diff --git a/basic-tools.nix b/basic-tools.nix
index f42a2db..ed5943c 100644
--- a/basic-tools.nix
+++ b/basic-tools.nix
@@ -17,10 +17,9 @@
     gnupg
     pwgen
     gcc
-    silver-searcher
+    ripgrep
     fzf
     tree
-    python
     python3
     python3Packages.ipython
     gdb
@@ -31,12 +30,13 @@
     zip
     file
     unzip
-    elinks
+    #elinks
+    links2
     ctags
     nix-prefetch-scripts
     (pkgs.wireguard or pkgs.hello)
     jq
-    b2sum
+    #b2sum
   ];
 
   environment.variables.EDITOR = "${pkgs.neovim}/bin/nvim";
diff --git a/murex.nix b/murex.nix
new file mode 100644
index 0000000..44813ca
--- /dev/null
+++ b/murex.nix
@@ -0,0 +1,116 @@
+{ config, pkgs, ... }:
+
+{
+  imports = [
+    ./basic-tools.nix
+  ];
+
+  boot.loader.grub.enable = false;
+
+  boot.loader.raspberryPi = {
+    enable = true;
+    version = 3;
+    uboot.enable = true;
+  };
+
+  # boot.kernelPackages = pkgs.linuxPackages_latest;
+  # boot.kernelPackages = pkgs.linuxPackages_4_18;
+  # boot.kernelPackages = pkgs.linuxPackages_latest;
+  boot.kernelPackages = pkgs.linuxPackages_rpi;
+
+  boot.kernelParams = [
+    "cma=32M" # for virtual console, see https://nixos.wiki/wiki/NixOS_on_ARM
+    "console=tty0"
+  ];
+
+  hardware.enableRedistributableFirmware = true;
+  # hardware.firmware = with pkgs; [
+  #   (stdenv.mkDerivation {
+  #     name = "broadcom-rpi3bplus-extra";
+  #     src = fetchurl {
+  #       url = "https://raw.githubusercontent.com/RPi-Distro/firmware-nonfree/b518de4/brcm/brcmfmac43455-sdio.txt";
+  #       sha256 = "0r4bvwkm3fx60bbpwd83zbjganjnffiq1jkaj0h20bwdj9ysawg9";
+  #     };
+  #     phases = [ "installPhase" ];
+  #     installPhase = ''
+  #       mkdir -p $out/lib/firmware/brcm
+  #       cp $src $out/lib/firmware/brcm/brcmfmac43455-sdio.txt
+  #     '';
+  #   })
+  # ];
+  # networking.wireless.enable = true;
+  # networking.networkmanager.enable = true;
+  # networking.wireless.iwd.enable = true;
+
+  fileSystems = {
+    # "/boot" = {
+    #   device = "/dev/disk/by-label/NIXOS_BOOT";
+    #   fsType = "vfat";
+    # };
+    "/" = {
+      device = "/dev/disk/by-label/NIXOS_SD";
+      fsType = "ext4";
+    };
+  };
+
+  networking.hostName = "murex";
+  #networking.hostId = "34a820f1";
+
+  time.timeZone = "Europe/Vienna";
+
+  environment.systemPackages = with pkgs; [
+    raspberrypi-tools
+  ];
+
+  users.extraUsers.gebner = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" "networkmanager" "audio" "transmission" ];
+    shell = pkgs.fish;
+    # password = if config.virtualisation != null then "" else null;
+  };
+
+  services.openssh = {
+    enable = true;
+    passwordAuthentication = false;
+  };
+
+  documentation.nixos.enable = false;
+
+  services.octoprint = {
+    enable = true;
+    # port = 80;
+  };
+  users.users.${config.services.octoprint.user}.extraGroups = [
+    "dialout" # ttyUSB access
+  ];
+
+  services.mjpg-streamer.enable = true;
+
+  networking.firewall = {
+    enable = true;
+    allowedTCPPorts = [
+      # config.services.octoprint.port
+      # 5050 # mjpg-streamer
+      80
+    ];
+  };
+
+  services.nginx = {
+    enable = true;
+    recommendedTlsSettings = true;
+    recommendedOptimisation = true;
+    recommendedGzipSettings = true;
+    recommendedProxySettings = true;
+
+    virtualHosts."murex.mtlaa.gebner.org" = {
+      locations."/" = {
+        proxyPass = "http://localhost:5000";
+        proxyWebsockets = true;
+      };
+      locations."/webcam/".proxyPass = "http://localhost:5050/?action=stream";
+      locations."/webcampic/".proxyPass = "http://localhost:5050/?action=static";
+    };
+  };
+
+  system.stateVersion = "19.03";
+}