diff --git a/nix/system/nas-configuration.nix b/nix/system/nas-configuration.nix
new file mode 100644
index 0000000..bddb0d4
--- /dev/null
+++ b/nix/system/nas-configuration.nix
@@ -0,0 +1,165 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      # Include the results of the hardware scan.
+      /etc/nixos/hardware-configuration.nix
+      /etc/nixos/glibc-locale-paths.nix
+    ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.systemd-boot.configurationLimit = 42;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  hardware.bluetooth.enable = true;
+  networking.networkmanager.enable = true;
+  networking.hostName = "athena"; # Define your hostname.
+  # Create entries for /etc/wpa_supplicant.conf by running `wpa_passphrase SSID PASSWORD`
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking.useDHCP = false;
+  networking.interfaces.wlp58s0.useDHCP = true;
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  console = {
+    font = "Fira Code";
+    keyMap = "us";
+  };
+
+  # Select internationalisation properties.
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+  };
+  # run the following command to swap escape and caps-lock keys, like a
+  # civilized person:
+  # setxkbmap -option caps:swapescape
+
+  # Set your time zone.
+  time.timeZone = "America/Los_Angeles";
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+    cachix
+    calibre
+    firefox
+    inkscape
+    p7zip
+    plasma-browser-integration
+    slack
+    vim
+    vlc
+    wget
+    xclip
+    zathura
+    zsh
+  ];
+
+  nixpkgs.config.allowUnfree = true;
+  nixpkgs.config.firefox.enablePlasmaBrowserIntegration = true;
+
+  fonts.fonts = with pkgs; [ fira-code ];
+
+  # Open ports in the firewall.
+  networking.firewall = {
+    allowedTCPPorts = [
+      631 # CUPs port for printing
+      6881 # port for torrenting
+      8010 # port for VLC to chromecast
+    ];
+    allowedUDPPorts = [
+      631
+      6881
+      8010
+    ];
+  };
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  # services.openssh.enable = true;
+
+  # Enable CUPS to print documents.
+  services.printing = {
+    enable = true;
+    drivers = [ pkgs.hplip ];
+  };
+  # enable avahi for printer discovery
+  services.avahi = {
+    enable = true;
+    nssmdns = true;
+  };
+
+  # Enable sound.
+  sound.enable = true;
+  hardware.pulseaudio = {
+    enable = true;
+    # The full package is necessary to allow bluetooth audio devices.
+    package = pkgs.pulseaudioFull;
+  };
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.layout = "us";
+  services.xserver.xkbOptions = "caps:swapescape";
+
+  # Enable touchpad support.
+  services.xserver.libinput.enable = true;
+
+  # Enable the KDE Desktop Environment.
+  services.xserver = {
+    displayManager.sddm.enable = true;
+    desktopManager.plasma5.enable = true;
+  };
+
+  services.syncthing = {
+    enable = true;
+    user = "haak";
+    dataDir = "/home/haak/synced";
+    configDir = "/home/haak/synced/.config/syncthing";
+  };
+
+  location.provider = "geoclue2";
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.haak = {
+    isNormalUser = true;
+    extraGroups = [
+      "wheel" # Enable ‘sudo’ for the user.
+      "networkmanager" # Allow the user to manage networks
+    ];
+  };
+
+  users.extraUsers.haak = {
+    shell = pkgs.zsh;
+  };
+
+  nix.settings.trustedUsers = [ "root" "haak" ];
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "20.03"; # Did you read the comment?
+  system.autoUpgrade.enable = true;
+}