diff --git a/hosts/common.nix b/hosts/common.nix
index 89fb0a0..c116f7f 100644
--- a/hosts/common.nix
+++ b/hosts/common.nix
@@ -10,7 +10,7 @@ in {
   };
 
   nix = {
-    package = unstable-pkgs.nixFlakes;
+    package = unstable-pkgs.nixVersions.stable;
     distributedBuilds = config.networking.hostName != "Tsuki";
     binaryCaches = [
       "https://cache.nixos.org/"
@@ -19,23 +19,40 @@ in {
     extraOptions = ''
       experimental-features = nix-command flakes
       builders-use-substitutes = true
+      allowed-uris = http:// https://
     '';
 
-    trustedUsers = [ "h7x4" ];
+    trustedUsers = [ "h7x4" "nix-builder" ];
 
     buildMachines = [
       {
-        hostName = "Tsuki";
+        # Login details configured in ssh module in nix-secrets
+        hostName = "nix-builder-tsukir";
         system = "x86_64-linux";
-        maxJobs = 1;
-        speedFactor = 3;
+        speedFactor = 5;
+        maxJobs = 8;
         supportedFeatures = [
           "nixos-test"
           "benchmark"
           "big-paralell"
-          "kvm"
         ];
         mandatoryFeatures = [];
+        sshUser = "nix-builder";
+        sshKey = secrets.keys.ssh.nixBuilders.tsuki.private;
+      }
+      {
+        # Login details configured in ssh module in nix-secrets
+        hostName = "nix-builder-isvegg";
+        system = "x86_64-linux";
+        speedFactor = 7;
+        maxJobs = 16;
+        supportedFeatures = [
+          "benchmark"
+          "big-paralell"
+        ];
+        mandatoryFeatures = [];
+        sshUser = secrets.ssh.users.pvv.normalUser;
+        sshKey = secrets.keys.ssh.nixBuilders.isvegg.private;
       }
     ];
     # registry = {
@@ -43,6 +60,23 @@ in {
     # };
   };
 
+  programs.ssh = {
+    extraConfig = ''
+      Host nix-builder-isvegg
+        HostName isvegg.pvv.ntnu.no
+
+      Host nix-builder-tsukir
+        HostName nani.wtf
+        Port ${toString secrets.ports.ssh.home-in}
+    '';
+    knownHosts = {
+      tsukir = {
+        hostNames = [ "nani.wtf" "gingakei.loginto.me" ];
+        publicKeyFile = secrets.keys.ssh.nixBuilders.tsuki.public;
+      };
+    };
+  };
+
   time.timeZone = "Europe/Oslo";
 
   console = {
diff --git a/hosts/tsuki/configuration.nix b/hosts/tsuki/configuration.nix
index 0c6589d..b6debcd 100644
--- a/hosts/tsuki/configuration.nix
+++ b/hosts/tsuki/configuration.nix
@@ -1,3 +1,4 @@
+{ secrets, ... }:
 {
   imports = [
     ./hardware-configuration.nix
@@ -8,11 +9,11 @@
     # ./services/gitlab
     ./services/grafana.nix
     ./services/hydra.nix
-    ./services/jitsi.nix
+    # ./services/jitsi.nix
     # ./services/keycloak.nix
     # ./services/libvirt.nix
     ./services/matrix
-    ./services/nginx.nix
+    ./services/nginx
     # ./services/openldap.nix
     # ./services/openvpn.nix
     ./services/plex.nix
@@ -81,10 +82,22 @@
   };
 
   users = {
-    groups.media = {};
-    users.media = {
-      isSystemUser = true;
-      group = "media";
+    users = {
+      media = {
+        description = "User responsible for owning all sorts of server media files";
+        isSystemUser = true;
+        group = "media";
+      };
+      nix-builder = {
+        description = "User for executing distributed builds via SSH";
+        isSystemUser = true;
+        group = "nix-builder";
+        openssh.authorizedKeys.keyFiles = [ secrets.keys.ssh.nixBuilders.tsuki.public ];
+      };
+    };
+    groups = {
+      media = {};
+      nix-builder = {};
     };
   };