diff --git a/home/default.nix b/home/default.nix
index b81ae69..22948af 100644
--- a/home/default.nix
+++ b/home/default.nix
@@ -22,7 +22,7 @@ in
         home = {
           homeDirectory = "/home/spark";
           username = "spark";
-          stateVersion = "22.11";
+          stateVersion = "23.05";
         };
       }] ++ commonModules;
       pkgs = self.legacyPackages.aarch64-linux;
@@ -33,7 +33,18 @@ in
         home = {
           homeDirectory = "/home/bat";
           username = "bat";
-          stateVersion = "22.11";
+          stateVersion = "23.05";
+        };
+      }] ++ commonModules;
+      pkgs = self.legacyPackages.x86_64-linux;
+    };
+
+    spin = inputs.home-manager.lib.homeManagerConfiguration {
+      modules = [{
+        home = {
+          homeDirectory = "/home/spin";
+          username = "spin";
+          stateVersion = "23.05";
         };
       }] ++ commonModules;
       pkgs = self.legacyPackages.x86_64-linux;
diff --git a/hosts/README.org b/hosts/README.org
index 9d0f6ab..1ca8ea7 100644
--- a/hosts/README.org
+++ b/hosts/README.org
@@ -1,3 +1,4 @@
 + satori is my home laptop
 + marisa is my Raspberry Pi 4 (B)
 + remilia is my cloud VM
++ hina is another cloud VM I use for ZNC
diff --git a/hosts/default.nix b/hosts/default.nix
index 692a59b..5a71b9d 100644
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -45,5 +45,17 @@ in
       ++ commonModules
       ++ serverModules;
     };
+
+    #Oracle Cloud VM
+    hina = nixpkgs.lib.nixosSystem rec {
+      system = "x86_64-linux";
+      modules = [
+        ./hina
+        ./modules/x86builder.nix
+        { nixpkgs.pkgs = self.legacyPackages.${system}; }
+      ]
+      ++ commonModules
+      ++ serverModules;
+    };
   };
 }
diff --git a/hosts/hina/boot.nix b/hosts/hina/boot.nix
new file mode 100644
index 0000000..6f50331
--- /dev/null
+++ b/hosts/hina/boot.nix
@@ -0,0 +1,14 @@
+{ config, ... }:
+{
+  boot = {
+    kernel.sysctl."net.ipv4.ip_forward" = 1;
+    initrd.kernelModules = [ "bochs" ];
+    initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" ];
+    kernelModules = [ "kvm-amd" ];
+    kernelParams = [ "console=ttyS0" "console=tty1" "nvme.shutdown_timeout=10" "libiscsi.debug_libiscsi_eh=1" ];
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+  };
+}
diff --git a/hosts/hina/default.nix b/hosts/hina/default.nix
new file mode 100644
index 0000000..a5c99a8
--- /dev/null
+++ b/hosts/hina/default.nix
@@ -0,0 +1,22 @@
+{ config, pkgs, lib', ... }:
+{
+  imports = [
+    ./networking.nix
+    ./hardware.nix
+    ./boot.nix
+    ./services.nix
+  ];
+
+  time.timeZone = "Asia/Kolkata";
+
+  users.users.spin = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    home = "/home/spin";
+    extraGroups = [ "wheel" ];
+    openssh.authorizedKeys.keys = lib'.network.commonSSHKeys;
+  };
+  programs.zsh.enable = true;
+
+  system.stateVersion = "21.11";
+}
diff --git a/hosts/hina/hardware.nix b/hosts/hina/hardware.nix
new file mode 100644
index 0000000..6ae1292
--- /dev/null
+++ b/hosts/hina/hardware.nix
@@ -0,0 +1,22 @@
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [
+      (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/d91adce2-9059-4a8a-86e7-dee6ecc85b2b";
+      fsType = "ext4";
+    };
+
+  swapDevices = [
+    {
+      device = "/swapfile";
+      size = 7168;
+      priority = 0;
+    }
+  ];
+}
diff --git a/hosts/hina/networking.nix b/hosts/hina/networking.nix
new file mode 100644
index 0000000..d420e04
--- /dev/null
+++ b/hosts/hina/networking.nix
@@ -0,0 +1,35 @@
+{ lib, config, lib', pkgs, ... }:
+{
+  networking = {
+    useDHCP = false;
+    hostName = "hina";
+    firewall =
+      {
+        interfaces = {
+          ens3 = {
+            allowedTCPPorts = [ 9898 80 443 ];
+          };
+        };
+      };
+    interfaces = {
+      ens3 = {
+        useDHCP = true;
+      };
+    };
+
+    wireguard.interfaces.wg0 = with lib'.network.addresses.wireguard.ips; {
+      ips = [ hina ];
+      listenPort = 17840;
+      privateKeyFile = "/var/secrets/wg.key";
+      peers = [
+        {
+          #Oracle VM1
+          publicKey = "z0Y2VNEWcyVQVSqRHiwmiJ5/0MgSPM+HZfEcwIccSxM=";
+          allowedIPs = [ remilia ];
+          endpoint = "${lib'.network.addresses.domain.natto}:17840";
+          persistentKeepalive = 25;
+        }
+      ];
+    };
+  };
+}
diff --git a/hosts/hina/services.nix b/hosts/hina/services.nix
new file mode 100644
index 0000000..86d6fa7
--- /dev/null
+++ b/hosts/hina/services.nix
@@ -0,0 +1,42 @@
+{ config, pkgs, lib, lib', ... }:
+let
+  domain = lib'.network.addresses.domain.natto;
+in
+{
+  services = {
+    cron.enable = true;
+
+    openssh = {
+      enable = true;
+      permitRootLogin = "yes";
+      ports = [ 22 ];
+    };
+
+    znc = {
+      enable = true;
+      mutable = true;
+      useLegacyConfig = false;
+    };
+
+    nginx = {
+      enable = true;
+      virtualHosts = with lib'.network.addresses.wireguard.ips; {
+        "znc.${domain}" = {
+          enableACME = true;
+          forceSSL = true;
+          locations."/" = {
+            proxyPass = "https://${hina}:9898";
+          };
+        };
+      };
+    };
+  };
+
+  security.acme = {
+    acceptTerms = true;
+    certs = lib.mapAttrs (n: _: { email = "natto@${domain}"; })
+      (lib.filterAttrs (_: v: v.enableACME) config.services.nginx.virtualHosts);
+  };
+  security.pki.certificateFiles = [ ../../cert.pem ];
+}
+
diff --git a/hosts/remilia/networking.nix b/hosts/remilia/networking.nix
index 9ceabcf..2ae5a6b 100644
--- a/hosts/remilia/networking.nix
+++ b/hosts/remilia/networking.nix
@@ -68,6 +68,10 @@
             publicKey = "SqskEH7hz7Gv9ZS+FYLRFgKZyJCFbBFCyuvzBYnbfVU=";
             allowedIPs = [ ips.satori ];
           }
+          {
+            publicKey = "IHYIan9Xq2PBTSzcMdHpzx4PM67l09WdsGa6s+siyH0=";
+            allowedIPs = [ ips.hina ];
+          }
         ];
       };
     };
diff --git a/hosts/remilia/services.nix b/hosts/remilia/services.nix
index 73240b5..43895f5 100644
--- a/hosts/remilia/services.nix
+++ b/hosts/remilia/services.nix
@@ -10,11 +10,6 @@ in
       permitRootLogin = "yes";
       ports = [ 22 22002 ];
     };
-    znc = {
-      enable = true;
-      mutable = true;
-      useLegacyConfig = false;
-    };
     nginx = {
       enable = true;
       clientMaxBodySize = "512m";
@@ -52,7 +47,6 @@ in
             };
             serverAliases = [ "www.${domain}" ];
           };
-          "znc.weirdnatto.in" = genericHttpRProxy { addr = "https://${remilia}:9898"; };
           # "vault.${domain}" = genericHttpRProxy { addr = "https://${marisa}:8800"; };
           # "consul.${domain}" = genericHttpRProxy { addr = "http://${marisa}:8500"; };
           "f.${domain}" = genericHttpRProxy { addr = "http://${marisa}:8000"; };
diff --git a/lib/network.nix b/lib/network.nix
index 5defab0..07da379 100644
--- a/lib/network.nix
+++ b/lib/network.nix
@@ -8,6 +8,7 @@
         remilia = "${ipPrefix}.1";
         marisa = "${ipPrefix}.2";
         satori = "${ipPrefix}.3";
+        hina = "${ipPrefix}.4";
       };
     };
     domain = {
@@ -21,5 +22,6 @@
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOSQnDNrNP69tIK7U2D7qaMjycfIjpgx0at4U2D5Ufib"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK5V/hdkTTQSkDLXaEwY8xb/T8+sWtw5c6UjYOPaTrO8"
     "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFyKi0HYfkgvEDvjzmDRGwAq2z2KOkfv7scTVSnonBh"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICEow6+G9F0JjvVwnyrFoObFAKKBQQ2wwScST0Xzs1l"
   ];
 }