diff --git a/config-root.yaml b/config-root.yaml
index 05d3c267..d1430269 100644
--- a/config-root.yaml
+++ b/config-root.yaml
@@ -101,65 +101,61 @@ dotfiles:
   f_pacserve.service.conf:
     src: etc/pacserve/pacserve.service.conf
     dst: /etc/pacserve/pacserve.service.conf
-  f_encrypt:
-    src: usr/lib/initcpio/hooks/encrypt
-    dst: /usr/lib/initcpio/hooks/encrypt
 profiles:
   Network:
     dotfiles:
-    - d_network
-    - f_networkd.conf
+      - d_network
+      - f_networkd.conf
   Locale:
     dotfiles:
-    - f_locale.conf
-    - f_locale.gen
+      - f_locale.conf
+      - f_locale.gen
   Pacman:
     dotfiles:
-    - f_pacman.conf
-    - f_pacserve.service.conf
+      - f_pacman.conf
+      - f_pacserve.service.conf
   Mirkwood:
     dotfiles:
-    - f_getty.conf
-    - f_cryptissue
-    - f_welcomemessage.conf
-    - d_bin
-    - f_adb.service
-    - f_bluetooth.conf
-    - f_sshd_config
-    - f_logind.conf
-    - f_60-uinput-permissions.rules
-    - f_freetype2.sh
-    - f_fonts.conf
-    - f_99-lowbat.rules
-    - f_ignore
-    - f_mkinitcpio.conf
-    - f_vconsole.conf
-    - f_20-quiet-printk.conf
-    - f_system.conf
-    - f_cpupower
-    - f_encrypt
+      - f_getty.conf
+      - f_cryptissue
+      - f_welcomemessage.conf
+      - d_bin
+      - f_adb.service
+      - f_bluetooth.conf
+      - f_sshd_config
+      - f_logind.conf
+      - f_60-uinput-permissions.rules
+      - f_freetype2.sh
+      - f_fonts.conf
+      - f_99-lowbat.rules
+      - f_ignore
+      - f_mkinitcpio.conf
+      - f_vconsole.conf
+      - f_20-quiet-printk.conf
+      - f_system.conf
+      - f_cpupower
     include:
-    - Locale
-    - Pacman
-    - Network
+      - Locale
+      - Pacman
+      - Network
   Moria:
     include:
-    - Locale
-    - Pacman
-    - Network
+      - Locale
+      - Pacman
+      - Network
     dotfiles:
-    - f_sshd_config
-    - f_99-sysctl.conf
-    - f_cpupower
+      - f_sshd_config
+      - f_99-sysctl.conf
+      - f_cpupower
   Gondor:
     include:
-    - Locale
-    - Pacman
+      - Locale
+      - Pacman
     dotfiles:
-    - f_sshd_config
+      - f_sshd_config
   localhost:
     include:
-    - Locale
+      - Locale
   Edoras:
     include:
-    - Pacman
+      - Pacman
diff --git a/root/boot/loader/README.md b/root/boot/loader/README.md
deleted file mode 100644
index f0138427..00000000
--- a/root/boot/loader/README.md
+++ /dev/null
@@ -1,2 +0,0 @@
-I don't use systemd-boot on my main system anymore but this is here for reference
-when I'm setting up new systems.
diff --git a/root/boot/loader/entries/arch-busybox.conf b/root/boot/loader/entries/arch-busybox.conf
deleted file mode 100755
index db073af3..00000000
--- a/root/boot/loader/entries/arch-busybox.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-title		Arch Linux
-initrd		/amd-ucode.img
-initrd		/initramfs-linux.img
-linux		/vmlinuz-linux
-options		cryptdevice=UUID=19fa8fab-c5fe-454a-9a17-b7185ce975ea:cryptroot:allow-discards root=/dev/mapper/cryptroot rootflags=subvol=root resume=/dev/mapper/cryptroot resume_offset=10530935 rw quiet splash vga=current idle=nomwait cpuidle.governor=teo
diff --git a/root/boot/loader/entries/arch-systemd.conf b/root/boot/loader/entries/arch.conf
similarity index 100%
rename from root/boot/loader/entries/arch-systemd.conf
rename to root/boot/loader/entries/arch.conf
diff --git a/root/boot/loader/loader.conf b/root/boot/loader/loader.conf
index 62bce553..49951610 100755
--- a/root/boot/loader/loader.conf
+++ b/root/boot/loader/loader.conf
@@ -1,3 +1,3 @@
-default arch-busybox
+default arch
 timeout 0
-editor 	0
+editor 	1
diff --git a/root/usr/lib/initcpio/hooks/encrypt b/root/usr/lib/initcpio/hooks/encrypt
deleted file mode 100644
index a25c1f60..00000000
--- a/root/usr/lib/initcpio/hooks/encrypt
+++ /dev/null
@@ -1,149 +0,0 @@
-#!/usr/bin/ash
-
-run_hook() {
-    modprobe -a -q dm-crypt >/dev/null 2>&1
-    [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
-
-    # Get keyfile if specified
-    ckeyfile="/crypto_keyfile.bin"
-    if [ -n "$cryptkey" ]; then
-        IFS=: read ckdev ckarg1 ckarg2 <<EOF
-$cryptkey
-EOF
-
-        if [ "$ckdev" = "rootfs" ]; then
-            ckeyfile=$ckarg1
-        elif resolved=$(resolve_device "${ckdev}" ${rootdelay}); then
-            case ${ckarg1} in
-                *[!0-9]*)
-                    # Use a file on the device
-                    # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
-                    mkdir /ckey
-                    mount -r -t "$ckarg1" "$resolved" /ckey
-                    dd if="/ckey/$ckarg2" of="$ckeyfile" >/dev/null 2>&1
-                    umount /ckey
-                    ;;
-                *)
-                    # Read raw data from the block device
-                    # ckarg1 is numeric: ckarg1=offset, ckarg2=length
-                    dd if="$resolved" of="$ckeyfile" bs=1 skip="$ckarg1" count="$ckarg2" >/dev/null 2>&1
-                    ;;
-            esac
-        fi
-        [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
-    fi
-
-    if [ -n "${cryptdevice}" ]; then
-        DEPRECATED_CRYPT=0
-        IFS=: read cryptdev cryptname cryptoptions <<EOF
-$cryptdevice
-EOF
-    else
-        DEPRECATED_CRYPT=1
-        cryptdev="${root}"
-        cryptname="root"
-    fi
-
-    # This may happen if third party hooks do the crypt setup
-    if [ -b "/dev/mapper/${cryptname}" ]; then
-        echo "Device ${cryptname} already exists, not doing any crypt setup."
-        return 0
-    fi
-
-    warn_deprecated() {
-        echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
-        echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
-    }
-
-    set -f
-    OLDIFS="$IFS"; IFS=,
-    for cryptopt in ${cryptoptions}; do
-        case ${cryptopt} in
-            allow-discards)
-                cryptargs="${cryptargs} --allow-discards"
-                ;;
-            *)
-                echo "Encryption option '${cryptopt}' not known, ignoring." >&2
-                ;;
-        esac
-    done
-    set +f
-    IFS="$OLDIFS"
-    unset OLDIFS
-
-    if resolved=$(resolve_device "${cryptdev}" ${rootdelay}); then
-        if cryptsetup isLuks ${resolved} >/dev/null 2>&1; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            dopassphrase=1
-            # If keyfile exists, try to use that
-            if [ -f ${ckeyfile} ]; then
-                if eval cryptsetup --key-file ${ckeyfile} open --type luks ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; then
-                    dopassphrase=0
-                else
-                    echo "Invalid keyfile. Reverting to passphrase."
-                fi
-            fi
-            # Ask for a passphrase
-            if [ ${dopassphrase} -gt 0 ]; then
-                echo ""
-                echo "Enter password to decrypt disk:"
-
-                #loop until we get a real password
-                while ! eval cryptsetup open --type luks ${resolved} ${cryptname} ${cryptargs} ${CSQUIET}; do
-                    sleep 2;
-                done
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                return 1
-            fi
-        elif [ -n "${crypto}" ]; then
-            [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
-            msg "Non-LUKS encrypted device found..."
-            if echo "$crypto" | awk -F: '{ exit(NF == 5) }'; then
-                err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
-                err "Non-LUKS decryption not attempted..."
-                return 1
-            fi
-            exe="cryptsetup open --type plain $resolved $cryptname $cryptargs"
-            IFS=: read c_hash c_cipher c_keysize c_offset c_skip <<EOF
-$crypto
-EOF
-            [ -n "$c_hash" ]    && exe="$exe --hash '$c_hash'"
-            [ -n "$c_cipher" ]  && exe="$exe --cipher '$c_cipher'"
-            [ -n "$c_keysize" ] && exe="$exe --key-size '$c_keysize'"
-            [ -n "$c_offset" ]  && exe="$exe --offset '$c_offset'"
-            [ -n "$c_skip" ]    && exe="$exe --skip '$c_skip'"
-            if [ -f "$ckeyfile" ]; then
-                exe="$exe --key-file $ckeyfile"
-            else
-                echo ""
-                echo "Enter password to decrypt disk:"
-            fi
-            eval "$exe $CSQUIET"
-
-            if [ $? -ne 0 ]; then
-                err "Non-LUKS device decryption failed. verify format: "
-                err "      crypto=hash:cipher:keysize:offset:skip"
-                return 1
-            fi
-            if [ -e "/dev/mapper/${cryptname}" ]; then
-                if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
-                    export root="/dev/mapper/root"
-                fi
-            else
-                err "Password succeeded, but ${cryptname} creation failed, aborting..."
-                return 1
-            fi
-        else
-            err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
-        fi
-    fi
-    rm -f ${ckeyfile}
-}
-
-# vim: set ft=sh ts=4 sw=4 et: