diff --git a/nixos/modules/services/audio/roon-server.nix b/nixos/modules/services/audio/roon-server.nix
index d3b3752dd728..58763f5ceeeb 100644
--- a/nixos/modules/services/audio/roon-server.nix
+++ b/nixos/modules/services/audio/roon-server.nix
@@ -1,31 +1,28 @@
 { config, lib, pkgs, ... }:
-
-with lib;
-
 let
   name = "roon-server";
   cfg = config.services.roon-server;
 in {
   options = {
     services.roon-server = {
-      enable = mkEnableOption "Roon Server";
+      enable = lib.mkEnableOption "Roon Server";
       package = lib.mkPackageOption pkgs "roon-server" { };
-      openFirewall = mkOption {
-        type = types.bool;
+      openFirewall = lib.mkOption {
+        type = lib.types.bool;
         default = false;
         description = ''
           Open ports in the firewall for the server.
         '';
       };
-      user = mkOption {
-        type = types.str;
+      user = lib.mkOption {
+        type = lib.types.str;
         default = "roon-server";
         description = ''
           User to run the Roon Server as.
         '';
       };
-      group = mkOption {
-        type = types.str;
+      group = lib.mkOption {
+        type = lib.types.str;
         default = "roon-server";
         description = ''
           Group to run the Roon Server as.
@@ -34,7 +31,7 @@ in {
     };
   };
 
-  config = mkIf cfg.enable {
+  config = lib.mkIf cfg.enable {
     systemd.services.roon-server = {
       after = [ "network.target" ];
       description = "Roon Server";
@@ -52,14 +49,14 @@ in {
       };
     };
 
-    networking.firewall = mkIf cfg.openFirewall {
+    networking.firewall = lib.mkIf cfg.openFirewall {
       allowedTCPPortRanges = [
         { from = 9100; to = 9200; }
         { from = 9330; to = 9339; }
         { from = 30000; to = 30010; }
       ];
       allowedUDPPorts = [ 9003 ];
-      extraCommands = optionalString (!config.networking.nftables.enable) ''
+      extraCommands = lib.optionalString (!config.networking.nftables.enable) ''
         ## IGMP / Broadcast ##
         iptables -A INPUT -s 224.0.0.0/4 -j ACCEPT
         iptables -A INPUT -d 224.0.0.0/4 -j ACCEPT
@@ -67,7 +64,7 @@ in {
         iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
         iptables -A INPUT -m pkttype --pkt-type broadcast -j ACCEPT
       '';
-      extraInputRules = optionalString config.networking.nftables.enable ''
+      extraInputRules = lib.optionalString config.networking.nftables.enable ''
         ip saddr { 224.0.0.0/4, 240.0.0.0/5 } accept
         ip daddr 224.0.0.0/4 accept
         pkttype { multicast, broadcast } accept
@@ -77,7 +74,7 @@ in {
 
     users.groups.${cfg.group} = {};
     users.users.${cfg.user} =
-      optionalAttrs (cfg.user == "roon-server") {
+      lib.optionalAttrs (cfg.user == "roon-server") {
         isSystemUser = true;
         description = "Roon Server user";
         group = cfg.group;