diff --git a/configuration.nix b/configuration.nix
deleted file mode 100644
index 2ae1c1a..0000000
--- a/configuration.nix
+++ /dev/null
@@ -1,134 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ config, pkgs, ... }:
-
-{
-  imports =
-    [ # Include the results of the hardware scan.
-      ./hardware-configuration.nix
-    ];
-
-  # Bootloader.
-  boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/sda";
-  boot.loader.grub.useOSProber = true;
-
-  networking.hostName = "nixos"; # Define your hostname.
-  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
-
-  # Configure network proxy if necessary
-  # networking.proxy.default = "http://user:password@proxy:port/";
-  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
-
-  # Enable networking
-  networking.networkmanager.enable = true;
-
-  # Set your time zone.
-  time.timeZone = "Europe/Oslo";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_US.UTF-8";
-
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-
-  # Enable the GNOME Desktop Environment.
-  services.xserver.displayManager.gdm.enable = true;
-  services.xserver.desktopManager.gnome.enable = true;
-
-  # Configure keymap in X11
-  services.xserver = {
-    layout = "no";
-    xkbVariant = "";
-  };
-
-  # Configure console keymap
-  console.keyMap = "no";
-
-  # Enable CUPS to print documents.
-  services.printing.enable = true;
-
-  # Enable sound with pipewire.
-  sound.enable = true;
-  hardware.pulseaudio.enable = false;
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-    # If you want to use JACK applications, uncomment this
-    #jack.enable = true;
-
-    # use the example session manager (no others are packaged yet so this is enabled by default,
-    # no need to redefine it in your config for now)
-    #media-session.enable = true;
-  };
-
-  # Enable touchpad support (enabled default in most desktopManager).
-  # services.xserver.libinput.enable = true;
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.pvv = {
-    isNormalUser = true;
-    description = "pvv";
-    extraGroups = [ "networkmanager" "wheel" ];
-    packages = with pkgs; [
-      firefox
-    #  thunderbird
-    ];
-  };
-
-  # Enable automatic login for the user.
-  services.xserver.displayManager.autoLogin.enable = true;
-  services.xserver.displayManager.autoLogin.user = "pvv";
-
-  # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
-  systemd.services."getty@tty1".enable = false;
-  systemd.services."autovt@tty1".enable = false;
-
-  # Allow unfree packages
-  nixpkgs.config.allowUnfree = true;
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment.systemPackages = with pkgs; [
-  	micro
-  	vim
-  	git
-  	dnsutils
-  	wget
-  #  vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
-  #  wget
-  ];
-
-  # Some programs need SUID wrappers, can be configured further or are
-  # started in user sessions.
-  # programs.mtr.enable = true;
-  # programs.gnupg.agent = {
-  #   enable = true;
-  #   enableSSHSupport = true;
-  # };
-
-  # List services that you want to enable:
-
-  # Enable the OpenSSH daemon.
-  # services.openssh.enable = true;
-
-  # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
-  # networking.firewall.allowedUDPPorts = [ ... ];
-  # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.05"; # Did you read the comment?
-
-}
diff --git a/flake.nix b/flake.nix
new file mode 100644
index 0000000..ce5f72c
--- /dev/null
+++ b/flake.nix
@@ -0,0 +1,94 @@
+{
+  description = "bokhylle";
+
+  inputs.nixpkgs.url                             = "github:nixos/nixpkgs/nixos-unstable";
+  inputs.grzegorz.url                            = "github:Programvareverkstedet/grzegorz";
+  inputs.grzegorz.inputs.nixpkgs.follows         = "nixpkgs";
+  inputs.grzegorz-clients.url                    = "github:Programvareverkstedet/grzegorz-clients";
+  inputs.grzegorz-clients.inputs.nixpkgs.follows = "nixpkgs";
+
+  outputs = {
+    self,
+    nixpkgs,
+    grzegorz,
+    grzegorz-clients,
+    ...
+    }@inputs:
+  {
+    inherit inputs;
+
+    nixosConfigurations.brzeczyszczykiewicz = nixpkgs.lib.nixosSystem {
+      system = "x86_64-linux";
+      modules = [
+        grzegorz.nixosModules.grzegorz-kiosk
+        grzegorz-clients.nixosModules.grzegorz-webui
+        ./hardware-configuration.nix
+        ({ config, ... }: {
+          system.stateVersion = "23.05";
+
+          boot.loader.grub.enable = true;
+          boot.loader.grub.device = "/dev/sda";
+          boot.loader.grub.useOSProber = true;
+
+          networking.hostName = "brzeczyszczykiewicz";
+          networking.domain   = "pvv.ntnu.no";
+          networking.search = [ "pvv.ntnu.no" ];
+
+          services.openssh.enable = true;
+          services.openssh.settings.PermitRootLogin = "yes";
+
+          services.xserver.layout = "no";
+          services.xserver.xkbVariant = "";
+          console.keyMap = "no";
+
+          services.pipewire.enable = true;
+          services.pipewire.alsa.enable = true;
+          services.pipewire.alsa.support32Bit = true;
+          services.pipewire.pulse.enable = true;
+
+          users.users.pvv = {
+            isNormalUser = true;
+            description = "pvv";
+            extraGroups = [ "networkmanager" "wheel" ];
+            #packages = [ ];
+          };
+
+          services.grzegorz.enable     = true;
+          services.grzegorz.listenAddr = "::1";
+          services.grzegorz.listenPort = 31337;
+
+          services.grzegorz-webui.enable     = true;
+          services.grzegorz-webui.listenAddr = "::1";
+          services.grzegorz-webui.apiBase    = "http://[::1]:${builtins.toString config.services.grzegorz-webui.listenPort}";
+          #services.grzegorz-webui.apiBase    = "https://brzeczyszczykiewicz.pvv.ntnu.no/api";
+
+          security.acme.acceptTerms    = true;
+          security.acme.defaults.email = "pederbs@pvv.ntnu.no";
+
+          services.nginx.enable = true;
+          networking.firewall.allowedTCPPorts = [ 80 443 ];
+
+          services.nginx.virtualHosts."brzeczyszczykiewicz.pvv.ntnu.no" = {
+            forceSSL = false;
+            enableACME = false;
+            serverAliases = [
+              "brzeczyszczykiewicz.pvv.org"
+              "bokhylle.pvv.ntnu.no"
+              "bokhylle.pvv.org"
+            ];
+            extraConfig = ''
+              allow 129.241.210.128/25;
+              allow 2001:700:300:1900::/64;
+              deny all;
+            '';
+            locations."/" = {
+              proxyPass = "http://localhost:${builtins.toString config.services.grzegorz-webui.listenPort}";
+              proxyWebsockets = true;
+            };
+          };
+
+        })
+      ];
+    };
+  };
+}