diff --git a/modules/headless-graphical/default.nix b/modules/headless-graphical/default.nix
new file mode 100644
index 00000000..149dea3c
--- /dev/null
+++ b/modules/headless-graphical/default.nix
@@ -0,0 +1,73 @@
+{ lib, config, pkgs, ... }:
+with lib;
+let
+  psCfg = config.pub-solar;
+  cfg = config.pub-solar.headless-graphical;
+in
+{
+  options.pub-solar.headless-graphical = {
+    enable = mkEnableOption "Enable headless sway and VNC";
+  };
+
+  config = mkIf cfg.enable {
+    programs.sway.enable = true;
+
+    xdg.portal = {
+      enable = true;
+      extraPortals = with pkgs; [ xdg-desktop-portal-gtk xdg-desktop-portal-wlr ];
+      gtkUsePortal = true;
+    };
+
+    services.pipewire.enable = true;
+
+    home-manager = with pkgs; pkgs.lib.setAttrByPath [ "users" psCfg.user.name ] {
+      home.packages = with pkgs; [
+        sway
+        grim
+        kanshi
+        mako
+        slurp
+        swayidle
+        swaylock
+        swaybg
+        xwayland
+
+        libappindicator-gtk3
+
+        wl-clipboard
+        wf-recorder
+        brightnessctl
+        gammastep
+        geoclue2
+        xsettingsd
+        ydotool
+
+        swaylock-bg
+        sway-launcher
+        import-gtk-settings
+        s
+        wcwd
+      ];
+
+      programs.waybar.enable = true;
+
+      systemd.user.services.mako = import ./mako.service.nix pkgs;
+      systemd.user.services.swayidle = import ./swayidle.service.nix pkgs;
+      systemd.user.services.xsettingsd = import ./xsettingsd.service.nix pkgs;
+      systemd.user.services.waybar = import ./waybar.service.nix pkgs;
+      systemd.user.targets.sway-session = import ./sway-session.target.nix pkgs;
+
+      systemd.user.services.sway-headless = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs);
+      systemd.user.services.wayvnc = mkIf cfg.vnc.enable (import ./wayvnc.service.nix pkgs);
+
+      xdg.configFile."sway/config".source = ./config/config;
+      xdg.configFile."sway/config.d/colorscheme.conf".source = ./config/config.d/colorscheme.conf;
+      xdg.configFile."sway/config.d/theme.conf".source = ./config/config.d/theme.conf;
+      xdg.configFile."sway/config.d/gaps.conf".source = ./config/config.d/gaps.conf;
+      xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
+      xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
+      xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
+      xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; };
+    };
+  };
+}
diff --git a/modules/sway/sway.service.nix b/modules/headless-graphical/sway-headless.service.nix
similarity index 58%
rename from modules/sway/sway.service.nix
rename to modules/headless-graphical/sway-headless.service.nix
index 95efc3e6..7074a0d8 100644
--- a/modules/sway/sway.service.nix
+++ b/modules/headless-graphical/sway-headless.service.nix
@@ -1,18 +1,30 @@
 pkgs:
 {
   Unit = {
-    Description = "sway - SirCmpwn's Wayland window manager";
+    Description = "Headless sway - SirCmpwn's Wayland window manager";
     Documentation = [ "man:sway(5)" ];
     BindsTo = [ "graphical-session.target" ];
     Wants = [ "graphical-session-pre.target" ];
     After = [ "graphical-session-pre.target" ];
   };
+
   Service = {
     Type = "simple";
-    ExecStart = "${pkgs.sway}/bin/sway";
+
+    ExecStart = "${pkgs.sway}/bin/sway --headless";
+    Environment = [
+      "WLR_BACKENDS=headless"
+      "WLR_RENDERER=pixman"
+      "WLR_LIBINPUT_NO_DEVICES=1"
+    ];
+
     Restart = "on-failure";
     RestartSec = "1";
     TimeoutStopSec = "10";
     ExecStopPost = "${pkgs.systemd}/bin/systemctl --user unset-environment SWAYSOCK DISPLAY I3SOCK WAYLAND_DISPLAY";
   };
+
+  Install = {
+    WantedBy = [ "sway-session.target" ];
+  };
 }
diff --git a/modules/headless-graphical/wayvnc.service.nix b/modules/headless-graphical/wayvnc.service.nix
new file mode 100644
index 00000000..43b7ebae
--- /dev/null
+++ b/modules/headless-graphical/wayvnc.service.nix
@@ -0,0 +1,20 @@
+pkgs:
+{
+  Unit = {
+    Description = "A VNC server for wlroots based Wayland compositors ";
+    Documentation = "https://github.com/any1/wayvnc";
+    BindsTo = [ "sway-session.target" ];
+    After = [ "graphical-session-pre.target" "network-online.target" ];
+    Wants = [ "graphical-session-pre.target" "network-online.target" ];
+  };
+
+  Service = {
+    Type = "simple";
+    Environment = "WAYLAND_DISPLAY=wayland-1";
+    ExecStart = "${pkgs.wayvnc}/bin/wayvnc --render-cursor --unix-socket /run/wayvnc.sock";
+  };
+
+  Install = {
+    WantedBy = [ "sway-session.target" ];
+  };
+}
diff --git a/modules/sway/config/config.d/custom-keybindings.conf b/modules/sway/config/config.d/custom-keybindings.conf
index 5faddece..c394a69a 100644
--- a/modules/sway/config/config.d/custom-keybindings.conf
+++ b/modules/sway/config/config.d/custom-keybindings.conf
@@ -47,3 +47,11 @@ mode "$mode_system" {
     bindsym Return mode "default"
     bindsym Escape mode "default"
 }
+
+set $mode_vncclient In VNCClient mode. Press $mod+Num_Lock or $mod+Shift+Escape to return.
+bindsym $mod+Num_Lock mode "$mode_vncclient"
+bindsym $mod+Shift+Escape mode "$mode_vncclient"
+mode "$mode_vncclient" {
+    bindsym $mod+Num_Lock mode "default"
+    bindsym $mod+Shift+Escape mode "default"
+}
diff --git a/modules/sway/config/wayvnc/config.nix b/modules/sway/config/wayvnc/config.nix
new file mode 100644
index 00000000..27a51188
--- /dev/null
+++ b/modules/sway/config/wayvnc/config.nix
@@ -0,0 +1,8 @@
+{ psCfg, pkgs }: "
+address=0.0.0.0
+enable_auth=true
+username=${psCfg.user.name}
+password=testtest
+private_key_file=/run/agenix/vnc-key.pem
+certificate_file=/run/agenix/vnc-cert.pem
+"
diff --git a/modules/sway/default.nix b/modules/sway/default.nix
index 83f407e4..691769e2 100644
--- a/modules/sway/default.nix
+++ b/modules/sway/default.nix
@@ -3,20 +3,27 @@ with lib;
 let
   psCfg = config.pub-solar;
   cfg = config.pub-solar.sway;
+  headlessCfg = config.pub-solar.sway-headless;
 in
 {
   options.pub-solar.sway = {
     enable = mkEnableOption "Life in boxes";
+
+    terminal = mkOption {
+      type = types.nullOr types.str;
+      default = "alacritty";
+      description = "Choose sway's default terminal";
+    };
+
+    v4l2loopback.enable = mkOption {
+      type = types.bool;
+      default = true;
+      description = "WebCam streaming tool";
+    };
   };
-  options.pub-solar.sway.terminal = mkOption {
-    type = types.nullOr types.str;
-    default = "alacritty";
-    description = "Choose sway's default terminal";
-  };
-  options.pub-solar.sway.v4l2loopback.enable = mkOption {
-    type = types.bool;
-    default = true;
-    description = "WebCam streaming tool";
+
+  options.pub-solar.sway-headless = {
+    enable = mkEnableOption "Enable headless sway and vnc service";
   };
 
   config = mkIf cfg.enable (mkMerge [
@@ -26,13 +33,12 @@ in
       boot.extraModprobeConfig = ''
         options v4l2loopback exclusive_caps=1 devices=3
       '';
-    })
-
-    ({
       environment.systemPackages = with pkgs; [
         linuxPackages.v4l2loopback
       ];
+    })
 
+    ({
       programs.sway.enable = true;
 
       xdg.portal = {
@@ -98,6 +104,7 @@ in
         xdg.configFile."sway/config.d/custom-keybindings.conf".source = ./config/config.d/custom-keybindings.conf;
         xdg.configFile."sway/config.d/applications.conf".source = ./config/config.d/applications.conf;
         xdg.configFile."sway/config.d/systemd.conf".source = ./config/config.d/systemd.conf;
+        xdg.configFile."wayvnc/config".text = import ./config/wayvnc/config.nix { inherit psCfg; inherit pkgs; };
       };
     })
   ]);
diff --git a/modules/user/default.nix b/modules/user/default.nix
index 2fd5958e..c9d09a82 100644
--- a/modules/user/default.nix
+++ b/modules/user/default.nix
@@ -41,6 +41,7 @@ in
         type = types.nullOr types.str;
         default = null;
       };
+      autologin = mkEnableOption "Autologin the pub solar user on all TTYs";
     };
   };
 }
diff --git a/modules/x-os/networking.nix b/modules/x-os/networking.nix
index 1e981290..476460a8 100644
--- a/modules/x-os/networking.nix
+++ b/modules/x-os/networking.nix
@@ -2,7 +2,9 @@
 
 with lib;
 
-let cfg = config.pub-solar.x-os;
+let
+  psCfg = config.pub-solar;
+  cfg = psCfg.x-os;
 in
 {
   options.pub-solar.x-os = {
@@ -34,21 +36,51 @@ in
 
     # These entries get added to /etc/hosts
     networking.hosts = {
-      "127.0.0.1" = [ "cups.local" ];
+      "127.0.0.1" = mkIf psCfg.printing.enable [ "cups.local" ];
     };
 
-    # Caddy reverse proxy for local services like cups
-    services.caddy = {
-      enable = true;
-      config = ''
-        {
-          auto_https off
-        }
-        cups.local:80
-        bind 127.0.0.1
-        request_header Host localhost:631
-        reverse_proxy unix//run/cups/cups.sock
-      '';
-    };
+    # ha reverse proxy for local services like cups
+    services.haproxy.enable = true;
+    services.haproxy.config = ''
+      global
+        maxconn 4096
+#        user http
+#        group http
+        daemon
+
+      defaults
+        log   global
+        mode   http
+        option   httplog
+        option   dontlognull
+        retries   3
+        option redispatch
+        maxconn   2000
+        timeout connect  5000
+        timeout client  50000
+        timeout server  50000
+        log        127.0.0.1       local0
+        log        127.0.0.1       local7 debug
+        option httpchk
+
+      frontend http
+        bind 0.0.0.0:80
+
+        acl is_cups hdr_end(host) -i cups.local
+        acl is_local dst 127.0.0.1
+
+        use_backend cups if is_cups is_local
+
+      frontend vnc
+        bind 0.0.0.0:5901
+        mode tcp
+        use_backend vnc
+
+      backend cups
+        server cups unix@/run/cups/cups.sock
+
+      backend vnc
+        server vnc unix@/run/wayvnc.sock
+    '';
   };
 }