diff --git a/nixos/modules/services/acme.nix b/nixos/modules/services/acme.nix
index 2224c04..bc650f8 100755
--- a/nixos/modules/services/acme.nix
+++ b/nixos/modules/services/acme.nix
@@ -2,17 +2,15 @@
   config,
   flake,
   ...
-}: let
-  inherit
-    (flake.config.people)
+}:
+let
+  inherit (flake.config.people)
     user0
     ;
-  inherit
-    (flake.config.people.users.${user0})
+  inherit (flake.config.people.users.${user0})
     email
     ;
-  inherit
-    (flake.config.services)
+  inherit (flake.config.services)
     instances
     ;
   domain0 = instances.web.domains.url0;
@@ -25,7 +23,8 @@
     directory = instances.acme.paths.path0;
     environmentFile = config.sops.secrets."dns/namecheap".path;
   };
-in {
+in
+{
   security.acme = {
     acceptTerms = true;
     defaults = {
@@ -33,7 +32,8 @@ in {
       server = "https://acme-v02.api.letsencrypt.org/directory";
     };
     certs = builtins.listToAttrs (
-      (map (service: {
+      (map
+        (service: {
           name = "${instanceName service}.${domain0}";
           value = dnsConfig;
         })
@@ -44,25 +44,31 @@ in {
           "ollama"
           "syncthing"
           "vaultwarden"
-        ])
-      ++ (map (service: {
+        ]
+      )
+      ++ (map
+        (service: {
           name = "${instanceName service}.${domain1}";
           value = dnsConfig;
         })
         [
           "nextcloud"
-          "forgejo"
           "matrix"
           "owncast"
-        ])
-      ++ (map (service: {
+        ]
+      )
+      ++ (map
+        (service: {
           name = "${instanceName service}.${domain3}";
           value = dnsConfig;
         })
         [
           "peertube"
-        ])
-      ++ (map (name: {
+          "forgejo"
+        ]
+      )
+      ++ (map
+        (name: {
           name = name;
           value = dnsConfig;
         })
@@ -70,26 +76,27 @@ in {
           domain0
           domain1
           domain3
-        ])
+        ]
+      )
     );
   };
-  sops = let
-    sopsSecrets = [
-      "pass"
-    ];
-    sopsPath = secret: {
-      path = "/var/lib/secrets/${instances.acme.name}/${dns}-${secret}";
-      owner = "root";
-      mode = "600";
+  sops =
+    let
+      sopsSecrets = [
+        "pass"
+      ];
+      sopsPath = secret: {
+        path = "/var/lib/secrets/${instances.acme.name}/${dns}-${secret}";
+        owner = "root";
+        mode = "600";
+      };
+    in
+    {
+      secrets = builtins.listToAttrs (
+        map (secret: {
+          name = "dns/${dns}";
+          value = sopsPath secret;
+        }) sopsSecrets
+      );
     };
-  in {
-    secrets = builtins.listToAttrs (
-      map
-      (secret: {
-        name = "dns/${dns}";
-        value = sopsPath secret;
-      })
-      sopsSecrets
-    );
-  };
 }