diff --git a/flake.nix b/flake.nix
index 2b03ea5..c3929a8 100644
--- a/flake.nix
+++ b/flake.nix
@@ -39,8 +39,8 @@
     };
   };
 
-  outputs = {self, nixpkgs, ...} @ inputs: let
-  in {
-    nixosConfigurations = import ./hosts {inherit nixpkgs inputs self;};
+  outputs = {self, nixpkgs, ...} @ inputs: {
+    nixosConfigurations = import ./hosts {inherit inputs;};
+    devShells = import ./shells {inherit inputs;};
   };
 }
diff --git a/hosts/default.nix b/hosts/default.nix
index e334112..084916d 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -1,5 +1,6 @@
-{ self, inputs, ... }:
+{ inputs, ... }:
 let
+  inherit (inputs) self;
   inherit (inputs.nixpkgs) lib;
 
   # A list of shared modules that ALL systems need
@@ -10,17 +11,6 @@ let
   ];
 in
 {
-  vboxnix = lib.nixosSystem {
-    system = "x86_64-linux";
-    specialArgs = { inherit lib inputs self; };
-    modules = [
-      ./vbox_nix
-      inputs.home-manager.nixosModules.home-manager
-      inputs.impermanence.nixosModules.impermanence
-      inputs.lanzaboote.nixosModules.lanzaboote
-    ] ++ shared;
-  };
-
   herugrim = lib.nixosSystem {
     system = "x86_64-linux";
     specialArgs = { inherit lib inputs self; };
diff --git a/shells/default.nix b/shells/default.nix
new file mode 100644
index 0000000..5934283
--- /dev/null
+++ b/shells/default.nix
@@ -0,0 +1,21 @@
+{inputs, ...}: let 
+  inherit (inputs) nixpkgs;
+
+  system = "x86_64-linux";
+  pkgs = nixpkgs.legacyPackages.${system};
+in {
+  ${system} = {
+    default = pkgs.mkShell {
+      name = "nixdots";
+      meta.description = "The default development shell for my NixOS configuration";
+      packages = with pkgs; [
+        git # flakes require git
+        nil # nix ls
+        statix # lints and suggestions
+        deadnix # clean up unused nix code
+        alejandra # nix formatter
+      ];
+      shellHook = "exec $SHELL";
+    };
+  };
+}
diff --git a/system/roles/workstation/display/login/greetd.nix b/system/roles/workstation/display/login/greetd.nix
index 9590df6..c366e87 100644
--- a/system/roles/workstation/display/login/greetd.nix
+++ b/system/roles/workstation/display/login/greetd.nix
@@ -11,6 +11,9 @@
   deviceType = config.myOptions.device.roles.type;
   acceptedTypes = ["laptop" "desktop"];
 
+  greetingMsg = "'Access is restricted to authorized personnel only.'";
+  tuiGreetTheme = "'border=magenta;text=cyan;prompt=green;time=red;action=white;button=yellow;container=black;input=gray'";
+
   sessionData = config.services.displayManager.sessionData.desktops;
   sessionPaths = concatStringsSep ":" [
     "${sessionData}/share/xsessions"
@@ -25,14 +28,16 @@
       "--remember"
       "--remember-user-session"
       "--asterisks"
+      "--greeting ${greetingMsg}"
       "--sessions '${sessionPaths}'"
+      "--theme ${tuiGreetTheme}"
     ];
   };
 in {
   config = mkIf (builtins.elem deviceType acceptedTypes) {
     services.greetd = {
       enable = true;
-      vt = 2;
+      vt = 1;
 
       # <https://man.sr.ht/~kennylevinsen/greetd/>
       settings = {
@@ -54,5 +59,8 @@ in {
       TTYVHangup = true;
       TTYVTDisallocate = true;
     };
+
+    # Persist info about previous session & user
+    myOptions.system.impermanence.root.extraDirectories = [ "/var/cache/tuigreet" ];
   };
 }