diff --git a/configuration.nix b/configuration.nix
index 42268b0..342b65e 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -22,7 +22,7 @@
 
 
   boot.kernelPackages = pkgs.linuxPackages_latest;
-  boot.tmpOnTmpfs = true;
+  boot.tmp.useTmpfs = true;
   boot.kernel.sysctl = {
     # avoid OOM hangs
     "vm.admin_reserve_kbytes" = 262144;
@@ -32,6 +32,7 @@
   i18n.defaultLocale = "en_US.UTF-8";
 
   systemd.enableEmergencyMode = false;
+  systemd.oomd.enable = false;
 
   networking = {
     hostName = "maxwell";
@@ -175,9 +176,9 @@
 
   services.openssh = {
     enable = true;
-    permitRootLogin = "no";
-    passwordAuthentication = false;
-    kbdInteractiveAuthentication = false;
+    settings.PermitRootLogin = "no";
+    settings.PasswordAuthentication = false;
+    settings.KbdInteractiveAuthentication = false;
   };
 
   # Traceroute easter egg
@@ -239,12 +240,13 @@
   ### Git server
   services.gitea = with config.var; {
     enable  = true;
-    domain  = hostname;
     appName = "Maxwell git server";
-    rootUrl = "https://${hostname}/git/";
     user    = "git";
     database.user = "git";
     settings = {
+      server.ROOT_URL = "https://${hostname}/git/";
+      server.domain = hostname;
+
       session.COOKIE_SECURE = true;
       log.LEVEL = "Error";
       service.DISABLE_REGISTRATION = false;
diff --git a/email.nix b/email.nix
index ba55c88..3ca1b50 100644
--- a/email.nix
+++ b/email.nix
@@ -3,8 +3,8 @@
 {
   imports = [
     (builtins.fetchTarball {
-      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-22.11/nixos-mailserver-nixos-22.11.tar.gz";
-      sha256 = "1h1r4x2ffqwyk0ql6kjvcpg1bdiimyzhrsvn49702fsgzpx57fhd";
+      url = "https://gitlab.com/simple-nixos-mailserver/nixos-mailserver/-/archive/nixos-23.05/nixos-mailserver-nixos-23.05.tar.gz";
+      sha256 = "1ngil2shzkf61qxiqw11awyl81cr7ks2kv3r3k243zz7v2xakm5c";
     })
   ];
 
@@ -31,7 +31,7 @@
     };
 
     # Use Let's Encrypt certificate
-    certificateScheme = 3;
+    certificateScheme = "acme-nginx";
 
     # There is one already (pdns-recursor)
     localDnsResolver = false;
diff --git a/hardware.nix b/hardware.nix
index 137df38..79df6bb 100644
--- a/hardware.nix
+++ b/hardware.nix
@@ -12,7 +12,6 @@
   ];
   boot.loader.grub = { 
     enable  = true;
-    version = 2;
     device  = "/dev/sda";
   };