diff --git a/pkgs/tools/networking/connman/connman.nix b/pkgs/tools/networking/connman/connman.nix
new file mode 100644
index 00000000000..f79b9875b9b
--- /dev/null
+++ b/pkgs/tools/networking/connman/connman.nix
@@ -0,0 +1,177 @@
+{ stdenv
+, fetchurl
+, pkgconfig
+, file
+, glib
+# always required runtime dependencies
+, dbus
+, libmnl
+, gnutls
+, readline
+# configureable options
+, firewallType ? "iptables" # or "nftables"
+, iptables ? null
+, libnftnl ? null # for nftables
+, dnsType ? "internal" # or "systemd-resolved"
+# optional features which are turned *on* by default
+, enableOpenconnect ? true
+, openconnect ? null
+, enableOpenvpn ? true
+, openvpn ? null
+, enableVpnc ? true
+, vpnc ? true
+, enablePolkit ? true
+, polkit ? null
+, enablePptp ? true
+, pptp ? null
+, ppp ? null
+, enableLoopback ? true
+, enableEthernet ? true
+, enableWireguard ? true
+, enableGadget ? true
+, enableWifi ? true
+, enableBluetooth ? true
+, enableOfono ? true
+, enableDundee ? true
+, enablePacrunner ? true
+, enableNeard ? true
+, enableWispr ? true
+, enableTools ? true
+, enableStats ? true
+, enableClient ? true
+, enableDatafiles ? true
+# optional features which are turned *off* by default
+, enableNetworkManager ? false
+, networkmanager ? null
+, enableHh2serialGps ? false
+, enableL2tp ? false
+, enableIospm ? false
+, enableTist ? false
+}:
+
+assert stdenv.lib.asserts.assertOneOf "firewallType" firewallType [ "iptables" "nftables" ];
+assert stdenv.lib.asserts.assertOneOf "dnsType" dnsType [ "internal" "systemd-resolved" ];
+
+let inherit (stdenv.lib) optionals; in
+
+stdenv.mkDerivation rec {
+  pname = "connman";
+  version = "1.38";
+  src = fetchurl {
+    url = "mirror://kernel/linux/network/connman/${pname}-${version}.tar.xz";
+    sha256 = "0awkqigvhwwxiapw0x6yd4whl465ka8a4al0v2pcqy9ggjlsqc6b";
+  };
+
+  buildInputs = [
+    glib
+    dbus
+    libmnl
+    gnutls
+    readline
+  ];
+
+  nativeBuildInputs = [
+    pkgconfig
+    file
+  ]
+    ++ optionals (enableOpenvpn) [ openvpn ]
+    ++ optionals (enableOpenconnect) [ openconnect ]
+    ++ optionals (enableVpnc) [ vpnc ]
+    ++ optionals (enablePolkit) [ polkit ]
+    ++ optionals (enablePptp) [ pptp ppp ]
+    ++ optionals (firewallType == "iptables") [ iptables ]
+    ++ optionals (firewallType == "nftables") [ libnftnl ]
+  ;
+
+  # fix invalid path to 'file'
+  patchPhase = ''
+    runHook prePatch
+    sed -i "s/\/usr\/bin\/file/file/g" ./configure
+    runHook postPatch
+  '';
+
+  configureFlags = [
+    # directories flags
+    "--sysconfdir=${placeholder "out"}/etc"
+    "--localstatedir=/var"
+    "--with-dbusconfdir=${placeholder "out"}/share"
+    "--with-dbusdatadir=${placeholder "out"}/share"
+    "--with-tmpfilesdir=${placeholder "out"}/lib/tmpfiles.d"
+    "--with-systemdunitdir=${placeholder "out"}/lib/systemd/system"
+    "--with-dns-backend=${dnsType}"
+    "--with-firewall=${firewallType}"
+    # production build flags
+    "--disable-maintainer-mode"
+    "--enable-session-policy-local=builtin"
+    # for building and running tests
+    # "--enable-tests" # installs the tests, we don't want that
+    "--enable-tools"
+  ]
+    ++ optionals (!enableLoopback) [ "--disable-loopback" ]
+    ++ optionals (!enableEthernet) [ "--disable-ethernet" ]
+    ++ optionals (!enableWireguard) [ "--disable-wireguard" ]
+    ++ optionals (!enableGadget) [ "--disable-gadget" ]
+    ++ optionals (!enableWifi) [ "--disable-wifi" ]
+    # enable IWD support for wifi as it doesn't require any new dependencies
+    # and it's easier for the NixOS module to use only one connman package when
+    # IWD is requested
+    ++ optionals (enableWifi) [ "--enable-iwd" ]
+    ++ optionals (!enableBluetooth) [ "--disable-bluetooth" ]
+    ++ optionals (!enableOfono) [ "--disable-ofono" ]
+    ++ optionals (!enableDundee) [ "--disable-dundee" ]
+    ++ optionals (!enablePacrunner) [ "--disable-pacrunner" ]
+    ++ optionals (!enableNeard) [ "--disable-neard" ]
+    ++ optionals (!enableWispr) [ "--disable-wispr" ]
+    ++ optionals (!enableTools) [ "--disable-tools" ]
+    ++ optionals (!enableStats) [ "--disable-stats" ]
+    ++ optionals (!enableClient) [ "--disable-client" ]
+    ++ optionals (!enableDatafiles) [ "--disable-datafiles" ]
+    ++ optionals (enableOpenconnect) [
+      "--enable-openconnect=builtin"
+      "--with-openconnect=${openconnect}/sbin/openconnect"
+    ]
+    ++ optionals (enableOpenvpn) [
+      "--enable-openvpn=builtin"
+      "--with-openvpn=${openvpn}/sbin/openvpn"
+    ]
+    ++ optionals (enableVpnc) [
+      "--enable-vpnc=builtin"
+      "--with-vpnc=${vpnc}/sbin/vpnc"
+    ]
+    ++ optionals (enablePolkit) [
+      "--enable-polkit"
+    ]
+    ++ optionals (enablePptp) [
+      "--enable-pptp"
+      "--with-pptp=${pptp}/sbin/pptp"
+    ]
+    ++ optionals (!enableWireguard) [
+      "--disable-wireguard"
+    ]
+    ++ optionals (enableNetworkManager) [
+      "--enable-nmcompat"
+    ]
+    ++ optionals (enableHh2serialGps) [
+      "--enable-hh2serial-gps"
+    ]
+    ++ optionals (enableL2tp) [
+      "--enable-l2tp"
+    ]
+    ++ optionals (enableIospm) [
+      "--enable-iospm"
+    ]
+    ++ optionals (enableTist) [
+      "--enable-tist"
+    ]
+  ;
+
+  doCheck = true;
+
+  meta = with stdenv.lib; {
+    description = "A daemon for managing internet connections";
+    homepage = "https://01.org/connman";
+    maintainers = [ maintainers.matejc ];
+    platforms = platforms.linux;
+    license = licenses.gpl2;
+  };
+}
diff --git a/pkgs/tools/networking/connman/default.nix b/pkgs/tools/networking/connman/default.nix
index 9fcacd29ebe..34aee7f7879 100644
--- a/pkgs/tools/networking/connman/default.nix
+++ b/pkgs/tools/networking/connman/default.nix
@@ -1,177 +1,38 @@
-{ stdenv
-, fetchurl
-, pkgconfig
-, file
-, glib
-# always required runtime dependencies
-, dbus
-, libmnl
-, gnutls
-, readline
-# configureable options
-, firewallType ? "iptables" # or "nftables"
-, iptables ? null
-, libnftnl ? null # for nftables
-, dnsType ? "internal" # or "systemd-resolved"
-# optional features which are turned *on* by default
-, enableOpenconnect ? true
-, openconnect ? null
-, enableOpenvpn ? true
-, openvpn ? null
-, enableVpnc ? true
-, vpnc ? true
-, enablePolkit ? true
-, polkit ? null
-, enablePptp ? true
-, pptp ? null
-, ppp ? null
-, enableLoopback ? true
-, enableEthernet ? true
-, enableWireguard ? true
-, enableGadget ? true
-, enableWifi ? true
-, enableBluetooth ? true
-, enableOfono ? true
-, enableDundee ? true
-, enablePacrunner ? true
-, enableNeard ? true
-, enableWispr ? true
-, enableTools ? true
-, enableStats ? true
-, enableClient ? true
-, enableDatafiles ? true
-# optional features which are turned *off* by default
-, enableNetworkManager ? false
-, networkmanager ? null
-, enableHh2serialGps ? false
-, enableL2tp ? false
-, enableIospm ? false
-, enableTist ? false
-}:
+{ callPackage, lowPrio }:
 
-assert stdenv.lib.asserts.assertOneOf "firewallType" firewallType [ "iptables" "nftables" ];
-assert stdenv.lib.asserts.assertOneOf "dnsType" dnsType [ "internal" "systemd-resolved" ];
-
-let inherit (stdenv.lib) optionals; 
-
-stdenv.mkDerivation rec {
-  pname = "connman";
-  version = "1.38";
-  src = fetchurl {
-    url = "mirror://kernel/linux/network/connman/${pname}-${version}.tar.xz";
-    sha256 = "0awkqigvhwwxiapw0x6yd4whl465ka8a4al0v2pcqy9ggjlsqc6b";
+{
+  connmanFull = callPackage ./connman.nix {
+    enableNetworkManager = true;
+    enableHh2serialGps = true;
+    enableL2tp = true;
+    enableIospm = true;
+    enableTist = true;
   };
 
-  buildInputs = [
-    glib
-    dbus
-    libmnl
-    gnutls
-    readline
-  ];
+  connmanMinimal = lowPrio (callPackage ./connman.nix {
+    enableOpenconnect = false;
+    enableOpenvpn = false;
+    enableVpnc = false;
+    vpnc = false;
+    enablePolkit = false;
+    enablePptp = false;
+    enableLoopback = false;
+    # enableEthernet = false; # If disabled no ethernet connection can be performed
+    enableWireguard = false;
+    enableGadget = false;
+    # enableWifi = false; # If disabled no WiFi connection can be performed
+    enableBluetooth = false;
+    enableOfono = false;
+    enableDundee = false;
+    enablePacrunner = false;
+    enableNeard = false;
+    enableWispr = false;
+    enableTools = false;
+    enableStats = false;
+    enableClient = false;
+    # enableDatafiles = false; # If disabled, configuration and data files are not installed
+  });
 
-  nativeBuildInputs = [
-    pkgconfig
-    file
-  ]
-    ++ optionals (enableOpenvpn) [ openvpn ]
-    ++ optionals (enableOpenconnect) [ openconnect ]
-    ++ optionals (enableVpnc) [ vpnc ]
-    ++ optionals (enablePolkit) [ polkit ]
-    ++ optionals (enablePptp) [ pptp ppp ]
-    ++ optionals (firewallType == "iptables") [ iptables ]
-    ++ optionals (firewallType == "nftables") [ libnftnl ]
-  ;
-
-  # fix invalid path to 'file'
-  patchPhase = ''
-    runHook prePatch
-    sed -i "s/\/usr\/bin\/file/file/g" ./configure
-    runHook postPatch
-  '';
-
-  configureFlags = [
-    # directories flags
-    "--sysconfdir=${placeholder "out"}/etc"
-    "--localstatedir=/var"
-    "--with-dbusconfdir=${placeholder "out"}/share"
-    "--with-dbusdatadir=${placeholder "out"}/share"
-    "--with-tmpfilesdir=${placeholder "out"}/lib/tmpfiles.d"
-    "--with-systemdunitdir=${placeholder "out"}/lib/systemd/system"
-    "--with-dns-backend=${dnsType}"
-    "--with-firewall=${firewallType}"
-    # production build flags
-    "--disable-maintainer-mode"
-    "--enable-session-policy-local=builtin"
-    # for building and running tests
-    # --enable-tests # installs the tests, we don't want that
-    "--enable-tools"
-  ]
-    ++ optionals (!enableLoopback) [ "--disable-loopback" ]
-    ++ optionals (!enableEthernet) [ "--disable-ethernet" ]
-    ++ optionals (!enableWireguard) [ "--disable-wireguard" ]
-    ++ optionals (!enableGadget) [ "--disable-gadget" ]
-    ++ optionals (!enableWifi) [ "--disable-wifi" ]
-    # enable IWD support for wifi as it doesn't require any new dependencies
-    # and it's easier for the NixOS module to use only one connman package when
-    # IWD is requested
-    ++ optionals (enableWifi) [ "--enable-iwd" ]
-    ++ optionals (!enableBluetooth) [ "--disable-bluetooth" ]
-    ++ optionals (!enableOfono) [ "--disable-ofono" ]
-    ++ optionals (!enableDundee) [ "--disable-dundee" ]
-    ++ optionals (!enablePacrunner) [ "--disable-pacrunner" ]
-    ++ optionals (!enableNeard) [ "--disable-neard" ]
-    ++ optionals (!enableWispr) [ "--disable-wispr" ]
-    ++ optionals (!enableTools) [ "--disable-tools" ]
-    ++ optionals (!enableStats) [ "--disable-stats" ]
-    ++ optionals (!enableClient) [ "--disable-client" ]
-    ++ optionals (!enableDatafiles) [ "--disable-datafiles" ]
-    ++ optionals (enableOpenconnect) [
-      "--enable-openconnect=builtin"
-      "--with-openconnect=${openconnect}/sbin/openconnect"
-    ]
-    ++ optionals (enableOpenvpn) [
-      "--enable-openvpn=builtin"
-      "--with-openvpn=${openvpn}/sbin/openvpn"
-    ]
-    ++ optionals (enableVpnc) [
-      "--enable-vpnc=builtin"
-      "--with-vpnc=${vpnc}/sbin/vpnc"
-    ]
-    ++ optionals (enablePolkit) [
-      "--enable-polkit"
-    ]
-    ++ optionals (enablePptp) [
-      "--enable-pptp"
-      "--with-pptp=${pptp}/sbin/pptp"
-    ]
-    ++ optionals (!enableWireguard) [
-      "--disable-wireguard"
-    ]
-    ++ optionals (enableNetworkManager) [
-      "--enable-nmcompat"
-    ]
-    ++ optionals (enableHh2serialGps) [
-      "--enable-hh2serial-gps"
-    ]
-    ++ optionals (enableL2tp) [
-      "--enable-l2tp"
-    ]
-    ++ optionals (enableIospm) [
-      "--enable-iospm"
-    ]
-    ++ optionals (enableTist) [
-      "--enable-tist"
-    ]
-  ;
-
-  doCheck = true;
-
-  meta = with stdenv.lib; {
-    description = "A daemon for managing internet connections";
-    homepage = "https://01.org/connman";
-    maintainers = [ maintainers.matejc ];
-    platforms = platforms.linux;
-    license = licenses.gpl2;
-  };
+  # All the defaults
+  connman = callPackage ./connman.nix { };
 }
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 5ed0b8d55a8..2827e84b7a4 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -2550,37 +2550,11 @@ in
 
   conspy = callPackage ../os-specific/linux/conspy {};
 
-  connman = callPackage ../tools/networking/connman { };
-  connmanThin = callPackage ../tools/networking/connman {
-    enableOpenconnect = false;
-    enableOpenvpn = false;
-    enableVpnc = false;
-    vpnc = false;
-    enablePolkit = false;
-    enablePptp = false;
-    enableLoopback = false;
-    # enableEthernet = false; # If disabled no ethernet connection can be performed
-    enableWireguard = false;
-    enableGadget = false;
-    # enableWifi = false; # If disabled no WiFi connection can be performed
-    enableBluetooth = false;
-    enableOfono = false;
-    enableDundee = false;
-    enablePacrunner = false;
-    enableNeard = false;
-    enableWispr = false;
-    enableTools = false;
-    enableStats = false;
-    enableClient = false;
-    # enableDatafiles = false; # If disabled, configuration and data files are not installed
-  };
-  connmanFull = callPackage ../tools/networking/connman {
-    enableNetworkManager = true;
-    enableHh2serialGps = true;
-    enableL2tp = true;
-    enableIospm = true;
-    enableTist = true;
-  };
+  inherit (callPackage ../tools/networking/connman {})
+    connmanFull
+    connmanMinimal
+    connman
+  ;
 
   connman-gtk = callPackage ../tools/networking/connman/connman-gtk { };