diff --git a/config/davmail/davmail.properties b/config/davmail/davmail.properties
new file mode 100644
index 0000000..34879c5
--- /dev/null
+++ b/config/davmail/davmail.properties
@@ -0,0 +1,33 @@
+# DavMail configuration
+# See: http://davmail.sourceforge.net/serversetup.html
+
+davmail.server=true
+davmail.disableUpdateCheck=true
+davmail.mode=O365Manual
+davmail.url=https://outlook.office365.com/EWS/Exchange.asmx
+davmail.keepDelay=30
+
+# Ports
+davmail.caldavPort=1080
+davmail.imapPort=1143
+davmail.ldapPort=1389
+davmail.popPort=1110
+davmail.smtpPort=1025
+
+# Logging
+davmail.logFilePath=/tmp/davmail.log
+davmail.logFileSize=1MB
+
+# OAuth token storage
+davmail.oauth.tokenFilePath=/Users/rayandrew/.local/state/davmail-tokens
+
+# Log levels
+log4j.logger.davmail=WARN
+log4j.logger.httpclient.wire=WARN
+log4j.logger.org.apache.commons.httpclient=WARN
+log4j.rootLogger=WARN
+
+# log4j.logger.davmail=DEBUG
+# log4j.logger.httpclient.wire=DEBUG
+# log4j.logger.org.apache.commons.httpclient=DEBUG
+# log4j.rootLogger=DEBUG
diff --git a/config/mbsync/mbsyncrc b/config/mbsync/mbsyncrc
new file mode 100644
index 0000000..ddd9908
--- /dev/null
+++ b/config/mbsync/mbsyncrc
@@ -0,0 +1,55 @@
+# mbsync configuration
+# Run: mbsync -a
+
+# Personal Gmail account
+IMAPAccount personal
+Host imap.gmail.com
+User raydreww@gmail.com
+PassCmd "sops -d --extract '[\"personal\"]' ~/dotfiles/home/email/secrets.yaml"
+TLSType IMAPS
+CertificateFile /etc/ssl/certs/ca-certificates.crt
+
+IMAPStore personal-remote
+Account personal
+
+MaildirStore personal-local
+Path ~/mail/personal/
+Inbox ~/mail/personal/Inbox
+SubFolders Verbatim
+
+Channel personal
+Far :personal-remote:
+Near :personal-local:
+Create Both
+Expunge Both
+Patterns * !"[Airmail]/Done" !"[Airmail]/Snooze" !"[Airmail]/To Do" !"[Airmail]/Send Later" !"[Gmail]/All Mail" !"[Gmail]/Important" !"[Gmail]/Starred" !"[Gmail]/Bin"
+Remove None
+SyncState *
+
+
+# UChicago account (via DavMail)
+IMAPAccount uchicago
+Host 127.0.0.1
+Port 1143
+User rayandrew@uchicago.edu
+PassCmd "sops -d --extract '[\"uchicago\"]' ~/dotfiles/home/email/secrets.yaml"
+TLSType None
+AuthMechs LOGIN
+Timeout 0
+
+IMAPStore uchicago-remote
+Account uchicago
+
+MaildirStore uchicago-local
+Path ~/mail/uchicago/
+Inbox ~/mail/uchicago/Inbox
+SubFolders Verbatim
+
+Channel uchicago
+Far :uchicago-remote:
+Near :uchicago-local:
+Create Both
+Expunge Both
+Patterns * !"[Airmail]/Done" !"[Airmail]/Snooze" !"[Airmail]/To Do" !"[Airmail]/Send Later"
+Remove None
+SyncState *
diff --git a/config/neomutt/accounts/personal b/config/neomutt/accounts/personal
new file mode 100644
index 0000000..0e2cac2
--- /dev/null
+++ b/config/neomutt/accounts/personal
@@ -0,0 +1,38 @@
+# Personal Gmail account configuration
+unmailboxes *
+
+set ssl_force_tls = yes
+set certificate_file = /etc/ssl/certs/ca-certificates.crt
+
+# GPG
+set crypt_autosign = yes
+set crypt_opportunistic_encrypt = no
+set pgp_use_gpg_agent = yes
+set mbox_type = Maildir
+set sort = "threads"
+
+# Account settings
+set folder = '~/mail/personal'
+set from = 'raydreww@gmail.com'
+set realname = 'Ray Andrew'
+set spoolfile = '+Inbox'
+set postponed = '+Drafts'
+set record = '+Sent'
+set trash = '+Trash'
+
+# PGP settings
+set use_from = yes
+set pgp_verify_sig = yes
+set pgp_sign_as = 0x07AA5254804C009F
+set pgp_timeout = 3600
+
+# Mailboxes
+named-mailboxes "p/inbox"     =Inbox
+named-mailboxes "p/drafts"    =Drafts
+named-mailboxes "p/sent"      =Sent
+named-mailboxes "p/important" =Important
+named-mailboxes "p/trash"     =Trash
+named-mailboxes "p/archive"   =Archive
+
+# Signature
+set signature = "~/.config/neomutt/signatures/personal"
diff --git a/config/neomutt/accounts/uchicago b/config/neomutt/accounts/uchicago
new file mode 100644
index 0000000..225badb
--- /dev/null
+++ b/config/neomutt/accounts/uchicago
@@ -0,0 +1,39 @@
+# UChicago account configuration (via DavMail)
+unmailboxes *
+
+set ssl_force_tls = no
+set certificate_file = /etc/ssl/certs/ca-certificates.crt
+
+# GPG
+set crypt_autosign = no
+set crypt_opportunistic_encrypt = no
+set pgp_use_gpg_agent = yes
+set mbox_type = Maildir
+set sort = "threads"
+
+# Account settings
+set folder = '~/mail/uchicago'
+set from = 'rayandrew@uchicago.edu'
+set realname = 'Ray Andrew'
+set spoolfile = '+Inbox'
+set postponed = '+Drafts'
+set record = '+Sent'
+set trash = '+Trash'
+
+# PGP settings
+set use_from = yes
+set pgp_sign_as = 0xEEF04CFFE9DFE5FC
+set pgp_verify_sig = yes
+set pgp_timeout = 3600
+
+# Mailboxes
+named-mailboxes "u/inbox"     =Inbox
+named-mailboxes "u/drafts"    =Drafts
+named-mailboxes "u/sent"      =Sent
+named-mailboxes "u/important" =Important
+named-mailboxes "u/trash"     =Trash
+named-mailboxes "u/archive"   =Archive
+named-mailboxes "u/teaching"  =Teaching
+
+# Signature
+set signature = "~/.config/neomutt/signatures/uchicago"
diff --git a/config/neomutt/colors b/config/neomutt/colors
new file mode 100644
index 0000000..40ac56e
--- /dev/null
+++ b/config/neomutt/colors
@@ -0,0 +1,72 @@
+# NeoMutt color scheme
+
+# Header colors
+color header blue default ".*"
+color header brightmagenta default "^(From)"
+color header brightcyan default "^(Subject)"
+color header brightwhite default "^(CC|BCC)"
+
+# Mono settings
+mono bold bold
+mono underline underline
+mono indicator reverse
+mono error bold
+
+# General colors
+color normal default default
+color indicator brightyellow default
+color sidebar_highlight red default
+color sidebar_divider brightblack black
+color sidebar_flagged red black
+color sidebar_new green black
+color normal brightyellow default
+color error red default
+color tilde black default
+color message cyan default
+color markers red white
+color attachment white default
+color search brightmagenta default
+color status brightyellow black
+color hdrdefault brightgreen default
+color quoted green default
+color quoted1 blue default
+color quoted2 cyan default
+color quoted3 yellow default
+color quoted4 red default
+color quoted5 brightred default
+color signature brightgreen default
+color bold black default
+color underline black default
+
+# Body patterns
+color body brightred default "[\-\.+_a-zA-Z0-9]+@[\-\.a-zA-Z0-9]+"
+color body brightblue default "(https?|ftp)://[\-\.,/%~_:?&=\#a-zA-Z0-9]+"
+color body green default "\`[^\`]*\`"
+color body brightblue default "^# \.*"
+color body brightcyan default "^## \.*"
+color body brightgreen default "^### \.*"
+color body yellow default "^(\t| )*(-|\\*) \.*"
+color body brightcyan default "[;:][-o][)/(|]"
+color body brightcyan default "[;:][)(|]"
+color body brightcyan default "[ ][*][^*]*[*][ ]?"
+color body brightcyan default "[ ]?[*][^*]*[*][ ]"
+color body red default "(BAD signature)"
+color body cyan default "(Good signature)"
+color body brightblack default "^gpg: Good signature .*"
+color body brightyellow default "^gpg: "
+color body brightyellow red "^gpg: BAD signature from.*"
+mono body bold "^gpg: Good signature"
+color body red default "([a-z][a-z0-9+-]*://(((([a-z0-9_.!~*'();:&=+$,-]|%[0-9a-f][0-9a-f])*@)?((([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?|[0-9]+\\.[0-9]+\\.[0-9]+\\.[0-9]+)(:[0-9]+)?)|([a-z0-9_.!~*'()$,;:@&=+-]|%[0-9a-f][0-9a-f])+)(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*(/([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*(;([a-z0-9_.!~*'():@&=+$,-]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?(#([a-z0-9_.!~*'();/?:@&=+$,-]|%[0-9a-f][0-9a-f])*)?|(www|ftp)\\.(([a-z0-9]([a-z0-9-]*[a-z0-9])?)\\.)*([a-z]([a-z0-9-]*[a-z0-9])?)\\.?(:[0-9]+)?(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*(/([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*(;([-a-z0-9_.!~*'():@&=+$,]|%[0-9a-f][0-9a-f])*)*)*)?(\\?([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?(#([-a-z0-9_.!~*'();/?:@&=+$,]|%[0-9a-f][0-9a-f])*)?)[^].,:;!)? \t\r\n<>\"]"
+
+# Index colors
+color index yellow default '.*'
+color index_author red default '.*'
+color index_number blue default
+color index_subject cyan default '.*'
+
+# New mail
+color index brightyellow black "~N"
+color index_author brightred black "~N"
+color index_subject brightcyan black "~N"
+
+color progress black cyan
diff --git a/config/neomutt/keybinds b/config/neomutt/keybinds
new file mode 100644
index 0000000..2f4223b
--- /dev/null
+++ b/config/neomutt/keybinds
@@ -0,0 +1,65 @@
+# NeoMutt keybindings
+
+# Attachment
+bind attach <return> view-mailcap
+bind attach l view-mailcap
+
+# Editor
+bind editor <space> noop
+bind editor <Tab> complete-query
+bind editor ^T complete
+
+# Pager
+bind pager c imap-fetch-mail
+bind pager j next-line
+bind pager k previous-line
+bind pager J next-entry
+bind pager K previous-entry
+bind pager l view-attachments
+bind pager,attach h exit
+bind pager \031 previous-line
+bind pager \005 next-line
+bind pager,browser gg top-page
+bind pager,browser G bottom-page
+
+# Index
+bind index G last-entry
+bind index g noop
+bind index gg first-entry
+bind index D delete-message
+bind index U undelete-message
+bind index L limit
+bind index h noop
+bind index l display-message
+bind index R group-reply
+bind index \031 previous-undeleted
+bind index \005 next-undeleted
+bind index <tab> sync-mailbox
+bind index <space> collapse-thread
+
+# Browser
+bind browser h goto-parent
+bind browser l select-entry
+bind browser,pager,index n search-next
+bind browser,pager,index N search-opposite
+
+# Navigation (half page)
+bind index,pager,browser d half-down
+bind index,pager,browser u half-up
+
+# Sidebar
+bind index,pager \Ck sidebar-prev
+bind index,pager \Cj sidebar-next
+bind index,pager \Cl sidebar-open
+bind index,pager \Cp sidebar-prev-new
+bind index,pager \Cn sidebar-next-new
+bind index,pager B sidebar-toggle-visible
+
+# Misc
+bind index,pager @ compose-to-sender
+bind index,pager D purge-message
+
+# Macros
+macro index,pager a ":set confirmappend=no delete=yes\n<tag-prefix><save-message>=Archive\n<sync-mailbox>:set confirmappend=yes delete=ask-yes\n"
+macro index,pager n "<tag-prefix><clear-flag>N<untag-pattern>.<enter>\n"
+macro attach O "<enter-command>unset wait_key<enter><shell-escape>rm -f /tmp/mutt-attach<enter><save-entry><kill-line>/tmp/mutt-attach<enter>^A"
diff --git a/config/neomutt/neomuttrc b/config/neomutt/neomuttrc
new file mode 100644
index 0000000..2da0d8c
--- /dev/null
+++ b/config/neomutt/neomuttrc
@@ -0,0 +1,65 @@
+# NeoMutt main configuration
+
+# Cache
+set header_cache = "~/.cache/neomutt/headers/"
+set message_cachedir = "~/.cache/neomutt/messages/"
+
+# Editor
+set editor = "emacs -nw"
+set edit_headers = yes
+
+# General settings
+set implicit_autoview = yes
+set crypt_use_gpgme = yes
+alternative_order text/enriched text/plain text
+set delete = yes
+set abort_key = "<Esc>"
+
+# Sidebar
+set sidebar_visible
+set sidebar_format = "%D%?F? [%F]?%* %?N?%N/?%S"
+set mail_check_stats
+
+# Status bar, date format
+set status_chars = " *%A"
+set status_format = "[ Folder: %D ] [%r%m messages%?n? (%n new)?%?d? (%d to delete)?%?t? (%t tagged)? ]%>─%?p?( %p postponed )?"
+set date_format = "%d.%m.%Y %H:%M"
+set sort = threads
+set sort_aux = reverse-last-date-received
+set uncollapse_jump
+set sort_re
+set index_format = "%4C %Z %{%b %d} %-15.15L %?E?(%E)&? %s"
+set reply_regexp = "^(([Rr][Ee]?(\[[0-9]+\])?: *)?(\[[^]]+\] *)?)*"
+set quote_regexp = "^( {0,4}[>|:#%]| {0,4}[a-z0-9]+[>|]+)+"
+set send_charset = "utf-8:iso-8859-1:us-ascii"
+set charset = "utf-8"
+set arrow_cursor = "no"
+
+# Pager View Options
+set pager_index_lines = 10
+set pager_context = 3
+set pager_stop
+set menu_scroll
+set tilde
+unset markers
+
+# MTA (mail transfer agent)
+set sendmail = 'msmtpq --read-envelope-from --read-recipients'
+
+# Include keybindings
+source ~/.config/neomutt/keybinds
+source ~/.config/neomutt/colors
+
+# Account switching macros
+macro index,pager <f2> "<sync-mailbox><enter-command>source ~/.config/neomutt/accounts/uchicago<enter><change-folder>!<enter>"
+macro index,pager <f3> "<sync-mailbox><enter-command>source ~/.config/neomutt/accounts/personal<enter><change-folder>!<enter>"
+
+# Register accounts for folder hooks
+named-mailboxes "p" "~/mail/personal/Inbox"
+folder-hook ~/mail/personal/ "source ~/.config/neomutt/accounts/personal"
+
+named-mailboxes "u" "~/mail/uchicago/Inbox"
+folder-hook ~/mail/uchicago/ "source ~/.config/neomutt/accounts/uchicago"
+
+# Source primary account (personal)
+source ~/.config/neomutt/accounts/personal
diff --git a/config/neomutt/signatures/personal b/config/neomutt/signatures/personal
new file mode 100644
index 0000000..b6a4f34
--- /dev/null
+++ b/config/neomutt/signatures/personal
@@ -0,0 +1 @@
+-- Ray Andrew
diff --git a/config/neomutt/signatures/uchicago b/config/neomutt/signatures/uchicago
new file mode 100644
index 0000000..b6a4f34
--- /dev/null
+++ b/config/neomutt/signatures/uchicago
@@ -0,0 +1 @@
+-- Ray Andrew
diff --git a/home/email/default.nix b/home/email/default.nix
index a29ef56..5adf3a6 100644
--- a/home/email/default.nix
+++ b/home/email/default.nix
@@ -2,14 +2,12 @@
   pkgs,
   lib,
   config,
-  user,
-  home-dir,
+  dots,
   ...
 }:
 
 {
   imports = [
-    ./neomutt
     ./mailcap.nix
   ];
 
@@ -17,204 +15,65 @@
     enable = mkEnableOption "Enable email";
     davmail = mkEnableOption "Enable DavMail";
     mbsync = mkEnableOption "Enable Mbsync";
+    neomutt = mkEnableOption "Enable NeoMutt";
   };
 
   config = lib.mkIf config.custom.email.enable {
+    # DavMail service (Exchange gateway)
     services.davmail = {
       enable = config.custom.email.davmail;
-      settings = {
-        "davmail.mode" = "O365Manual";
-        "davmail.url" = "https://outlook.office365.com/EWS/Exchange.asmx";
-        # davmail.mode = "O365Modern";
-        "davmail.keepDelay" = 30;
-        # log4j.logger.davmail = "DEBUG";
-      };
+      configFile = "${dots}/config/davmail/davmail.properties";
     };
 
-    programs = {
-      neomutt = {
-        macros = [
-          {
-            map = [
-              "index"
-              "pager"
-            ];
-            key = "<f2>";
-            action = "<sync-mailbox><enter-command>source ~/.config/neomutt/uchicago<enter><change-folder>!<enter>";
-          }
-          {
-            map = [
-              "index"
-              "pager"
-            ];
-            key = "<f3>";
-            action = "<sync-mailbox><enter-command>source ~/.config/neomutt/personal<enter><change-folder>!<enter>";
-          }
-        ];
-      };
-      mbsync.enable = true;
-      msmtp = {
-        enable = true;
-      };
+    # Mbsync service (mail sync)
+    services.mbsync = {
+      enable = config.custom.email.mbsync;
+      configFile = "${dots}/config/mbsync/mbsyncrc";
+      frequency = "*:0/1";
     };
 
-    services = {
-      mbsync = {
-        enable = config.custom.email.mbsync;
-        frequency = "*:0/1";
-      };
+    # Install mail-related packages
+    home.packages = with pkgs; [
+      isync # mbsync
+      msmtp
+      sops # for password decryption
+      age # for sops age backend
+    ];
+
+    # Symlink config files
+    xdg.configFile = {
+      # msmtp config
+      "msmtp/config".source = config.lib.file.mkOutOfStoreSymlink "${dots}/config/msmtp/config";
+
+      # neomutt configs
+      "neomutt/neomuttrc".source = config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/neomuttrc";
+      "neomutt/keybinds".source = config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/keybinds";
+      "neomutt/colors".source = config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/colors";
+      "neomutt/accounts/personal".source =
+        config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/accounts/personal";
+      "neomutt/accounts/uchicago".source =
+        config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/accounts/uchicago";
+      "neomutt/signatures/personal".source =
+        config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/signatures/personal";
+      "neomutt/signatures/uchicago".source =
+        config.lib.file.mkOutOfStoreSymlink "${dots}/config/neomutt/signatures/uchicago";
+
+      # isync/mbsync config (some tools look here)
+      "isyncrc".source = config.lib.file.mkOutOfStoreSymlink "${dots}/config/mbsync/mbsyncrc";
     };
 
-    accounts.email =
-      let
-        cat = lib.getExe' pkgs.coreutils "cat";
-      in
-      rec {
-        maildirBasePath = "${home-dir}/mail";
-        accounts = lib.mkMerge ([
-          {
-            "personal" = {
-              userName = "raydreww@gmail.com";
-              address = "raydreww@gmail.com";
-              realName = "Ray Andrew";
-              primary = !config.custom.email.davmail;
-              signature = {
-                text = ''
-                  -- Ray Andrew
-                '';
-                showSignature = "append";
-              };
-              passwordCommand = "${cat} ${config.sops.secrets."personal".path}";
-              gpg = {
-                key = "1913ECC8FD7076BC8330E11607AA5254804C009F";
-                signByDefault = true;
-              };
-              smtp = {
-                host = "smtp.gmail.com";
-              };
-              imap = {
-                host = "imap.gmail.com";
-              };
-              mbsync = {
-                enable = true;
-                create = "both";
-                expunge = "both";
-                patterns = [
-                  "*"
-                  "!\"[Airmail]/Done\""
-                  "!\"[Airmail]/Snooze\""
-                  "!\"[Airmail]/To Do\""
-                  "!\"[Airmail]/Send Later\""
-                  "!\"[Gmail]/All Mail\""
-                  "!\"[Gmail]/Important\""
-                  "!\"[Gmail]/Starred\""
-                  "!\"[Gmail]/Bin\""
-                ];
-              };
-              msmtp = {
-                enable = true;
-              };
-              neomutt = rec {
-                enable = true;
-                mailboxName = "p";
-                extraConfig = ''
-                  set use_from = yes
-                  set pgp_verify_sig = yes
-                  set pgp_sign_as = 0x07AA5254804C009F
-                  set pgp_timeout = 3600
-                  named-mailboxes "${mailboxName}/inbox"     =Inbox
-                  named-mailboxes "${mailboxName}/drafts"    =Drafts
-                  named-mailboxes "${mailboxName}/sent"      =Sent
-                  named-mailboxes "${mailboxName}/important" =Important
-                  named-mailboxes "${mailboxName}/trash"     =Trash
-                  named-mailboxes "${mailboxName}/archive"   =Archive
-                '';
-              };
-            };
-          }
-          (lib.mkIf config.custom.email.davmail {
-            "uchicago" = {
-              userName = "rayandrew@uchicago.edu";
-              address = "rayandrew@uchicago.edu";
-              realName = "Ray Andrew";
-              primary = true;
-              signature = {
-                text = ''
-                  -- Ray Andrew
-                '';
-                showSignature = "append";
-              };
-              passwordCommand = "${cat} ${config.sops.secrets."uchicago".path}";
-              gpg = {
-                key = "0BADFAD0FB93296C84956F9CEEF04CFFE9DFE5FC";
-                signByDefault = false;
-              };
-              smtp = {
-                host = "127.0.0.1";
-                port = 1025;
-                tls = {
-                  enable = false;
-                  certificatesFile = null;
-                };
-              };
-              imap = {
-                host = "127.0.0.1";
-                port = 1143;
-                tls.enable = false;
-              };
-              mbsync = {
-                enable = true;
-                create = "both";
-                expunge = "both";
-                patterns = [
-                  "*"
-                  "!\"[Airmail]/Done\""
-                  "!\"[Airmail]/Snooze\""
-                  "!\"[Airmail]/To Do\""
-                  "!\"[Airmail]/Send Later\""
-                ];
-                extraConfig.account = {
-                  TLSType = "None";
-                  AuthMechs = "LOGIN";
-                  Timeout = 0;
-                };
-              };
-              msmtp = {
-                enable = true;
-                extraConfig = {
-                  auth = "plain";
-                };
-              };
-              neomutt = rec {
-                enable = true;
-                mailboxName = "u";
-                extraConfig = ''
-                  set use_from = yes
-                  set pgp_sign_as = 0xEEF04CFFE9DFE5FC
-                  set pgp_verify_sig = yes
-                  set pgp_timeout = 3600
-                  named-mailboxes "${mailboxName}/inbox"     =Inbox
-                  named-mailboxes "${mailboxName}/drafts"    =Drafts
-                  named-mailboxes "${mailboxName}/sent"      =Sent
-                  named-mailboxes "${mailboxName}/important" =Important
-                  named-mailboxes "${mailboxName}/trash"     =Trash
-                  named-mailboxes "${mailboxName}/archive"   =Archive
-                  named-mailboxes "${mailboxName}/teaching"  =Teaching
-                '';
-              };
-            };
-          })
-        ]);
-      };
-
-    sops = {
-      age.keyFile = "${home-dir}/.config/sops/age/keys.txt";
-      age.generateKey = true;
-      defaultSopsFile = ./secrets.yaml;
-      secrets = {
-        "personal" = { };
-        "uchicago" = { };
-      };
+    # neomutt program (for the package)
+    programs.neomutt = lib.mkIf config.custom.email.neomutt {
+      enable = true;
     };
+
+    # Create mail directories
+    home.activation.createMailDirs = lib.hm.dag.entryAfter [ "writeBoundary" ] ''
+      mkdir -p ~/mail/personal/Inbox
+      mkdir -p ~/mail/uchicago/Inbox
+      mkdir -p ~/.cache/neomutt/headers
+      mkdir -p ~/.cache/neomutt/messages
+      mkdir -p ~/.local/state
+    '';
   };
 }
diff --git a/hosts/dango/default.nix b/hosts/dango/default.nix
index 6b93978..88da862 100644
--- a/hosts/dango/default.nix
+++ b/hosts/dango/default.nix
@@ -1,5 +1,6 @@
 {
   pkgs,
+  home-dir,
   ...
 }:
 {
@@ -80,6 +81,13 @@
   ];
 
   hm.custom = {
+    environment = {
+      enable = true;
+      variables = {
+        EDITOR = "nvim";
+        SOPS_AGE_KEY_FILE = "${home-dir}/.config/sops/age/keys.txt";
+      };
+    };
     emacs.enable = true;
     neovim.enable = true;
     latex.enable = true;
diff --git a/hosts/default.nix b/hosts/default.nix
index 34a7e1a..8702433 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -40,6 +40,7 @@ let
         ./shared.nix
         ./${host}
         ./${host}/hardware.nix
+        ../modules/nixos
         ../nixos
         (
           { config, ... }:
@@ -115,6 +116,7 @@ let
       modules = [
         ./shared.nix
         ./${host}
+        ../modules/darwin
         ../darwin
         (
           { config, ... }:
diff --git a/modules/darwin/default.nix b/modules/darwin/default.nix
new file mode 100644
index 0000000..3d474c7
--- /dev/null
+++ b/modules/darwin/default.nix
@@ -0,0 +1,5 @@
+{
+  imports = [
+    # Add darwin-specific custom modules here
+  ];
+}
diff --git a/modules/home-manager/default.nix b/modules/home-manager/default.nix
index 492007c..c3fa93d 100644
--- a/modules/home-manager/default.nix
+++ b/modules/home-manager/default.nix
@@ -1,11 +1,6 @@
 {
-  disabledModules = [
-    "services/davmail.nix"
-    "services/mbsync.nix"
-  ];
-
   imports = [
-    ./davmail.nix
-    ./mbsync.nix
+    ./overrides
+    ./environment.nix
   ];
 }
diff --git a/modules/home-manager/environment.nix b/modules/home-manager/environment.nix
new file mode 100644
index 0000000..46cb20e
--- /dev/null
+++ b/modules/home-manager/environment.nix
@@ -0,0 +1,50 @@
+# Home Manager environment module
+{
+  config,
+  lib,
+  ...
+}:
+let
+  inherit (lib)
+    mkEnableOption
+    mkOption
+    mkIf
+    types
+    ;
+
+  cfg = config.custom.environment;
+
+  # Convert attrset to shell export statements
+  toShellExports =
+    vars:
+    lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value: ''export ${name}="${value}"'') vars);
+
+  # Convert attrset to fish set statements
+  toFishSets =
+    vars:
+    lib.concatStringsSep "\n" (lib.mapAttrsToList (name: value: ''set -gx ${name} "${value}"'') vars);
+in
+{
+  options.custom.environment = {
+    enable = mkEnableOption "custom environment configuration";
+
+    variables = mkOption {
+      type = types.attrsOf types.str;
+      default = { };
+      description = "Environment variables to set across all shells.";
+      example = {
+        EDITOR = "nvim";
+        SOPS_AGE_KEY_FILE = "$HOME/.config/sops/age/keys.txt";
+      };
+    };
+  };
+
+  config = mkIf cfg.enable {
+    home.sessionVariables = cfg.variables;
+
+    # Also add to shell configs for immediate availability
+    programs.bash.bashrcExtra = lib.mkAfter (toShellExports cfg.variables);
+    programs.zsh.initContent = lib.mkAfter (toShellExports cfg.variables);
+    programs.fish.shellInit = lib.mkAfter (toFishSets cfg.variables);
+  };
+}
diff --git a/modules/home-manager/davmail.nix b/modules/home-manager/overrides/davmail.nix
similarity index 86%
rename from modules/home-manager/davmail.nix
rename to modules/home-manager/overrides/davmail.nix
index fe35487..4ee172f 100644
--- a/modules/home-manager/davmail.nix
+++ b/modules/home-manager/overrides/davmail.nix
@@ -24,9 +24,14 @@ let
 
   javaProperties = pkgs.formats.javaProperties { };
 
-  settingsFile = javaProperties.generate "davmail.properties" cfg.settings;
+  generatedSettingsFile = javaProperties.generate "davmail.properties" cfg.settings;
+
+  # Use configFile if provided, otherwise use generated settings
+  settingsFile = if cfg.configFile != null then cfg.configFile else generatedSettingsFile;
 in
 {
+  disabledModules = [ "services/davmail.nix" ];
+
   meta.maintainers = [ lib.maintainers.bmrips ];
 
   options.services.davmail = {
@@ -34,6 +39,16 @@ in
 
     package = lib.mkPackageOption pkgs "davmail" { };
 
+    configFile = mkOption {
+      type = types.nullOr types.path;
+      default = null;
+      description = ''
+        Path to a custom davmail.properties configuration file.
+        If set, this file will be used instead of generating one from settings.
+      '';
+      example = "~/.config/davmail/davmail.properties";
+    };
+
     imitateOutlook = mkOption {
       type = types.bool;
       default = false;
@@ -66,6 +81,11 @@ in
   config = mkIf cfg.enable (mkMerge [
     # Common configuration for all platforms
     {
+      home.packages = [ cfg.package ];
+    }
+
+    # Default settings (only when configFile is not provided)
+    (mkIf (cfg.configFile == null) {
       services.davmail.settings =
         mapAttrsRecursive (_: mkDefault) {
           "davmail.server" = true;
@@ -91,9 +111,7 @@ in
           "davmail.oauth.clientId" = "d3590ed6-52b3-4102-aeff-aad2292ab01c";
           "davmail.oauth.redirectUri" = "urn:ietf:wg:oauth:2.0:oob";
         };
-
-      home.packages = [ cfg.package ];
-    }
+    })
 
     # Linux-specific: systemd user service
     (mkIf isLinux {
diff --git a/modules/home-manager/overrides/default.nix b/modules/home-manager/overrides/default.nix
new file mode 100644
index 0000000..aff4149
--- /dev/null
+++ b/modules/home-manager/overrides/default.nix
@@ -0,0 +1,6 @@
+{
+  imports = [
+    ./davmail.nix
+    ./mbsync.nix
+  ];
+}
diff --git a/modules/home-manager/mbsync.nix b/modules/home-manager/overrides/mbsync.nix
similarity index 98%
rename from modules/home-manager/mbsync.nix
rename to modules/home-manager/overrides/mbsync.nix
index 3a2ccb6..3c282ee 100644
--- a/modules/home-manager/mbsync.nix
+++ b/modules/home-manager/overrides/mbsync.nix
@@ -40,6 +40,8 @@ let
 
 in
 {
+  disabledModules = [ "services/mbsync.nix" ];
+
   meta.maintainers = [ lib.maintainers.pjones ];
 
   options.services.mbsync = {
diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
new file mode 100644
index 0000000..5a226a4
--- /dev/null
+++ b/modules/nixos/default.nix
@@ -0,0 +1,5 @@
+{
+  imports = [
+    # Add nixos-specific custom modules here
+  ];
+}