diff --git a/default.nix b/default.nix
index 7bf98da..800e6df 100644
--- a/default.nix
+++ b/default.nix
@@ -1,4 +1,7 @@
-{ pkgs ? import <nixpkgs> { }, lib ? pkgs.lib, }:
+{
+  pkgs ? import <nixpkgs> { },
+  lib ? pkgs.lib,
+}:
 
 pkgs.python3Packages.buildPythonPackage rec {
   pname = "smtprd-ng";
@@ -21,10 +24,8 @@ pkgs.python3Packages.buildPythonPackage rec {
 
   meta = {
     description = "SMTP forwarding relay daemon with signing and encryption";
-    homepage =
-      "https://app.radicle.xyz/nodes/seed.radicle.garden/rad:z3gWc1qgaeZaoGwL4WTstLNoqjayM";
+    homepage = "https://app.radicle.xyz/nodes/seed.radicle.garden/rad:z3gWc1qgaeZaoGwL4WTstLNoqjayM";
     license = lib.licenses.agpl3Only;
     maintainers = [ lib.maintainers.gador ];
   };
-
 }
diff --git a/devenv.nix b/devenv.nix
index 0e47b80..3ac3377 100644
--- a/devenv.nix
+++ b/devenv.nix
@@ -1,10 +1,24 @@
-{ pkgs, lib, config, inputs, ... }:
+{
+  pkgs,
+  lib,
+  config,
+  inputs,
+  ...
+}:
 
-let req = pkgs.concatText "req" [ ./requirements.txt ./requirements-dev.txt ];
-
-in {
+let
+  req = pkgs.concatText "req" [
+    ./requirements.txt
+    ./requirements-dev.txt
+  ];
+in
+{
   # https://devenv.sh/packages/
-  packages = [ pkgs.file pkgs.swig4 pkgs.openssl ];
+  packages = [
+    pkgs.file
+    pkgs.swig4
+    pkgs.openssl
+  ];
 
   # https://devenv.sh/languages/
   languages.nix.enable = true;
@@ -19,6 +33,7 @@ in {
   # https://devenv.sh/pre-commit-hooks/
   pre-commit.hooks = {
     nixfmt.enable = true;
+    nixfmt.package = pkgs.nixfmt-rfc-style;
     # remove unused imports
     autoflake.enable = true;
     # formatter
@@ -31,6 +46,5 @@ in {
     pylint.enable = true;
     detect-private-keys.enable = true;
     detect-private-keys.excludes = [ "tests/" ];
-
   };
 }
diff --git a/flake.nix b/flake.nix
index 68e91cd..ca6a1f0 100644
--- a/flake.nix
+++ b/flake.nix
@@ -7,15 +7,32 @@
     pre-commit-hooks.url = "github:cachix/pre-commit-hooks.nix";
   };
 
-  outputs = { self, nixpkgs, flake-utils, pre-commit-hooks, }:
-    let supportedSystems = [ "x86_64-linux" "aarch64-darwin" ];
-    in {
+  outputs =
+    {
+      self,
+      nixpkgs,
+      flake-utils,
+      pre-commit-hooks,
+    }:
+    let
+      supportedSystems = [
+        "x86_64-linux"
+        "aarch64-darwin"
+      ];
+    in
+    {
       nixosModules.smtprd-ng = import ./module.nix;
       overlays.default = import ./overlay.nix { inherit self; };
-    } // flake-utils.lib.eachSystem supportedSystems (system:
-      let pkgs = import nixpkgs { inherit system; };
-      in {
-        packages = { smtprd-ng = pkgs.callPackage ./. { }; };
+    }
+    // flake-utils.lib.eachSystem supportedSystems (
+      system:
+      let
+        pkgs = import nixpkgs { inherit system; };
+      in
+      {
+        packages = {
+          smtprd-ng = pkgs.callPackage ./. { };
+        };
 
         packages.default = self.packages.${system}.smtprd-ng;
 
@@ -24,12 +41,12 @@
             src = ./.;
             hooks = {
               nixfmt.enable = true;
+              nixfmt.package = pkgs.nixfmt-rfc-style;
               autoflake.enable = true;
               black.enable = true;
               isort.enable = true;
               isort.settings.flags = "--profile black";
-              pylint.enable =
-                false; # doesn't work correctly with module imports in flake
+              pylint.enable = false; # doesn't work correctly with module imports in flake
               detect-private-keys.enable = true;
               detect-private-keys.excludes = [ "tests/" ];
             };
@@ -41,5 +58,6 @@
           type = "app";
           program = "${self.packages.${system}.smtprd-ng}/bin/smtprd-ng";
         };
-      });
+      }
+    );
 }
diff --git a/module.nix b/module.nix
index 9e555d9..15522f3 100644
--- a/module.nix
+++ b/module.nix
@@ -1,4 +1,9 @@
-{ config, lib, pkgs, ... }:
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
 with lib;
 let
   cfg = config.services.smtprd-ng;
@@ -13,23 +18,23 @@ let
       hostname = cfg.client.hostname;
       port = cfg.client.port;
       username = cfg.client.username;
-      password_file = if cfg.client.password_file != "" then
-        "/run/credentials/smtprd-ng.service/password_file"
-      else
-        "";
+      password_file =
+        if cfg.client.password_file != "" then "/run/credentials/smtprd-ng.service/password_file" else "";
       sender = cfg.client.sender;
       use_tls = cfg.client.use_tls;
       start_tls = cfg.client.start_tls;
       smime_cert = cfg.client.smime_cert;
-      smime_cert_private = if cfg.client.smime_cert_private != "" then
-        "/run/credentials/smtprd-ng.service/smime_cert_private"
-      else
-        "";
+      smime_cert_private =
+        if cfg.client.smime_cert_private != "" then
+          "/run/credentials/smtprd-ng.service/smime_cert_private"
+        else
+          "";
     };
     emails = cfg.emails;
   };
   confFile = pkgs.writeText "config.ini" cfgText;
-in {
+in
+{
   options.services.smtprd-ng = {
     enable = mkEnableOption "smtprd-ng";
 
@@ -148,10 +153,10 @@ in {
         message = "Use either TLS or STARTTLS, not both.";
       }
       {
-        assertion = cfg.client.smime_cert == null || (cfg.client.smime_cert
-          != null && cfg.client.smime_cert_private != null);
-        message =
-          "If a S/MIME certificate should be used to sign messages, the private key to this certificate must be supplied.";
+        assertion =
+          cfg.client.smime_cert == null
+          || (cfg.client.smime_cert != null && cfg.client.smime_cert_private != null);
+        message = "If a S/MIME certificate should be used to sign messages, the private key to this certificate must be supplied.";
       }
       {
         assertion = cfg.emails != null;
diff --git a/overlay.nix b/overlay.nix
index 633c971..a6409ab 100644
--- a/overlay.nix
+++ b/overlay.nix
@@ -1,4 +1 @@
-{ self }:
-_final: prev: {
-  smtprd-ng = self.packages.${prev.system}.smtprd-ng;
-}
+{ self }: _final: prev: { smtprd-ng = self.packages.${prev.system}.smtprd-ng; }