diff --git a/common/users/default.nix b/common/users/default.nix
index 9e58dba..7b46780 100644
--- a/common/users/default.nix
+++ b/common/users/default.nix
@@ -2,7 +2,7 @@
   imports = [
     ./qenya.nix
     ./randomcat.nix
-    ./richard.nix
+    ./trungle.nix
   ];
 
   users.mutableUsers = false;
diff --git a/common/users/qenya.nix b/common/users/qenya.nix
index d3998c3..6a8e506 100644
--- a/common/users/qenya.nix
+++ b/common/users/qenya.nix
@@ -1,16 +1,28 @@
 { config, lib, pkgs, self, ... }:
 
-let keys = import ../../keys.nix;
-in {
-  users.users.qenya = {
-    isNormalUser = true;
-    home = "/home/qenya";
-    shell = pkgs.zsh;
-    openssh.authorizedKeys.keys = keys.users.qenya;
-    uid = 1001;
+let
+  inherit (lib) mkIf mkEnableOption;
+  keys = import ../../keys.nix;
+  cfg = config.fountain.users.qenya;
+in
+{
+  options.fountain.users.qenya = {
+    enable = mkEnableOption "user qenya";
   };
 
-  programs.zsh.enable = true;
+  config = mkIf cfg.enable {
+    users.users.qenya = {
+      uid = 1001;
+      isNormalUser = true;
+      group = "qenya";
+      shell = pkgs.zsh;
+      openssh.authorizedKeys.keys = keys.users.qenya;
+    };
 
-  home-manager.users."qenya" = self.homeManagerModules."qenya";
+    users.groups.qenya.gid = config.users.users.qenya.uid;
+
+    programs.zsh.enable = true;
+
+    home-manager.users."qenya" = self.homeManagerModules."qenya";
+  };
 }
diff --git a/common/users/randomcat.nix b/common/users/randomcat.nix
index f425424..de637fb 100644
--- a/common/users/randomcat.nix
+++ b/common/users/randomcat.nix
@@ -1,12 +1,23 @@
 { config, lib, pkgs, ... }:
 
-let keys = import ../../keys.nix;
+let
+  inherit (lib) mkIf mkEnableOption;
+  keys = import ../../keys.nix;
+  cfg = config.fountain.users.randomcat;
 in
 {
-  users.users.randomcat = {
-    isNormalUser = true;
-    home = "/home/randomcat";
-    openssh.authorizedKeys.keys = keys.users.randomcat;
-    uid = 1003;
+  options.fountain.users.randomcat = {
+    enable = mkEnableOption "user randomcat";
   };
-}
+
+  config = mkIf cfg.enable {
+    users.users.randomcat = {
+      uid = 1000;
+      isNormalUser = true;
+      group = "randomcat";
+      openssh.authorizedKeys.keys = keys.users.randomcat;
+    };
+
+    users.groups.randomcat.gid = config.users.users.randomcat.uid;
+  };
+}
\ No newline at end of file
diff --git a/common/users/richard.nix b/common/users/richard.nix
deleted file mode 100644
index b099667..0000000
--- a/common/users/richard.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ config, lib, pkgs, ... }:
-
-let keys = import ../../keys.nix;
-in
-{
-  users.users.richard = {
-    isNormalUser = true;
-    home = "/home/richard";
-    openssh.authorizedKeys.keys = keys.users.trungle;
-    uid = 1002;
-  };
-}
diff --git a/common/users/trungle.nix b/common/users/trungle.nix
new file mode 100644
index 0000000..d1736ff
--- /dev/null
+++ b/common/users/trungle.nix
@@ -0,0 +1,23 @@
+{ config, lib, pkgs, ... }:
+
+let
+  inherit (lib) mkIf mkEnableOption;
+  keys = import ../../keys.nix;
+  cfg = config.fountain.users.trungle;
+in
+{
+  options.fountain.users.trungle = {
+    enable = mkEnableOption "user trungle";
+  };
+
+  config = mkIf cfg.enable {
+    users.users.trungle = {
+      uid = 1002;
+      isNormalUser = true;
+      group = "trungle";
+      openssh.authorizedKeys.keys = keys.users.trungle;
+    };
+
+    users.groups.trungle.gid = config.users.users.trungle.uid;
+  };
+}
\ No newline at end of file
diff --git a/hosts/kalessin/default.nix b/hosts/kalessin/default.nix
index a3b86ab..ae5b218 100644
--- a/hosts/kalessin/default.nix
+++ b/hosts/kalessin/default.nix
@@ -10,7 +10,11 @@
   networking.hostName = "kalessin";
   networking.hostId = "534b538e";
 
+  fountain.users.qenya.enable = true;
   users.users.qenya.extraGroups = [ "wheel" ];
+
+  fountain.users.trungle.enable = true;
+
   qenya.base-server.enable = true;
 
   system.stateVersion = "23.11";
diff --git a/hosts/kilgharrah/default.nix b/hosts/kilgharrah/default.nix
index 57a4933..33fc8c7 100644
--- a/hosts/kilgharrah/default.nix
+++ b/hosts/kilgharrah/default.nix
@@ -25,6 +25,7 @@
 
   qenya.services.pipewire.lowLatency.enable = true;
 
+  fountain.users.qenya.enable = true;
   age.secrets.user-password-kilgharrah-qenya.file = ../../secrets/user-password-kilgharrah-qenya.age;
   users.users.qenya.hashedPasswordFile = config.age.secrets.user-password-kilgharrah-qenya.path;
   users.users.qenya.extraGroups = [ "wheel" ];
diff --git a/hosts/orm/default.nix b/hosts/orm/default.nix
index 004ebd4..1d8a648 100644
--- a/hosts/orm/default.nix
+++ b/hosts/orm/default.nix
@@ -10,6 +10,7 @@
   networking.hostName = "orm";
   networking.hostId = "00000000";
 
+  fountain.users.qenya.enable = true;
   users.users.qenya.extraGroups = [ "wheel" ];
   qenya.base-server.enable = true;
 
diff --git a/hosts/tohru/default.nix b/hosts/tohru/default.nix
index 8d6f7b2..7832985 100644
--- a/hosts/tohru/default.nix
+++ b/hosts/tohru/default.nix
@@ -23,6 +23,7 @@
   console.keyMap = "uk";
   services.xserver.xkb.layout = "gb";
 
+  fountain.users.qenya.enable = true;
   age.secrets.user-password-tohru-qenya.file = ../../secrets/user-password-tohru-qenya.age;
   users.users.qenya.hashedPasswordFile = config.age.secrets.user-password-tohru-qenya.path;
   users.users.qenya.extraGroups = [
diff --git a/hosts/yevaud/default.nix b/hosts/yevaud/default.nix
index 7ff5928..2a8fdae 100644
--- a/hosts/yevaud/default.nix
+++ b/hosts/yevaud/default.nix
@@ -10,6 +10,7 @@
   networking.hostName = "yevaud";
   networking.hostId = "09673d65";
 
+  fountain.users.qenya.enable = true;
   users.users.qenya.extraGroups = [ "wheel" ];
   qenya.base-server.enable = true;