diff --git a/nix/os/devices/sj-bm-hostkey0/configuration.nix b/nix/os/devices/sj-bm-hostkey0/configuration.nix
index 60d8d51..0d279ca 100644
--- a/nix/os/devices/sj-bm-hostkey0/configuration.nix
+++ b/nix/os/devices/sj-bm-hostkey0/configuration.nix
@@ -19,6 +19,7 @@
     repoFlake.inputs.sops-nix.nixosModules.sops
 
     ../../profiles/common/user.nix
+    ../../snippets/nix-settings-holo-chain.nix
 
     # TODO
     # ./network.nix
@@ -47,19 +48,6 @@
   services.openssh.enable = true;
   services.openssh.settings.PermitRootLogin = "yes";
 
-  nix.nixPath = [
-    "nixpkgs=${pkgs.path}"
-  ];
-
-  nix.registry = {
-    nixpkgs.to = {
-      type = "path";
-      path = pkgs.path;
-    };
-  };
-
-  nix.settings.experimental-features = ["nix-command" "flakes" "ca-derivations"];
-
   boot = {
     kernel = {
       sysctl = {
diff --git a/nix/os/devices/steveej-t14/system.nix b/nix/os/devices/steveej-t14/system.nix
index 062e505..802aa36 100644
--- a/nix/os/devices/steveej-t14/system.nix
+++ b/nix/os/devices/steveej-t14/system.nix
@@ -8,21 +8,15 @@
 }: let
   passwords = import ../../../variables/passwords.crypt.nix;
 in {
+  imports = [
+    ../../snippets/nix-settings-holo-chain.nix
+  ];
+
   nix.settings = {
     substituters = [
-      "https://holochain-ci.cachix.org"
-      "https://holochain-ci-internal.cachix.org"
-      # "https://cache.holo.host/"
     ];
     trusted-public-keys = [
-      "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8="
-      "holochain-ci-internal.cachix.org-1:QvVsSrTiearCjrLTVtNtJOdQCDTseXh7UXUuSMx46NE="
-      "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
-      "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ="
     ];
-
-    extra-experimental-features = ["impure-derivations"];
-    system-features = ["recursive-nix" "big-parallel"];
   };
 
   networking.extraHosts = ''
diff --git a/nix/os/profiles/common/configuration.nix b/nix/os/profiles/common/configuration.nix
index d68a694..0590e79 100644
--- a/nix/os/profiles/common/configuration.nix
+++ b/nix/os/profiles/common/configuration.nix
@@ -8,6 +8,7 @@
     ./boot.nix
     ./pkg.nix
     ./system.nix
+    ../../snippets/nix-settings.nix
     ./hw.nix
 
     ./user.nix
diff --git a/nix/os/profiles/common/system.nix b/nix/os/profiles/common/system.nix
index 388a07b..4039a9e 100644
--- a/nix/os/profiles/common/system.nix
+++ b/nix/os/profiles/common/system.nix
@@ -8,13 +8,6 @@
   networking.hostName = builtins.elemAt (builtins.split "\\." nodeName) 0; # Define your hostname.
   networking.domain = builtins.elemAt (builtins.split "(^[^\\.]+\.)" nodeName) 2;
 
-  nix.daemonCPUSchedPolicy = "idle";
-  nix.daemonIOSchedClass = "idle";
-  nix.settings.max-jobs = lib.mkDefault "auto";
-  nix.settings.cores = lib.mkDefault 0;
-  nix.settings.sandbox = true;
-  nix.nixPath = ["nixpkgs=${pkgs.path}"];
-
   environment.etc."lvm/lvm.conf".text = ''
     devices {
       issue_discards = 1
diff --git a/nix/os/snippets/nix-settings-holo-chain.nix b/nix/os/snippets/nix-settings-holo-chain.nix
new file mode 100644
index 0000000..660695c
--- /dev/null
+++ b/nix/os/snippets/nix-settings-holo-chain.nix
@@ -0,0 +1,16 @@
+{pkgs, ...}: {
+  nix.settings = {
+    substituters = [
+      "https://holochain-ci.cachix.org"
+      "https://holochain-ci-internal.cachix.org"
+      "https://cache.holo.host/"
+    ];
+
+    trusted-public-keys = [
+      "holochain-ci.cachix.org-1:5IUSkZc0aoRS53rfkvH9Kid40NpyjwCMCzwRTXy+QN8="
+      "holochain-ci-internal.cachix.org-1:QvVsSrTiearCjrLTVtNtJOdQCDTseXh7UXUuSMx46NE="
+      "cache.holo.host-1:lNXIXtJgS9Iuw4Cu6X0HINLu9sTfcjEntnrgwMQIMcE="
+      "cache.holo.host-2:ZJCkX3AUYZ8soxTLfTb60g+F3MkWD7hkH9y8CgqwhDQ="
+    ];
+  };
+}
diff --git a/nix/os/snippets/nix-settings.nix b/nix/os/snippets/nix-settings.nix
new file mode 100644
index 0000000..28630c9
--- /dev/null
+++ b/nix/os/snippets/nix-settings.nix
@@ -0,0 +1,35 @@
+{
+  pkgs,
+  lib,
+  ...
+}: {
+  nix.daemonCPUSchedPolicy = "idle";
+  nix.daemonIOSchedClass = "idle";
+  nix.settings.max-jobs = lib.mkDefault "auto";
+  nix.settings.cores = lib.mkDefault 0;
+  nix.settings.sandbox = true;
+  nix.nixPath = [
+    "nixpkgs=${pkgs.path}"
+  ];
+
+  nix.experimental-features = [
+    "nix-command"
+    "flakes"
+    "ca-derivations"
+    "impure-derivations"
+  ];
+
+  nix.system-features = [
+    "recursive-nix"
+    "big-parallel"
+    "kvm"
+    "nixos-test"
+  ];
+
+  nix.registry = {
+    nixpkgs.to = {
+      type = "path";
+      path = pkgs.path;
+    };
+  };
+}