diff --git a/infra/flake-part.nix b/infra/flake-part.nix
index 54d3bcb0..bacbfd3d 100644
--- a/infra/flake-part.nix
+++ b/infra/flake-part.nix
@@ -6,53 +6,29 @@
 }:
 
 let
-  inherit (lib) attrValues mapAttrs;
+  inherit (lib) mapAttrs;
   inherit (lib.attrsets) genAttrs;
 
   makeResource =
-    vmid:
+    vmName:
     { providers, ... }:
-    let
-      vmConfig = import (./. + "/${vmid}");
-    in
     {
-      type = providers.local.exec;
-      imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
+      _module.args = { inherit self inputs providers; };
 
-      ssh = {
-        host = vmConfig.procolix.vm.ip4;
-        opts = "";
-        hostPublicKey = self.keys.systems.${vmid};
-      };
+      imports = [
+        inputs.nixops4-nixos.modules.nixops4Resource.nixos
+        ./procolixResource.nix
+      ];
 
-      nixpkgs = inputs.nixpkgs;
-
-      nixos.module = {
-        imports = [
-          ## NOTE: We import an attrset as a NixOS module, for convenience, so
-          ## as to be able to use it in NixOps4 and to grab information from it
-          ## (eg. the IP) without evaluating the whole configuration first.
-          vmConfig
-
-          ./common
-          self.nixosModules.ageSecrets
-        ];
-
-        ## Necessary to filter Age secrets.
-        fediversity.hostPublicKey = self.keys.systems.${vmid};
-
-        ## FIXME: Remove direct root authentication once the NixOps4 NixOS
-        ## provider supports users with password-less sudo.
-        users.users.root.openssh.authorizedKeys.keys = attrValues self.keys.contributors;
-      };
+      procolixVm.name = vmName;
     };
 
   makeDeployments = mapAttrs (
-    _: vmids:
+    _: vmNames:
     { providers, ... }:
     {
       providers.local = inputs.nixops4.modules.nixops4Provider.local;
-      resources = genAttrs vmids (vmid: makeResource vmid { inherit providers; });
+      resources = genAttrs vmNames (vmName: makeResource vmName { inherit providers; });
     }
   );
 
diff --git a/infra/procolixResource.nix b/infra/procolixResource.nix
new file mode 100644
index 00000000..811be602
--- /dev/null
+++ b/infra/procolixResource.nix
@@ -0,0 +1,54 @@
+{
+  self,
+  inputs,
+  providers,
+  lib,
+  config,
+  ...
+}:
+
+let
+  inherit (lib) attrValues mkOption;
+
+in
+{
+  options = {
+    procolixVm.name = mkOption { };
+  };
+
+  config =
+    let
+      vmConfig = import (./. + "/${config.procolixVm.name}");
+    in
+    {
+      type = providers.local.exec;
+
+      ssh = {
+        host = vmConfig.procolix.vm.ip4;
+        opts = "";
+        hostPublicKey = self.keys.systems.${config.procolixVm.name};
+      };
+
+      nixpkgs = inputs.nixpkgs;
+
+      nixos.module = {
+        imports = [
+          ## NOTE: We import an attrset as a NixOS module, for convenience, so
+          ## as to be able to use it in NixOps4 and to grab information from it
+          ## (eg. the IP) without evaluating the whole configuration first.
+          vmConfig
+
+          ./common
+
+          self.nixosModules.ageSecrets
+        ];
+
+        ## Necessary to filter Age secrets.
+        fediversity.hostPublicKey = self.keys.systems.${config.procolixVm.name};
+
+        ## FIXME: Remove direct root authentication once the NixOps4 NixOS
+        ## provider supports users with password-less sudo.
+        users.users.root.openssh.authorizedKeys.keys = attrValues self.keys.contributors;
+      };
+    };
+}