diff --git a/.github/workflows/tailscale.yml b/.github/workflows/tailscale.yml
index 139ea70..d58f11b 100644
--- a/.github/workflows/tailscale.yml
+++ b/.github/workflows/tailscale.yml
@@ -3,21 +3,20 @@ name: Sync Tailscale ACLs
 on:
   push:
     branches: [ "master" ]
-    paths: [ "tailscale.policy.hujson" ]
+    paths:
+      - "tailscale.policy.hujson"
+      - ".github/workflows/tailscale.yml"
+  pull_request:
+    branches: [ "master" ]
+    paths:
+      - "tailscale.policy.hujson"
+      - ".github/workflows/tailscale.yml"
 
 jobs:
   acls:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - name: Test ACL
-        if: github.event_name == 'pull_request'
-        id: test-acl
-        uses: tailscale/gitops-acl-action@v1
-        with:
-          api-key: ${{ secrets.TS_API_KEY }}
-          tailnet: ${{ secrets.TS_TAILNET }}
-          action: test
       - name: Deploy ACL
         if: github.event_name == 'push'
         id: deploy-acl
@@ -26,3 +25,11 @@ jobs:
           api-key: ${{ secrets.TS_API_KEY }}
           tailnet: ${{ secrets.TS_TAILNET }}
           action: apply
+      - name: Test ACL
+        if: github.event_name == 'pull_request'
+        id: test-acl
+        uses: tailscale/gitops-acl-action@v1
+        with:
+          api-key: ${{ secrets.TS_API_KEY }}
+          tailnet: ${{ secrets.TS_TAILNET }}
+          action: test
diff --git a/README.md b/README.md
index 480d4d0..eb06555 100644
--- a/README.md
+++ b/README.md
@@ -3,7 +3,7 @@
 _README is WIP._
 
 This repository contains my system configs. I use [Nix](https://nixos.org/) to
-manage my systems: NixOS whenever possible, and Nix+Home Manager otherwise.
+manage my systems, with NixOS whenever possible, and Home Manager otherwise.
 
 I use [Nix Flakes](https://nixos.wiki/wiki/Flakes). All NixOS and Home Manager
 configurations are specified as outputs in the `flake.nix` file.
@@ -15,22 +15,12 @@ $ home-manager switch --flake /etc/nixos/#host        # To activate Home Manager
 $ sudo nixos-rebuild switch --flake /etc/nixos/#host  # To activate NixOS.
 ```
 
-There are currently four hosts, all on NixOS:
+I currently have four hosts, all on NixOS:
 
-- `splendor`: My [custom built desktop](https://pcpartpicker.com/user/meowihaveagrape/saved/wKxRK8).
-- `haiqin`: My primary laptop, a Thinkpad X1 Carbon 9th Gen.
-- `neptune`: My secondary laptop, a Thinkpad X1 Carbon 5th Gen.
-- `zen`: An OVH server.
-
-I also write software for myself when I find the preexisting solutions to not
-meet my needs. The pieces of software that are useful primarily to only myself
-are kept in this repository, and they are:
-
-- [Backup Scripts](./pkgs/backup-scripts): Manage my local and remote backups.
-- [File Uploader](./pkgs/file-uploader): Upload files to various image and file
-  hosting services.
-- [EXIF & Last Modified Syncer](./pkgs/exif-mtime-sync/): Sync an image's EXIF
-  Created Date and filesystem Last Modified time.
+- `splendor`: (NixOS) My [custom built desktop](https://pcpartpicker.com/user/meowihaveagrape/saved/wKxRK8).
+- `haiqin`: (NixOS) My primary laptop, a Thinkpad X1 Carbon 9th Gen.
+- `neptune`: (NixOS) My secondary laptop, a Thinkpad X1 Carbon 5th Gen.
+- `zen`: (NixOS) An OVH server.
 
 # Directory Structure
 
@@ -45,9 +35,40 @@ This repository is organized into the following directories:
 - `services` contains some of general Nomad & Consul specs that are not tied to
   another project of mine.
 
-`flake.nix` is the entrypoint for `home`, `os`, and `pkgs`.
+`flake.nix` is the entrypoint for the Nix code in `home`, `os`, and `pkgs`; it
+exports the Home Manager and NixOS configurations.
+
+# Screenshots
+
+# Philosophy
+
+# Personal Tools
+
+I like to write software for myself. Some more reusable software is spun out
+into separate repositories, but other software remains in this repository
+within the `pkgs` directory. The more interesting tools and scripts are:
+
+- [Backup Scripts](./pkgs/backup-scripts): Manage my local and remote backups.
+- [File Uploader](./pkgs/file-uploader): Upload files to various image and file
+  hosting services.
+- [EXIF & Last Modified Syncer](./pkgs/exif-mtime-sync/): Sync an image's EXIF
+  Created Date and filesystem Last Modified time.
 
 # Networking
 
-All hosts are connected to each other via Tailscale VPN. The Tailscale ACL can
-be found [here](./tailscale.policy.hujson).
+All hosts are connected to each other via Tailscale VPN. There is an ACL,
+defined [here](./tailscale.policy.hujson).
+
+The ACL is applied via GitOps; see the [GitHub Action](./.github/workflows/tailscale.yml) for the instructions.
+
+# File Synchronization
+
+# Media Management
+
+music books manga images movies tv
+
+# File Navigation
+
+# Backgrounds
+
+# Fonts