diff --git a/infra/flake-part.nix b/infra/flake-part.nix
index c1c49c0..301146b 100644
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@@ -13,33 +13,37 @@ let
     vmid:
     { providers, ... }:
     let
-      vmmodule = import (./. + "/${vmid}");
+      vmConfig = import (./. + "/${vmid}");
     in
     {
       type = providers.local.exec;
       imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
+
       ssh = {
-        # FIXME: The following assumes that `vmmodule` does not use arguments
-        # and does not get `proxolix.vm.ip4` from an import, etc. I have tried
-        # an approach with `lib.evalModules` but I cannot get it to work.
-        host = vmmodule.procolix.vm.ip4;
+        host = vmConfig.procolix.vm.ip4;
         opts = "";
         hostPublicKey = self.keys.systems.${vmid};
       };
+
       nixpkgs = inputs.nixpkgs;
+
       nixos.module = {
         imports = [
-          vmmodule
+          ## NOTE: We import an attrset as a NixOS module, for convenience, so
+          ## as to be able to use it in NixOps4 and to grab information from it
+          ## (eg. the IP) without evaluating the whole configuration first.
+          vmConfig
+
           ./common
           self.nixosModules.ageSecrets
-          {
-            fediversity.hostPublicKey = self.keys.systems.${vmid};
-
-            ## FIXME: Remove direct root authentication once the NixOps4 NixOS
-            ## provider supports users with password-less sudo.
-            users.users.root.openssh.authorizedKeys.keys = attrValues self.keys.contributors;
-          }
         ];
+
+        ## Necessary to filter Age secrets.
+        fediversity.hostPublicKey = self.keys.systems.${vmid};
+
+        ## FIXME: Remove direct root authentication once the NixOps4 NixOS
+        ## provider supports users with password-less sudo.
+        users.users.root.openssh.authorizedKeys.keys = attrValues self.keys.contributors;
       };
     };