diff --git a/flake.nix b/flake.nix
index 1fd6011c..cecaf3fc 100644
--- a/flake.nix
+++ b/flake.nix
@@ -404,11 +404,7 @@
         nix-build = nixosSystem' {
           modules = [
             ./hosts/containers/nix-build
-            {
-              _module.args.tftproots = nixpkgs.lib.filterAttrs (name: _:
-                builtins.match ".+-tftproot" name != null
-              ) self.packages.x86_64-linux;
-            } ];
+          ];
         };
 
         pulsebert = nixosSystem' {
@@ -673,7 +669,11 @@
           modules = [
             self.nixosModules.microvm
             ./hosts/containers/nfsroot
-          ];
+            {
+              _module.args.tftproots = nixpkgs.lib.filterAttrs (name: _:
+                builtins.match ".+-tftproot" name != null
+              ) self.packages.x86_64-linux;
+            }          ];
         };
 
         riscbert = nixosSystem' {
diff --git a/hosts/containers/nfsroot/default.nix b/hosts/containers/nfsroot/default.nix
index 22ae7d1c..2be841e2 100644
--- a/hosts/containers/nfsroot/default.nix
+++ b/hosts/containers/nfsroot/default.nix
@@ -8,6 +8,10 @@ let
     "var/lib/dump-dvb/whoopsie"
   ];
 in {
+  imports = [
+    ./tftp.nix
+  ];
+
   microvm = {
     hypervisor = "cloud-hypervisor";
     mem = 2048;
diff --git a/hosts/containers/nix-build/tftp.nix b/hosts/containers/nfsroot/tftp.nix
similarity index 72%
rename from hosts/containers/nix-build/tftp.nix
rename to hosts/containers/nfsroot/tftp.nix
index 08e42d96..d6051145 100644
--- a/hosts/containers/nix-build/tftp.nix
+++ b/hosts/containers/nfsroot/tftp.nix
@@ -17,12 +17,6 @@ in
 {
   networking.firewall.enable = false;
 
-  fileSystems."/var/lib/nfsroot/dacbert" = {
-    device = "${hostRegistry.hosts.nfsroot.ip4}:/var/lib/nfsroot/dacbert";
-    fsType = "nfs";
-    options = [ "nfsvers=3" "proto=tcp" "nolock" "soft" "async" "ro" ];
-  };
-
   # raspberrypi boot
   services.atftpd = {
     enable = true;
@@ -52,14 +46,6 @@ in
             "${subnet}(${opts "ro" 0})"
           ) allowed
         }
-        /var/lib/nfsroot/dacbert ${
-          lib.concatMapStringsSep " " (subnet:
-            "${subnet}(${opts "rw" 1})"
-          ) allowed
-        }
     '';
   };
-  systemd.tmpfiles.rules = [
-    "d /var/lib/nfsroot/dacbert 0755 root root - -"
-  ];
 }
diff --git a/hosts/containers/nix-build/default.nix b/hosts/containers/nix-build/default.nix
index 4e83ccf7..7dd60874 100644
--- a/hosts/containers/nix-build/default.nix
+++ b/hosts/containers/nix-build/default.nix
@@ -2,7 +2,6 @@
 {
   imports = [
     ./hardware-configuration.nix
-    ./tftp.nix
   ];
 
   networking = {