diff --git a/TODO.md b/TODO.md
new file mode 100644
index 0000000..9ad587d
--- /dev/null
+++ b/TODO.md
@@ -0,0 +1,14 @@
+# What needs to be done
+- [x] Install proxmox
+- [ ] Choose and buy a domain
+- [ ] Buy a temporary VPS on hukot (1m, lowest config)
+- [ ] Create Wireguard tunnel to my network
+- [ ] Create nix config for my k8s nodes
+- [ ] Deploy k8s
+- [ ] Deploy ArgoCD
+- [ ] Migrate all aplications to helm/kustomize
+- [ ] Test out functionality
+- [ ] Backups!!!!!!
+- [ ] Move everything off current Hukot VPS
+- [ ] Reinstall current Hukot VPS with prepared nixos config with working tunnel
+- [ ] Profit!?
diff --git a/infra.d2 b/infra.d2
index fe31285..65acd81 100644
--- a/infra.d2
+++ b/infra.d2
@@ -6,27 +6,34 @@ Hukot: {
     mail-server
   }
 }
+Physical {
 
-Home-Server: {
-  entry-server: {
-    wireguard-client
+  Home-Server: {
+    entry-server: {
+      wireguard-client
+    }
+
+    tob-backup
+
+    k8s-cluster: {
+      MetalLB
+
+      Control plane
+      Worker node 1
+      Worker node 2
+      Worker node 3
+
+      MetalLB -> Worker node 1
+      MetalLB -> Worker node 2
+      MetalLB -> Worker node 3
+    }
+    entry-server -> k8s-cluster.MetalLB
+    }
+
+  RPI {
+    tailscale-proxy
+    WoL
   }
-
-  tob-backup
-
-  k8s-cluster: {
-    MetalLB
-
-    Control plane
-    Worker node 1
-    Worker node 2
-    Worker node 3
-
-    MetalLB -> Worker node 1
-    MetalLB -> Worker node 2
-    MetalLB -> Worker node 3
-  }
-  entry-server -> k8s-cluster.MetalLB
+  _.Hukot.vps.wireguard-server <-> Home-Server.entry-server.wireguard-client: Wireguard tunnel
 }
 
-Hukot.vps.wireguard-server <-> Home-Server.entry-server.wireguard-client: Wireguard tunnel