diff --git a/flake.nix b/flake.nix
index 4a60419..da00e0b 100644
--- a/flake.nix
+++ b/flake.nix
@@ -231,6 +231,7 @@
           specialArgs = { inherit inputs self; registry = registry.notice-me-senpai; };
           modules = [
             sops-nix.nixosModules.sops
+            microvm.nixosModules.microvm
             ./modules/TLMS
             ./hosts/notice-me-senpai
           ];
diff --git a/hosts/notice-me-senpai/configuration.nix b/hosts/notice-me-senpai/configuration.nix
deleted file mode 100644
index 6a23815..0000000
--- a/hosts/notice-me-senpai/configuration.nix
+++ /dev/null
@@ -1,12 +0,0 @@
-{ self, pkgs, lib, ... }: {
-  sops.defaultSopsFile = self + /secrets/notice-me-senpai/secrets.yaml;
-
-  boot = {
-    tmp.cleanOnBoot = true;
-    kernelPackages = pkgs.linuxPackages_latest;
-  };
-
-  users.motd = lib.mkForce (builtins.readFile ./motd.txt);
-
-  system.stateVersion = "22.11";
-}
diff --git a/hosts/notice-me-senpai/default.nix b/hosts/notice-me-senpai/default.nix
index 4c78c1c..15bb6fe 100644
--- a/hosts/notice-me-senpai/default.nix
+++ b/hosts/notice-me-senpai/default.nix
@@ -1,10 +1,94 @@
-{ ... }:
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, lib, ... }:
+let
+  mac_addr = "00:de:5b:f9:e2:3e";
+in
 {
   imports = [
-    ./configuration.nix
-    ./hardware-configuration.nix
     ./grafana.nix
-    ./uplink.nix
-    ./wg.nix
   ];
+  microvm = {
+    vcpu = 4;
+    mem = 1024 * 4;
+    hypervisor = "cloud-hypervisor";
+    socket = "${config.networking.hostName}.socket";
+
+    interfaces = [{
+      type = "tap";
+      id = "serv-tlm-mon";
+      mac = mac_addr;
+    }];
+
+    shares = [{
+      source = "/nix/store";
+      mountPoint = "/nix/.ro-store";
+      tag = "store";
+      proto = "virtiofs";
+      socket = "store.socket";
+    }
+      {
+        source = "/var/lib/microvms/notice-me-senpai/etc";
+        mountPoint = "/etc";
+        tag = "etc";
+        proto = "virtiofs";
+        socket = "etc.socket";
+      }
+      {
+        source = "/var/lib/microvms/notice-me-senpai/var";
+        mountPoint = "/var";
+        tag = "var";
+        proto = "virtiofs";
+        socket = "var.socket";
+      }];
+  };
+
+  time.timeZone = "Europe/Berlin";
+
+  networking.useNetworkd = true;
+
+  sops.defaultSopsFile = ../../secrets/notice-me-senpai/secrets.yaml;
+  sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+
+  sops.secrets.wg-seckey = {
+    owner = config.users.users.systemd-network.name;
+  };
+  deployment-TLMS.net = {
+    iface.uplink = {
+      name = "ens3";
+      mac = mac_addr;
+      matchOn = "mac";
+      useDHCP = false;
+      addr4 = "172.20.73.10/25";
+      dns = [ "172.20.73.8" "9.9.9.9" ];
+      routes = [
+        {
+          routeConfig = {
+            Gateway = "172.20.73.1";
+            GatewayOnLink = true;
+            Destination = "0.0.0.0/0";
+          };
+        }
+      ];
+    };
+
+    wg = {
+      prefix4 = 24;
+      privateKeyFile = config.sops.secrets.wg-seckey.path;
+    };
+
+  };
+
+  users.motd = lib.mkForce (builtins.readFile ./motd.txt);
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.11"; # Did you read the comment?
+
 }
diff --git a/hosts/notice-me-senpai/hardware-configuration.nix b/hosts/notice-me-senpai/hardware-configuration.nix
deleted file mode 100644
index b1aacee..0000000
--- a/hosts/notice-me-senpai/hardware-configuration.nix
+++ /dev/null
@@ -1,9 +0,0 @@
-{ modulesPath, ... }:
-{
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
-  boot.loader.grub.device = "/dev/sda";
-  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
-  boot.initrd.kernelModules = [ "nvme" ];
-  fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; };
-
-}
diff --git a/hosts/notice-me-senpai/uplink.nix b/hosts/notice-me-senpai/uplink.nix
deleted file mode 100644
index aeb15f3..0000000
--- a/hosts/notice-me-senpai/uplink.nix
+++ /dev/null
@@ -1,13 +0,0 @@
-{ lib, ... }: {
-  networking.useNetworkd = lib.mkForce true;
-  systemd.network.enable = true;
-
-  deployment-TLMS.net = {
-    iface.uplink = {
-      name = "enp1s0";
-      mac = "96:00:02:25:d4:48";
-      matchOn = "mac";
-      useDHCP = true;
-    };
-  };
-}
diff --git a/hosts/notice-me-senpai/wg.nix b/hosts/notice-me-senpai/wg.nix
deleted file mode 100644
index 8c3e174..0000000
--- a/hosts/notice-me-senpai/wg.nix
+++ /dev/null
@@ -1,11 +0,0 @@
-{ config, ... }: {
-  sops.secrets.wg-seckey.owner = config.users.users.systemd-network.name;
-
-  networking.firewall.allowedUDPPorts = [ 51820 ];
-  networking.wireguard.enable = true;
-
-  deployment-TLMS.net.wg = {
-    prefix4 = 24;
-    privateKeyFile = config.sops.secrets.wg-seckey.path;
-  };
-}