diff --git a/krebs/5pkgs/simple/cabal-read.nix b/krebs/5pkgs/simple/cabal-read.nix
index f8fc71e05..03b42ef2c 100644
--- a/krebs/5pkgs/simple/cabal-read.nix
+++ b/krebs/5pkgs/simple/cabal-read.nix
@@ -5,6 +5,7 @@ writeHaskellPackage "cabal-read" {
   executables.ghc-options = {
     extra-depends = ["Cabal"];
     text = /* haskell */ ''
+      {-# LANGUAGE CPP #-}
       module Main (main) where
       import Data.List
       import Data.Maybe
@@ -26,6 +27,9 @@ writeHaskellPackage "cabal-read" {
           case lookup (mkUnqualComponentName name) (condExecutables desc) of
             Just exe ->
               putStrLn . intercalate " " . fromMaybe [] . lookup GHC
+      #if MIN_VERSION_Cabal(3,0,0)
+                       . perCompilerFlavorToList
+      #endif
                        . options . buildInfo . condTreeData $ exe
 
             Nothing ->
diff --git a/krebs/5pkgs/simple/htgen/default.nix b/krebs/5pkgs/simple/htgen/default.nix
index c3f6d1779..9ed97242c 100644
--- a/krebs/5pkgs/simple/htgen/default.nix
+++ b/krebs/5pkgs/simple/htgen/default.nix
@@ -1,24 +1,22 @@
-{ coreutils, dash, fetchgit, gnused, stdenv, ucspi-tcp }:
-with import <stockholm/lib>;
-let
-  version = "1.2.8";
-in stdenv.mkDerivation {
-  name = "htgen-${version}";
+{ fetchgit, lib, pkgs, stdenv }:
+stdenv.mkDerivation rec {
+  pname = "htgen";
+  version = "1.3.0";
 
   src = fetchgit {
     url = "http://cgit.krebsco.de/htgen";
     rev = "refs/tags/v${version}";
-    sha256 = "046c05jswar2agagqixad3idqxca494aaf199h6bdn02cyzygnpq";
+    sha256 = "0p3517wkfpvip4z0axh0b4v1jm1nqpppldnhq4806c0p33vrjxnf";
   };
 
   installPhase = ''
     mkdir -p $out/bin
     {
-      echo '#! ${dash}/bin/dash'
-      echo 'export PATH=${makeBinPath [
-        coreutils
-        gnused
-        ucspi-tcp
+      echo '#! ${pkgs.dash}/bin/dash'
+      echo 'export PATH=${lib.makeBinPath [
+        pkgs.coreutils
+        pkgs.jq
+        pkgs.ucspi-tcp
       ]}''${PATH+":$PATH"}'
       sed 's:^Server=htgen$:&/${version}:' htgen
     } > $out/bin/htgen
diff --git a/tv/1systems/alnus/config.nix b/tv/1systems/alnus/config.nix
index ed5fb671c..54f845ec2 100644
--- a/tv/1systems/alnus/config.nix
+++ b/tv/1systems/alnus/config.nix
@@ -11,7 +11,6 @@ with import <stockholm/lib>;
   boot = {
     initrd = {
       availableKernelModules = [ "ahci" ];
-      luks.cryptoModules = [ "aes" "sha512" "xts" ];
       luks.devices.luksroot.device = "/dev/sda2";
     };
   };
diff --git a/tv/1systems/mu/config.nix b/tv/1systems/mu/config.nix
index b6a25a2b8..d5169281d 100644
--- a/tv/1systems/mu/config.nix
+++ b/tv/1systems/mu/config.nix
@@ -15,7 +15,6 @@ with import <stockholm/lib>;
   tv.x0vncserver.enable = true;
 
   boot.initrd.luks.devices.muca.device = "/dev/sda2";
-  boot.initrd.luks.cryptoModules = [ "aes" "sha512" "xts" ];
   boot.initrd.availableKernelModules = [ "ahci" ];
   boot.kernelModules = [ "fbcon" "kvm-intel" ];
   boot.extraModulePackages = [ ];
diff --git a/tv/1systems/nomic/config.nix b/tv/1systems/nomic/config.nix
index 38cc62369..4dc0b4e82 100644
--- a/tv/1systems/nomic/config.nix
+++ b/tv/1systems/nomic/config.nix
@@ -15,10 +15,7 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/xserver>
   ];
 
-  boot.initrd.luks = {
-    cryptoModules = [ "aes" "sha512" "xts" ];
-    devices.luks1.device = "/dev/sda2";
-  };
+  boot.initrd.luks.devices.luks1.device = "/dev/sda2";
 
   # Don't use UEFI because current disk was partitioned/formatted for AO753.
   # TODO remove following bool.loader section after repartitioning/reformatting
diff --git a/tv/1systems/querel/config.nix b/tv/1systems/querel/config.nix
index e58a9b216..96d8d2b6a 100644
--- a/tv/1systems/querel/config.nix
+++ b/tv/1systems/querel/config.nix
@@ -11,12 +11,9 @@ with import <stockholm/lib>;
   krebs.build.user = mkForce config.krebs.users.itak;
 
   boot.initrd.availableKernelModules = [ "ahci" ];
-  boot.initrd.luks = {
-    cryptoModules = [ "aes" "sha512" "xts" ];
-    devices.querel-luks1 = {
-      allowDiscards = true;
-      device = "/dev/sda2";
-    };
+  boot.initrd.luks.devices.querel-luks1 = {
+    allowDiscards = true;
+    device = "/dev/sda2";
   };
   boot.kernelModules = [ "kvm-intel" ];
   boot.loader = {
diff --git a/tv/1systems/wu/config.nix b/tv/1systems/wu/config.nix
index d4114f00a..f9c3860ed 100644
--- a/tv/1systems/wu/config.nix
+++ b/tv/1systems/wu/config.nix
@@ -16,10 +16,7 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/xserver>
   ];
 
-  boot.initrd.luks = {
-    cryptoModules = [ "aes" "sha512" "xts" ];
-    devices.wuca.device = "/dev/sda2";
-  };
+  boot.initrd.luks.devices.wuca.device = "/dev/sda2";
 
   fileSystems = {
     "/" = {
diff --git a/tv/1systems/xu/config.nix b/tv/1systems/xu/config.nix
index 65b49ed9c..90d90ef3f 100644
--- a/tv/1systems/xu/config.nix
+++ b/tv/1systems/xu/config.nix
@@ -111,10 +111,7 @@ with import <stockholm/lib>;
     }
   ];
 
-  boot.initrd.luks = {
-    cryptoModules = [ "aes" "sha512" "xts" ];
-    devices.xuca.device = "/dev/sda2";
-  };
+  boot.initrd.luks.devices.xuca.device = "/dev/sda2";
 
   fileSystems = {
     "/" = {
@@ -154,6 +151,4 @@ with import <stockholm/lib>;
 
   # The NixOS release to be compatible with for stateful data such as databases.
   system.stateVersion = "15.09";
-
-  virtualisation.virtualbox.host.enable = true;
 }
diff --git a/tv/1systems/zu/config.nix b/tv/1systems/zu/config.nix
index 5a69601e9..8a3040a36 100644
--- a/tv/1systems/zu/config.nix
+++ b/tv/1systems/zu/config.nix
@@ -16,10 +16,7 @@ with import <stockholm/lib>;
     <stockholm/tv/2configs/xserver>
   ];
 
-  boot.initrd.luks = {
-    cryptoModules = [ "aes" "sha512" "xts" ];
-    devices.zuca.device = "/dev/sda2";
-  };
+  boot.initrd.luks.devices.zuca.device = "/dev/sda2";
 
   fileSystems = {
     "/" = {
diff --git a/tv/2configs/default.nix b/tv/2configs/default.nix
index 87a5c2e18..07e7ff11d 100644
--- a/tv/2configs/default.nix
+++ b/tv/2configs/default.nix
@@ -90,9 +90,6 @@ with import <stockholm/lib>;
 
     {
       services.cron.enable = false;
-      services.nscd.enable =
-        # Since 20.09 nscd doesn't cache anymore.
-        versionAtLeast (versions.majorMinor version) "20.09";
       services.ntp.enable = false;
       services.timesyncd.enable = true;
     }
diff --git a/tv/2configs/elm-packages-proxy.nix b/tv/2configs/elm-packages-proxy.nix
index 17a0d2304..097d706c6 100644
--- a/tv/2configs/elm-packages-proxy.nix
+++ b/tv/2configs/elm-packages-proxy.nix
@@ -4,20 +4,45 @@
   cfg.packageDir = "/var/lib/elm-packages";
   cfg.port = 7782;
 
+  # TODO secret files
+  cfg.htpasswd = "/var/lib/certs/package.elm-lang.org/htpasswd";
+  cfg.sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
+  cfg.sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+
+  semverRegex =
+    "(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?";
+
 in {
   services.nginx.virtualHosts."package.elm-lang.org" = {
     addSSL = true;
 
-    # TODO secret files
-    sslCertificate = "/var/lib/certs/package.elm-lang.org/fullchain.pem";
-    sslCertificateKey = "/var/lib/certs/package.elm-lang.org/key.pem";
+    sslCertificate = cfg.sslCertificate;
+    sslCertificateKey = cfg.sslCertificateKey;
+
+    locations."/all-packages".extraConfig = ''
+      proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+      proxy_pass_header Server;
+    '';
 
     locations."/all-packages/since/".extraConfig = ''
       proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
       proxy_pass_header Server;
     '';
 
-    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>(?<major>0|[1-9]\\d*)\\.(?<minor>0|[1-9]\\d*)\\.(?<patch>0|[1-9]\\d*)(?:-(?<prerelease>(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*)(?:\\.(?:0|[1-9]\\d*|\\d*[a-zA-Z-][0-9a-zA-Z-]*))*))?(?:\\+(?<buildmetadata>[0-9a-zA-Z-]+(?:\\.[0-9a-zA-Z-]+)*))?)/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
+    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})\$".extraConfig = ''
+      auth_basic "Restricted Area";
+      auth_basic_user_file ${cfg.htpasswd};
+
+      proxy_set_header X-User $remote_user;
+      proxy_set_header X-Author $author;
+      proxy_set_header X-Package $pname;
+      proxy_set_header X-Version $version;
+      proxy_pass_header Server;
+
+      proxy_pass http://127.0.0.1:${toString config.krebs.htgen.elm-packages-proxy.port};
+    '';
+
+    locations."~ ^/packages/(?<author>[A-Za-z0-9-]+)/(?<pname>[A-Za-z0-9-]+)/(?<version>${semverRegex})/(?:zipball|elm.json|endpoint.json)\$".extraConfig = ''
       set $zipball "${cfg.packageDir}/$author/$pname/$version/zipball";
       proxy_set_header X-Author $author;
       proxy_set_header X-Package $pname;
@@ -39,14 +64,15 @@ in {
 
   krebs.htgen.elm-packages-proxy = {
     port = cfg.port;
-    script = /* sh */ ''(. ${pkgs.writeDash "elm-packages-proxy.sh" ''
+    script = /* sh */ ''. ${pkgs.writeDash "elm-packages-proxy.sh" ''
       PATH=${lib.makeBinPath [
+        pkgs.attr
         pkgs.coreutils
         pkgs.curl
         pkgs.findutils
         pkgs.gnugrep
         pkgs.jq
-        pkgs.unzip
+        pkgs.p7zip
       ]}
       export PATH
       file_response() {(
@@ -73,7 +99,7 @@ in {
 
         printf "HTTP/1.1 $status_code $status_reason\r\n"
         printf 'Connection: close\r\n'
-        printf 'Content-Length: %d\r\n' ''${#response_body}
+        printf 'Content-Length: %d\r\n' "$(expr ''${#response_body} + 1)"
         printf 'Content-Type: %s\r\n' "$content_type"
         printf 'Server: %s\r\n' "$Server"
         printf '\r\n'
@@ -99,7 +125,7 @@ in {
             ;;
             elm.json)
               if ! test -f "$elmjson"; then
-                unzip -p "$zipball" \*/elm.json > "$elmjson"
+                7z x -so "$zipball" \*/elm.json > "$elmjson"
               fi
               file_response 200 OK "$elmjson" 'application/json; charset=UTF-8'
               exit
@@ -119,36 +145,110 @@ in {
             ;;
           esac
         ;;
-        'POST /all-packages/since/'*)
+        'POST /packages/'*)
 
-          # TODO only show newest?
-          my_packages=$(
-            cd ${cfg.packageDir}
-            find -mindepth 3 -maxdepth 3 |
+          author=$req_x_author
+          pname=$req_x_package
+          user=$req_x_user
+          version=$req_x_version
+
+          action=uploading
+          force=''${req_x_force-false}
+          zipball=${cfg.packageDir}/$author/$pname/$version/zipball
+          elmjson=$HOME/cache/$author%2F$pname%2F$version%2Felm.json
+          endpointjson=$HOME/cache/$author%2F$pname%2F$version%2Fendpoint.json
+
+          if test -e "$zipball"; then
+            if test "$force" = true; then
+              zipball_owner=$(attr -q -g X-User "$zipball" || :)
+              if test "$zipball_owner" = "$req_x_user"; then
+                action=replacing
+                rm -f "$elmjson"
+                rm -f "$endpointjson"
+              else
+                string_response 403 Forbidden \
+                    "package already exists: $author/$pname@$version" \
+                    text/plain
+                exit
+              fi
+            else
+              string_response 409 Conflict \
+                  "package already exists: $author/$pname@$version" \
+                  text/plain
+              exit
+            fi
+          fi
+
+          echo "user $user is $action package $author/$pname@$version" >&2
+          # TODO check package
+          mkdir -p "$(dirname "$zipball")"
+          head -c $req_content_length > "$zipball"
+
+          attr -q -s X-User -V "$user" "$zipball" || :
+
+          string_response 200 OK \
+              "package created: $author/$pname@$version" \
+              text/plain
+
+          exit
+        ;;
+        'GET /all-packages'|'POST /all-packages')
+
+          response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX)
+          trap "rm $response >&2" EXIT
+
+          {
+            # upstream packages
+            curl -fsS https://package.elm-lang.org"$Request_URI"
+
+            # private packages
+            (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) |
+            jq -Rs '
+              split("\n") |
+              map(
+                select(.!="") |
+                match("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$").captures |
+                map({key:.name,value:.string}) |
+                from_entries
+              ) |
+              reduce .[] as $item ({};
+                ($item|"\(.author)/\(.pname)") as $name |
+                . + { "\($name)": ((.[$name] // []) + [$item.version]) }
+              )
+            '
+          } |
+          jq -cs add > $response
+
+          file_response 200 OK "$response" 'application/json; charset=UTF-8'
+          exit
+        ;;
+        'GET /all-packages/since/'*|'POST /all-packages/since/'*)
+
+          response=$(mktemp -t htgen.$$.elm-packages-proxy.all-packages.XXXXXXXX)
+          trap "rm $response >&2" EXIT
+
+          {
+            # upstream packages
+            curl -fsS https://package.elm-lang.org"$Request_URI"
+
+            # private packages
+            (cd ${cfg.packageDir}; find -mindepth 3 -maxdepth 3) |
             jq -Rs '
               split("\n") |
               map(
                 select(.!="") |
                 sub("^\\./(?<author>[^/]+)/(?<pname>[^/]+)/(?<version>[^/]+)$";"\(.author)/\(.pname)@\(.version)")
-              )
+              ) |
+              sort_by(split("@") | [.[0]]+(.[1]|split("."))) |
+              reverse
             '
-          )
+          } |
+          jq -cs add > $response
 
-          new_upstream_packages=$(
-            curl -fsS https://package.elm-lang.org"$Request_URI"
-          )
-
-          response=$(
-            jq -n \
-                --argjson my_packages "$my_packages" \
-                --argjson new_upstream_packages "$new_upstream_packages" \
-                '$new_upstream_packages + $my_packages'
-          )
-
-          string_response 200 OK "$response" 'application/json; charset=UTF-8'
+          file_response 200 OK "$response" 'application/json; charset=UTF-8'
           exit
         ;;
       esac
-    ''})'';
+    ''}'';
   };
 }
diff --git a/tv/2configs/exim-smarthost.nix b/tv/2configs/exim-smarthost.nix
index 68fbcd151..4a0dcf616 100644
--- a/tv/2configs/exim-smarthost.nix
+++ b/tv/2configs/exim-smarthost.nix
@@ -26,7 +26,6 @@ with import <stockholm/lib>;
       { from = "postmaster@viljetic.de"; to = tv.mail; } # RFC 822
       { from = "mirko@viljetic.de"; to = mv-ni.mail; }
       { from = "tomislav@viljetic.de"; to = tv.mail; }
-      { from = "tv@destroy.dyn.shackspace.de"; to = tv.mail; }
       { from = "tv@viljetic.de"; to = tv.mail; }
       { from = "tv@shackspace.de"; to = tv.mail; }
     ];
diff --git a/tv/2configs/gitrepos.nix b/tv/2configs/gitrepos.nix
index 59090c8e3..991281ede 100644
--- a/tv/2configs/gitrepos.nix
+++ b/tv/2configs/gitrepos.nix
@@ -83,6 +83,9 @@ let {
     krops = {
       cgit.desc = "deployment tools";
     };
+    mailaids = {
+      cgit.desc = "Assortment of aids for working with electronic mail";
+    };
     much = {};
     netcup = {
       cgit.desc = "netcup command line interface";
diff --git a/tv/2configs/hw/x220.nix b/tv/2configs/hw/x220.nix
index 61b475537..aadfc6691 100644
--- a/tv/2configs/hw/x220.nix
+++ b/tv/2configs/hw/x220.nix
@@ -48,9 +48,9 @@
   };
 
   services.tlp.enable = true;
-  services.tlp.extraConfig = ''
-    START_CHARGE_THRESH_BAT0=80
-  '';
+  services.tlp.settings = {
+    START_CHARGE_THRESH_BAT0 = 80;
+  };
 
   nix = {
     buildCores = 2;
diff --git a/tv/5pkgs/haskell/mailaids.nix b/tv/5pkgs/haskell/mailaids.nix
new file mode 100644
index 000000000..b705c7c69
--- /dev/null
+++ b/tv/5pkgs/haskell/mailaids.nix
@@ -0,0 +1,21 @@
+{ mkDerivation, aeson, aeson-pretty, base, bytestring
+, case-insensitive, fetchgit, lens, optparse-applicative
+, purebred-email, stdenv, text, vector, word8
+}:
+mkDerivation {
+  pname = "mailaids";
+  version = "1.0.0";
+  src = fetchgit {
+    url = "https://cgit.krebsco.de/mailaids";
+    sha256 = "15h0k82czm89gkwhp1rwdy77jz8dmb626qdz7c2narvz9j7169v5";
+    rev = "8f11927ea74d6adb332c884502ebd9c486837523";
+    fetchSubmodules = true;
+  };
+  isLibrary = false;
+  isExecutable = true;
+  executableHaskellDepends = [
+    aeson aeson-pretty base bytestring case-insensitive lens
+    optparse-applicative purebred-email text vector word8
+  ];
+  license = stdenv.lib.licenses.mit;
+}
diff --git a/tv/5pkgs/override/rxvt_unicode.nix b/tv/5pkgs/override/rxvt_unicode.nix
index da657fb20..4d9c3abc3 100644
--- a/tv/5pkgs/override/rxvt_unicode.nix
+++ b/tv/5pkgs/override/rxvt_unicode.nix
@@ -2,8 +2,16 @@
 rxvt_unicode.overrideAttrs (old: {
   patches = old.patches ++ [
     (fetchurl {
+      name = "rxvt-unicode.cancel-running-selection-request.patch";
       url = https://cgit.krebsco.de/rxvt-unicode/patch/?id=15f3f94;
       sha256 = "12vldwsds27c9l15ffc6svk9mj17jhypcz736pvpmpqbsymlkz2p";
     })
+
+    # Fix segfault when calling editor-input from XMonad.
+    (fetchurl {
+      name = "rxvt-unicode.no-perl_destruct.patch";
+      url = "https://cgit.krebsco.de/rxvt-unicode/patch/?id=d63f96a";
+      sha256 = "0i8nqrqgprv7cygflkrdp5zx75dv9bv84vrr2yc3vnfpqxamc43n";
+    })
   ];
 })
diff --git a/tv/5pkgs/simple/editor-input.nix b/tv/5pkgs/simple/editor-input.nix
new file mode 100644
index 000000000..931179af6
--- /dev/null
+++ b/tv/5pkgs/simple/editor-input.nix
@@ -0,0 +1,18 @@
+{ pkgs }:
+pkgs.writeDashBin "editor-input" ''
+  exec \
+  ${pkgs.utillinux}/bin/setsid -f \
+  ${pkgs.with-tmpdir}/bin/with-tmpdir -t editor-input.XXXXXXXX \
+  ${pkgs.writeDash "editor-input.sh" ''
+    f=$TMPDIR/input
+    ${pkgs.rxvt_unicode}/bin/urxvt -name editor-input-urxvt -e \
+       ${pkgs.vim}/bin/vim --cmd ':set noeol binary' -c startinsert "$f"
+    if test -e "$f"; then
+      ${pkgs.xsel}/bin/xsel -ip < "$f"
+      ${pkgs.xsel}/bin/xsel -ib < "$f"
+      ${pkgs.xdotool}/bin/xdotool key --clearmodifiers shift+Insert
+      ${pkgs.xsel}/bin/xsel -dp
+      ${pkgs.xsel}/bin/xsel -db
+    fi
+  ''}
+''
diff --git a/tv/5pkgs/simple/rox-filer.nix b/tv/5pkgs/simple/rox-filer.nix
new file mode 100644
index 000000000..bce89cacd
--- /dev/null
+++ b/tv/5pkgs/simple/rox-filer.nix
@@ -0,0 +1,94 @@
+{ autoconf, stdenv, fetchFromGitLab, pkgconfig, libxml2, libSM, shared-mime-info
+, libxslt, docbook_xml_dtd_412, docbook_xsl
+, gtk ? gtk2, gtk2
+}:
+
+stdenv.mkDerivation {
+  pname = "rox-filer";
+  version = "2.11-tv";
+
+  src = fetchFromGitLab {
+    owner = "seirios";
+    repo = "rox-filer";
+    rev = "3c3ad5d85a1ab548574bf450f730886b60092587";
+    sha256 = "0h743zpx1v9rrsaxn0q3nwpq8wkjf6icgzrg8jpqldsphw3ygkhr";
+  };
+
+  nativeBuildInputs = [
+    autoconf
+    docbook_xsl
+    libxslt
+    pkgconfig
+  ];
+
+  buildInputs = [ libxml2 gtk shared-mime-info libSM ];
+
+  # go to the source directory after unpacking the sources
+  setSourceRoot = "export sourceRoot=source/ROX-Filer";
+
+  # patch the main.c to disable the lookup of the APP_DIR environment variable,
+  # which is used to lookup the location for certain images when rox-filer
+  # starts; rather override the location with an absolute path to the directory
+  # where images are stored to prevent having to use a wrapper, which sets the
+  # APP_DIR environment variable prior to starting rox-filer
+  preConfigure = ''
+    (cd src && autoconf)
+    sed -i -e "s:g_strdup(getenv(\"APP_DIR\")):\"$out\":" src/main.c
+    mkdir build
+    cd build
+  '';
+
+  preBuild = ''
+    for f in \
+      ../src/Docs/Manual.xml \
+      ../src/Docs/Manual-fr.xml \
+      ../src/Docs/Manual-it.xml ;
+    do
+      substituteInPlace "$f" \
+          --replace \
+              /usr/share/sgml/docbook/dtd/xml/4.1.2/docbookx.dtd \
+              ${docbook_xml_dtd_412}/xml/dtd/docbook/docbookx.dtd
+    done
+    make -C ../src/Docs MAN=.. || exit 1
+  '';
+
+  configureScript = "../src/configure";
+
+  installPhase = ''
+    mkdir -p "$out"
+    cd ..
+    cp -av Help Messages Options.xml ROX images style.css .DirIcon "$out"
+
+    mkdir -p "$out/share/man/man1"
+    cp -av src/rox.1 "$out/share/man/man1"
+
+    # the main executable
+    mkdir "$out/bin/"
+    cp -v ROX-Filer "$out/bin/rox"
+
+    # mime types
+    mkdir -p "$out/ROX/MIME"
+    cd "$out/ROX/MIME"
+    ln -sv text-x-{diff,patch}.png
+    ln -sv application-x-font-{afm,type1}.png
+    ln -sv application-xml{,-dtd}.png
+    ln -sv application-xml{,-external-parsed-entity}.png
+    ln -sv application-{,rdf+}xml.png
+    ln -sv application-x{ml,-xbel}.png
+    ln -sv application-{x-shell,java}script.png
+    ln -sv application-x-{bzip,xz}-compressed-tar.png
+    ln -sv application-x-{bzip,lzma}-compressed-tar.png
+    ln -sv application-x-{bzip-compressed-tar,lzo}.png
+    ln -sv application-x-{bzip,xz}.png
+    ln -sv application-x-{gzip,lzma}.png
+    ln -sv application-{msword,rtf}.png
+  '';
+
+  meta = with stdenv.lib; {
+    description = "Fast, lightweight, gtk2 file manager";
+    homepage = "http://rox.sourceforge.net/desktop";
+    license = with licenses; [ gpl2 lgpl2 ];
+    platforms = platforms.linux;
+    maintainers = [ maintainers.eleanor ];
+  };
+}