = lib.mkIf cfg.daemon.enable {
-        enable = true;
-      };
-
       flags = [
         # I *despise* this hijacking of the up key, even though I use Ctrl-p
         "--disable-up-arrow"
       ];
 
       settings = {
-        # Reasonable date format
-        dialect = "uk";
         # The package is managed by Nix
         update_check = false;
         # I don't care for the fancy display
diff --git a/modules/home/tmux/default.nix b/modules/home/tmux/default.nix
index 1ac11c4..01d48b0 100644
--- a/modules/home/tmux/default.nix
+++ b/modules/home/tmux/default.nix
@@ -148,8 +148,8 @@ in
       # Force underscore style/color for each relevant $TERM
       ${mkTerminalFeatures "underscoreStyle" "usstyle"}
       # FIXME: see https://github.com/folke/tokyonight.nvim#fix-undercurls-in-tmux for additional overrides
-      # ${mkTerminalOverrides "underscoreStyle" "Smulx=\\E[4::%p1%dm"}
-      # ${mkTerminalOverrides "underscoreStyle" "Setulc=\\E[58::2::::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m"}
+      ${mkTerminalOverrides "underscoreStyle" "Smulx=\\E[4::%p1%dm"}
+      ${mkTerminalOverrides "underscoreStyle" "Setulc=\\E[58::2::::%p1%{65536}%/%d::%p1%{256}%/%{255}%&%d::%p1%{255}%&%d%;m"}
     '';
   };
 }
diff --git a/modules/home/vim/plugin/numbertoggle.lua b/modules/home/vim/plugin/numbertoggle.lua
index b1e3df2..8042710 100644
--- a/modules/home/vim/plugin/numbertoggle.lua
+++ b/modules/home/vim/plugin/numbertoggle.lua
@@ -22,3 +22,13 @@ vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "InsertEnter", "WinLeave"
         end
     end,
 })
+
+-- Never show the sign column in a terminal buffer
+vim.api.nvim_create_autocmd({ "TermOpen" }, {
+    pattern = "*",
+    group = numbertoggle,
+    callback = function()
+        vim.opt.number = false
+        vim.opt.relativenumber = false
+    end,
+})
diff --git a/modules/home/vim/plugin/signtoggle.lua b/modules/home/vim/plugin/signtoggle.lua
index 3deca34..9765a81 100644
--- a/modules/home/vim/plugin/signtoggle.lua
+++ b/modules/home/vim/plugin/signtoggle.lua
@@ -1,21 +1,26 @@
 local signtoggle = vim.api.nvim_create_augroup("signtoggle", { clear = true })
 
--- Only show sign column for the currently focused buffer, if it has a number column
+-- Only show sign column for the currently focused buffer
 vim.api.nvim_create_autocmd({ "BufEnter", "FocusGained", "WinEnter" }, {
     pattern = "*",
     group = signtoggle,
     callback = function()
-        if vim.opt.number:get() then
-            vim.opt.signcolumn = "yes"
-        end
+        vim.opt.signcolumn = "yes"
     end,
 })
 vim.api.nvim_create_autocmd({ "BufLeave", "FocusLost", "WinLeave" }, {
     pattern = "*",
     group = signtoggle,
     callback = function()
-        if vim.opt.number:get() then
-            vim.opt.signcolumn = "no"
-        end
+        vim.opt.signcolumn = "no"
+    end,
+})
+
+-- Never show the sign column in a terminal buffer
+vim.api.nvim_create_autocmd({ "TermOpen" }, {
+    pattern = "*",
+    group = signtoggle,
+    callback = function()
+        vim.opt.signcolumn = "no"
     end,
 })
diff --git a/modules/nixos/services/homebox/default.nix b/modules/nixos/services/homebox/default.nix
index 8ed5d77..d79e331 100644
--- a/modules/nixos/services/homebox/default.nix
+++ b/modules/nixos/services/homebox/default.nix
@@ -19,11 +19,6 @@ in
     services.homebox = {
       enable = true;
 
-      # Automatic PostgreSQL provisioning
-      database = {
-        createLocally = true;
-      };
-
       settings = {
         # FIXME: mailer?
         HBOX_WEB_PORT = toString cfg.port;
@@ -33,7 +28,6 @@ in
     my.services.nginx.virtualHosts = {
       homebox = {
         inherit (cfg) port;
-        websocketsLocations = [ "/api" ];
       };
     };
 
diff --git a/modules/nixos/services/servarr/autobrr.nix b/modules/nixos/services/servarr/autobrr.nix
index c3370cb..afb07f4 100644
--- a/modules/nixos/services/servarr/autobrr.nix
+++ b/modules/nixos/services/servarr/autobrr.nix
@@ -1,4 +1,4 @@
-# IRC-based indexer
+# IRC-based
 { config, lib, ... }:
 let
   cfg = config.my.services.servarr.autobrr;
@@ -40,7 +40,6 @@ in
     my.services.nginx.virtualHosts = {
       autobrr = {
         inherit (cfg) port;
-        websocketsLocations = [ "/api" ];
       };
     };
 
@@ -55,7 +54,7 @@ in
     environment.etc = {
       "fail2ban/filter.d/autobrr.conf".text = ''
         [Definition]
-        failregex = "message":"Auth: Failed login attempt username: \[.*\] ip: <HOST>"
+        failregex = ^.*Auth: invalid login \[.*\] from: <HOST>$
         journalmatch = _SYSTEMD_UNIT=autobrr.service
       '';
     };
diff --git a/modules/nixos/services/servarr/cross-seed.nix b/modules/nixos/services/servarr/cross-seed.nix
deleted file mode 100644
index 74f216a..0000000
--- a/modules/nixos/services/servarr/cross-seed.nix
+++ /dev/null
@@ -1,96 +0,0 @@
-# Automatic cross-seeding for video media
-{ config, lib, ... }:
-let
-  cfg = config.my.services.servarr.cross-seed;
-in
-{
-  options.my.services.servarr.cross-seed = with lib; {
-    enable = mkEnableOption "cross-seed daemon" // {
-      default = config.my.services.servarr.enableAll;
-    };
-
-    port = mkOption {
-      type = types.port;
-      default = 2468;
-      example = 8080;
-      description = "Internal port for daemon";
-    };
-
-    linkDirectory = mkOption {
-      type = types.str;
-      default = "/data/downloads/complete/links";
-      example = "/var/lib/cross-seed/links";
-      description = "Link directory";
-    };
-
-    secretSettingsFile = mkOption {
-      type = types.str;
-      example = "/run/secrets/cross-seed-secrets.json";
-      description = ''
-        File containing secret settings.
-      '';
-    };
-  };
-
-  config = lib.mkIf cfg.enable {
-    services.cross-seed = {
-      enable = true;
-      group = "media";
-
-      # Rely on recommended defaults for tracker snatches etc...
-      useGenConfigDefaults = true;
-
-      settings = {
-        inherit (cfg) port;
-        host = "127.0.0.1";
-
-        # Inject torrents to client directly
-        action = "inject";
-        # Query the client for torrents to match
-        useClientTorrents = true;
-        # Use hardlinks
-        linkType = "hardlink";
-        # Use configured link directory
-        linkDirs = [ cfg.linkDirectory ];
-        # Match as many torrents as possible
-        matchMode = "partial";
-        # Cross-seed full season if at least 50% of episodes are already downloaded
-        seasonFromEpisodes = 0.5;
-      };
-
-      settingsFile = cfg.secretSettingsFile;
-    };
-
-    systemd.services.cross-seed = {
-      serviceConfig = {
-        # Loose umask to make cross-seed links readable by `media`
-        UMask = "0002";
-      };
-    };
-
-    # Set-up media group
-    users.groups.media = { };
-
-    my.services.nginx.virtualHosts = {
-      cross-seed = {
-        inherit (cfg) port;
-      };
-    };
-
-    services.fail2ban.jails = {
-      cross-seed = ''
-        enabled = true
-        filter = cross-seed
-        action = iptables-allports
-      '';
-    };
-
-    environment.etc = {
-      "fail2ban/filter.d/cross-seed.conf".text = ''
-        [Definition]
-        failregex = ^.*Unauthorized API access attempt to .* from <HOST>$
-        journalmatch = _SYSTEMD_UNIT=cross-seed.service
-      '';
-    };
-  };
-}
diff --git a/modules/nixos/services/servarr/default.nix b/modules/nixos/services/servarr/default.nix
index dca57cf..409fcdc 100644
--- a/modules/nixos/services/servarr/default.nix
+++ b/modules/nixos/services/servarr/default.nix
@@ -7,7 +7,6 @@
   imports = [
     ./autobrr.nix
     ./bazarr.nix
-    ./cross-seed.nix
     ./jackett.nix
     ./nzbhydra.nix
     ./prowlarr.nix
diff --git a/modules/nixos/services/transmission/default.nix b/modules/nixos/services/transmission/default.nix
index 16d51e3..ac8b24d 100644
--- a/modules/nixos/services/transmission/default.nix
+++ b/modules/nixos/services/transmission/default.nix
@@ -65,8 +65,6 @@ in
         # Proxied behind Nginx.
         rpc-whitelist-enabled = true;
         rpc-whitelist = "127.0.0.1";
-
-        umask = "002"; # To go with `downloadDirPermissions`
       };
     };