diff --git a/flake.nix b/flake.nix
index c6e0123..e048442 100644
--- a/flake.nix
+++ b/flake.nix
@@ -23,17 +23,16 @@
     inputs@{ self, nixpkgs, ... }:
     let
       kclib = import ./lib.nix {
-        nixpkgs = inputs.nixpkgs;
         inputs = inputs;
       };
     in
     {
       nixosConfigurations = {
-        tailscale-proxy = kclib.mkHost {
-          name = "tailscale-proxy";
+        bootstrap = kclib.mkHost {
+          name = "bootstrap";
         };
-        entrypoint = kclib.mkHost {
-          name = "entrypoint";
+        etcd0 = kclib.mkHost {
+          name = "etcd0";
         };
         hydra = kclib.mkHost {
           name = "hydra";
diff --git a/hosts/base/hardware-config.nix b/hosts/base/hardware-config.nix
index 781026e..8c4d9f2 100644
--- a/hosts/base/hardware-config.nix
+++ b/hosts/base/hardware-config.nix
@@ -1,7 +1,5 @@
 {
-  config,
   lib,
-  pkgs,
   modulesPath,
   ...
 }:
diff --git a/hosts/bootstrap/default.nix b/hosts/bootstrap/default.nix
new file mode 100644
index 0000000..c36a525
--- /dev/null
+++ b/hosts/bootstrap/default.nix
@@ -0,0 +1,7 @@
+{ ... }:
+{
+  kropcloud = {
+    networking.enable = false;
+    admin.password = "changeme";
+  };
+}
diff --git a/hosts/etcd0/default.nix b/hosts/etcd0/default.nix
new file mode 100644
index 0000000..5ef2949
--- /dev/null
+++ b/hosts/etcd0/default.nix
@@ -0,0 +1,18 @@
+{ ... }:
+{
+  kropcloud =
+    let
+      serverIp = "192.168.1.161";
+    in
+    {
+      services = {
+      };
+      networking = {
+        ipv4 = {
+          address = serverIp;
+          prefixLength = 24;
+          defaultGateway = "192.168.1.1";
+        };
+      };
+    };
+}
diff --git a/lib.nix b/lib.nix
index 95c26d5..8c55d24 100644
--- a/lib.nix
+++ b/lib.nix
@@ -1,5 +1,4 @@
 {
-  nixpkgs,
   inputs,
 }:
 {
@@ -8,7 +7,7 @@
       name,
       arch ? "x86_64-linux",
     }:
-    nixpkgs.lib.nixosSystem {
+    inputs.nixpkgs.lib.nixosSystem {
       system = arch;
       modules = [
         ./hosts/base
diff --git a/nixosModules/users/default.nix b/nixosModules/users/default.nix
index 9add441..d19618e 100644
--- a/nixosModules/users/default.nix
+++ b/nixosModules/users/default.nix
@@ -14,6 +14,11 @@ in
       default = [ ];
       description = "List of SSH public keys to authorize for the admin user.";
     };
+    password = lib.mkOption {
+      type = lib.types.nullOr lib.types.str;
+      default = null;
+      description = "Password for the admin user. Should be used only for initial setup.";
+    };
   };
 
   config = {
@@ -21,11 +26,15 @@ in
     age.secrets.mypassword.file = ../../secrets/mypassword.age;
 
     # Define the admin user
-    users.users.${cfg.user} = {
-      passwordFile = config.age.secrets.mypassword.path;
-      isNormalUser = true;
-      extraGroups = [ "wheel" ];
-      openssh.authorizedKeys.keys = cfg.sshKeys;
+    users = {
+      mutableUsers = false;
+      users.${cfg.user} = {
+        password = if cfg.password != null then cfg.password else null;
+        hashedPasswordFile = if cfg.password != null then null else config.age.secrets.mypassword.path;
+        isNormalUser = true;
+        extraGroups = [ "wheel" ];
+        openssh.authorizedKeys.keys = cfg.sshKeys;
+      };
     };
   };
 }
diff --git a/scripts/bootstrap.sh b/scripts/bootstrap.sh
new file mode 100755
index 0000000..07707bc
--- /dev/null
+++ b/scripts/bootstrap.sh
@@ -0,0 +1,23 @@
+#!/usr/bin/env bash
+
+# Parameters
+ip=$1
+if [ -z "$ip" ]; then
+    echo "Usage: $0 <ip>"
+    exit 1
+fi
+
+# This script is used to bootstrap nixos machine so I can get their ssh keys
+
+nix run \
+    github:nix-community/nixos-anywhere \
+    -- \
+    --flake '.#bootstrap' \
+    --target-host root@$ip \
+    --build-on-remote
+
+ret=$?
+if [ $ret -ne 0 ]; then
+    echo "Failed to bootstrap $ip"
+    exit $ret
+fi
\ No newline at end of file
diff --git a/scripts/install.sh b/scripts/install.sh
new file mode 100755
index 0000000..9c5ad04
--- /dev/null
+++ b/scripts/install.sh
@@ -0,0 +1,34 @@
+#!/usr/bin/env bash
+
+# Parameters
+ip=$1
+host=$2
+if [ -z "$ip" ] || [ -z "$host" ]; then
+    echo "Usage: $0 <ip> <host>"
+    exit 1
+fi
+
+# This script is used to bootstrap nixos machine so I can get their ssh keys
+
+nixos-rebuild boot \
+    --flake ".#$host" \
+    --fast \
+    --target-host krop@$ip \
+    --build-host krop@$ip \
+    --use-remote-sudo
+
+ret=$?
+if [ $ret -ne 0 ]; then
+    echo "Failed to install $host"
+    exit $ret
+fi
+
+echo "Successfully installed $host, rebooting"
+
+ssh -t krop@$ip "sudo reboot now"
+
+ret=$?
+if [ $ret -ne 0 ]; then
+    echo "Failed to reboot $host"
+    exit $ret
+fi
\ No newline at end of file
diff --git a/scripts/update.sh b/scripts/update.sh
new file mode 100755
index 0000000..c12b64b
--- /dev/null
+++ b/scripts/update.sh
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+# Parameters
+ip=$1
+if [ -z "$ip" ]; then
+    echo "Usage: $0 <ip>"
+    exit 1
+fi
+
+# This script is used to bootstrap nixos machine so I can get their ssh keys
+
+nixos-rebuild switch \
+    --flake ".#$host" \
+    --fast \
+    --target-host krop@$ip \
+    --build-host krop@$ip \
+    --use-remote-sudo
+
+ret=$?
+if [ $ret -ne 0 ]; then
+    echo "Failed to update $ip"
+    exit $ret
+fi
+
+echo "Successfully updated $ip, rebooting"
\ No newline at end of file
diff --git a/secrets/mypassword.age b/secrets/mypassword.age
index 6c6df84..2752c16 100644
Binary files a/secrets/mypassword.age and b/secrets/mypassword.age differ