diff --git a/hosts/samhain/nixos/default.nix b/hosts/samhain/nixos/default.nix
index d1cb5deb..6188eb85 100644
--- a/hosts/samhain/nixos/default.nix
+++ b/hosts/samhain/nixos/default.nix
@@ -15,6 +15,48 @@
 
   deploy.target = "personal";
 
+  deploy.tf.variables.dyn_username = {
+    type = "string";
+    value.shellCommand = "bitw get infra/hexdns-dynamic -f username";
+  };
+
+  deploy.tf.variables.dyn_password = {
+    type = "string";
+    value.shellCommand = "bitw get infra/hexdns-dynamic -f password";
+  };
+
+  deploy.tf.variables.dyn_hostname = {
+    type = "string";
+    value.shellCommand = "bitw get infra/hexdns-dynamic -f hostname";
+  };
+
+  secrets.files.kat-glauca-dns = {
+    text = ''
+      user="${tf.variables.dyn_username.ref}"
+      pass="${tf.variables.dyn_password.ref}"
+      hostname="${tf.variables.dyn_hostname.ref}"
+    '';
+    owner = "kat";
+    group = "users";
+  };
+
+  systemd.services.kat-glauca-dns = {
+    serviceConfig = {
+      ExecStart = "${pkgs.kat-glauca-dns}/bin/kat-glauca-dns";
+    };
+    environment = { passFile = config.secrets.files.kat-glauca-dns.path; };
+    wantedBy = [ "default.target" ];
+  };
+
+  systemd.timers.kat-glauca-dns = {
+    timerConfig = {
+      Unit = "kat-glauca-dns.service";
+      OnBootSec = "5m";
+      OnUnitActiveSec = "30m";
+    };
+    wantedBy = [ "default.target" ];
+  };
+  
   # graphics tablet
   services.xserver.wacom.enable = true;
 
diff --git a/pkgs/default.nix b/pkgs/default.nix
index 654e1679..a732a86d 100644
--- a/pkgs/default.nix
+++ b/pkgs/default.nix
@@ -9,9 +9,6 @@ let
 
     discord = unstable.discord.override { nss = self.nss_latest; };
 
-    lib = super.lib.extend
-      (self: super: { deployEmbedFuckery = txt: "__FUCKERY__" + txt; });
-
     ncmpcpp = unstable.ncmpcpp.override {
       visualizerSupport = true;
       clockSupport = true;