diff --git a/hosts/hydra/configuration.nix b/hosts/hydra/configuration.nix
index 492f5150..0f46abc3 100644
--- a/hosts/hydra/configuration.nix
+++ b/hosts/hydra/configuration.nix
@@ -6,6 +6,7 @@
     ./adc.nix
     ./hydra.nix
     ./cache.nix
+    # ./flakebert.nix
     ./../../lib/hq.nix
     ./../../lib/yggdrasil.nix
     ./../../lib/tun.nix
diff --git a/hosts/hydra/flakebert.nix b/hosts/hydra/flakebert.nix
new file mode 100644
index 00000000..dbe2ef9b
--- /dev/null
+++ b/hosts/hydra/flakebert.nix
@@ -0,0 +1,205 @@
+let
+  hydraFlakes = pkgs:
+    with pkgs;
+    let
+      perlDeps = buildEnv {
+        name = "hydra-perl-deps";
+        paths = with perlPackages; [
+          ModulePluggable
+          CatalystActionREST
+          CatalystAuthenticationStoreDBIxClass
+          CatalystDevel
+          CatalystDispatchTypeRegex
+          CatalystPluginAccessLog
+          CatalystPluginAuthorizationRoles
+          CatalystPluginCaptcha
+          CatalystPluginSessionStateCookie
+          CatalystPluginSessionStoreFastMmap
+          CatalystPluginStackTrace
+          CatalystPluginUnicodeEncoding
+          CatalystTraitForRequestProxyBase
+          CatalystViewDownload
+          CatalystViewJSON
+          CatalystViewTT
+          CatalystXScriptServerStarman
+          CatalystXRoleApplicator
+          CryptRandPasswd
+          DBDPg
+          DBDSQLite
+          DataDump
+          DateTime
+          DigestSHA1
+          EmailMIME
+          EmailSender
+          FileSlurp
+          IOCompress
+          IPCRun
+          JSON
+          JSONAny
+          JSONXS
+          LWP
+          LWPProtocolHttps
+          NetAmazonS3
+          NetPrometheus
+          NetStatsd
+          PadWalker
+          Readonly
+          SQLSplitStatement
+          SetScalar
+          Starman
+          SysHostnameLong
+          TermSizeAny
+          TestMore
+          TextDiff
+          TextTable
+          XMLSimple
+          pkgs.nixFlakes
+          pkgs.nixFlakes.perl-bindings
+          git
+          boehmgc
+        ];
+      };
+
+    in stdenv.mkDerivation {
+
+      name = "hydra-flake";
+
+      src = pkgs.fetchFromGitHub {
+        owner = "NixOS";
+        repo = "hydra";
+        rev = "47797576838974c8209536b67bb45e953a50900f";
+        sha256 = "1vqib99d7wgnl3c6ccx0xx2q88qmdkpydkb6gd0pik9wg2nn3jng";
+      };
+
+      buildInputs = [
+        makeWrapper
+        autoconf
+        automake
+        libtool
+        unzip
+        nukeReferences
+        pkgconfig
+        sqlite
+        libpqxx
+        gitAndTools.topGit
+        mercurial
+        darcs
+        subversion
+        bazaar
+        openssl
+        bzip2
+        libxslt
+        guile # optional, for Guile + Guix support
+        perlDeps
+        perl
+        pkgs.nixFlakes
+        postgresql95 # for running the tests
+        boost
+        (nlohmann_json.override { multipleHeaders = true; })
+      ];
+
+      hydraPath = lib.makeBinPath ([
+        sqlite
+        subversion
+        openssh
+        pkgs.nixFlakes
+        coreutils
+        findutils
+        pixz
+        gzip
+        bzip2
+        lzma
+        gnutar
+        unzip
+        git
+        gitAndTools.topGit
+        mercurial
+        darcs
+        gnused
+        bazaar
+      ] ++ lib.optionals stdenv.isLinux [ rpm dpkg cdrkit ]);
+
+      configureFlags = [ "--with-docbook-xsl=${docbook_xsl}/xml/xsl/docbook" ];
+
+      shellHook = ''
+        PATH=$(pwd)/src/hydra-evaluator:$(pwd)/src/script:$(pwd)/src/hydra-eval-jobs:$(pwd)/src/hydra-queue-runner:$PATH
+        PERL5LIB=$(pwd)/src/lib:$PERL5LIB
+      '';
+
+      preConfigure = "autoreconf -vfi";
+
+      NIX_LDFLAGS = [ "-lpthread" ];
+
+      enableParallelBuilding = true;
+
+      preCheck = ''
+        patchShebangs .
+        export LOGNAME=''${LOGNAME:-foo}
+      '';
+
+      postInstall = ''
+        mkdir -p $out/nix-support
+
+        for i in $out/bin/*; do
+            read -n 4 chars < $i
+            if [[ $chars =~ ELF ]]; then continue; fi
+            wrapProgram $i \
+                --prefix PERL5LIB ':' $out/libexec/hydra/lib:$PERL5LIB \
+                --prefix PATH ':' $out/bin:$hydraPath \
+                --set HYDRA_RELEASE 0.1 \
+                --set HYDRA_HOME $out/libexec/hydra \
+                --set NIX_RELEASE ${pkgs.nixFlakes.name or "unknown"}
+        done
+      '';
+
+      dontStrip = true;
+
+      meta.description = "Build of Hydra on ${system}";
+      passthru.perlDeps = perlDeps;
+    };
+in { ... }:
+
+{
+  boot.enableContainers = true;
+
+  networking.nat.enable = true;
+  networking.nat.internalInterfaces = [ "ve-+" ];
+  networking.nat.externalInterface = "eth0";
+
+  containers.flakebert = {
+    autoStart = false;
+    privateNetwork = true;
+    enableTun = true;
+
+    config = { config, pkgs, ... }: {
+
+      imports = [ ../../lib/yggdrasil.nix ];
+
+      users.users.root.password = "k-ot";
+      services.hydra = {
+        enable = true;
+        hydraURL = "https://hydra.hq.c3d2.de";
+        logo = ./c3d2.svg;
+        notificationSender = "hydra@spam.works";
+        useSubstitutes = false;
+        package = hydraFlakes pkgs;
+      };
+
+      services.nginx = {
+        enable = true;
+        recommendedProxySettings = true;
+        recommendedGzipSettings = true;
+        virtualHosts = {
+          "flakes.hq.c3d2.de" = {
+            forceSSL = true;
+            enableACME = true;
+            locations."/".proxyPass =
+              "http://localhost:${toString config.services.hydra.port}";
+          };
+        };
+      };
+
+      networking.firewall.allowedTCPPorts = [ 80 443 ];
+    };
+  };
+}