diff --git a/authorized_keys b/authorized_keys
index 6e3496e..1898cc9 100644
--- a/authorized_keys
+++ b/authorized_keys
@@ -1,5 +1,3 @@
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMz78nZkUOX3h595wfXQvQcHIsJRWMYqsG3K+zY5cY5Y mtxyz@mikenike
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINTsm2cnF/gFmJz3ogClVCq/qZP7L0lK+cFH7IQ/mEj6 mtxyz@jellydonut
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDmImjnbrhOa8rU2pFISuzt8TlrLmSS40B0IvxwuFrOY mtxyz@sushiroll
-ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINFN/AOGSRVxy5EK2kPtlxKocrbgwnQOMASrnDsVykGy openpgp:0x24083BA7
 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINN+E/BTYS7sV0dXi7RL3xfb2sMz4el1GfKqhSbbayNb termux
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBu4rmDrPAsVNArCMkgqjOSVWOtTaD6ZvWQYtJzUT8u mtxyz@mikenike
diff --git a/configuration.nix b/configuration.nix
index db2e934..472da39 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -1,12 +1,19 @@
+{pkgs, ... }:
 {
-  users.users.mtxyz = {
+  boot.loader.raspberryPi = {
+    version = 3;
+  };
+
+  boot.initrd.kernelModules = [ "vc4" "bcm2835_dma" "i2c_bcm2835" ];
+  
+  networking.hostName = "orange";
+  nixpkgs.hostPlatform.system = "aarch64-linux";
+  system.stateVersion = "23.05";
+
+  users.users.root = {
     openssh.authorizedKeys.keyFiles = [
       ./authorized_keys
     ];
-    isNormalUser = true;
-
-    extraGroups = [ "wheel" "dialout" ];
-    initialPassword = "";
   };
   services.openssh.enable = true;
 }
diff --git a/flake.lock b/flake.lock
index e43b1b8..11279df 100644
--- a/flake.lock
+++ b/flake.lock
@@ -1,6 +1,58 @@
 {
   "nodes": {
+    "colmena": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "flake-utils": "flake-utils",
+        "nixpkgs": "nixpkgs",
+        "stable": "stable"
+      },
+      "locked": {
+        "lastModified": 1688224393,
+        "narHash": "sha256-rsAvFNhRFzTF7qyb6WprLFghJnRxMFjvD2e5/dqMp4I=",
+        "owner": "zhaofengli",
+        "repo": "colmena",
+        "rev": "19384f3ee2058c56021e4465a3ec57e84a47d8dd",
+        "type": "github"
+      },
+      "original": {
+        "owner": "zhaofengli",
+        "repo": "colmena",
+        "type": "github"
+      }
+    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1650374568,
+        "narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "b4a34015c698c7793d592d66adbab377907a2be8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-utils": {
+      "locked": {
+        "lastModified": 1659877975,
+        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
+    "flake-utils_2": {
       "locked": {
         "lastModified": 1678901627,
         "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
@@ -17,24 +69,57 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1680398059,
-        "narHash": "sha256-qtbKRe+pWuf5nNINdiCgn6EwOIQZxj0Ig/wybBpFNkQ=",
+        "lastModified": 1683408522,
+        "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1689680872,
+        "narHash": "sha256-brNix2+ihJSzCiKwLafbyejrHJZUP0Fy6z5+xMOC27M=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "7c656856e9eb863c4d21c83e2601dd77f95f6941",
+        "rev": "08700de174bc6235043cb4263b643b721d936bdb",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-unstable",
+        "ref": "nixos-23.05",
         "repo": "nixpkgs",
         "type": "github"
       }
     },
     "root": {
       "inputs": {
-        "flake-utils": "flake-utils",
-        "nixpkgs": "nixpkgs"
+        "colmena": "colmena",
+        "flake-utils": "flake-utils_2",
+        "nixpkgs": "nixpkgs_2"
+      }
+    },
+    "stable": {
+      "locked": {
+        "lastModified": 1669735802,
+        "narHash": "sha256-qtG/o/i5ZWZLmXw108N2aPiVsxOcidpHJYNkT45ry9Q=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "731cc710aeebecbf45a258e977e8b68350549522",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-22.11",
+        "repo": "nixpkgs",
+        "type": "github"
       }
     }
   },
diff --git a/flake.nix b/flake.nix
index b36fa1b..cc8bdd1 100644
--- a/flake.nix
+++ b/flake.nix
@@ -2,8 +2,9 @@
   description = "my project description";
 
   inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-23.05";
     flake-utils.url = "github:numtide/flake-utils";
+    colmena.url = "github:zhaofengli/colmena";
   };
 
   outputs = inputs@{self, nixpkgs, flake-utils, ...}:
@@ -11,20 +12,24 @@
   let
     pkgs = import nixpkgs {
       inherit system;
+      overlays = [ inputs.colmena.overlay ];
     };
     crossPkgs = pkgs.pkgsCross.aarch64-multiplatform;
   in
-  {
-    apps.default = {
-      type = "app";
-      program = self.outputs.packages.${system}.vmscript + "/bin/vmscript";
-    };
-    packages.vmscript = pkgs.writeScriptBin "vmscript" ''
+    {
+      devShell = pkgs.mkShell {
+        packages = with pkgs; [ colmena ];
+      };
+      apps.default = {
+        type = "app";
+        program = self.outputs.packages.${system}.vmscript + "/bin/vmscript";
+      };
+      packages.vmscript = pkgs.writeScriptBin "vmscript" ''
         #!${pkgs.runtimeShell} -e
         img=./sd-card.img
-        cp -b ${self.outputs.image}/sd-image/orange.img $img
+        ${pkgs.zstd}/bin/zstd -k -d ${self.outputs.image}/sd-image/orange.img.zst -o $img
         chmod 640 $img
-        truncate -s %2G $img
+        truncate -s 16G $img
         ${pkgs.qemu}/bin/qemu-system-aarch64 \
           -machine raspi3b \
           -kernel "${crossPkgs.ubootRaspberryPi3_64bit}/u-boot.bin" \
@@ -36,23 +41,32 @@
           -serial null \
           -serial mon:stdio
       '';
-    }) // {
+    }) // rec {
+      colmena = {
+        meta = {
+          nixpkgs = import nixpkgs {
+            system = "aarch64-linux";
+          };
+        };
+        orange = {
+          imports = [
+            ./configuration.nix
+            "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
+          ];
+        };
+      };
       nixosConfigurations.orange = nixpkgs.lib.nixosSystem {
         modules = [
+          ./configuration.nix
           "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
           {
-            boot.kernelParams = [ "console=ttyS1,115200n8" ];
-            networking.hostName = "orange";
-            system.stateVersion = "23.05";
-            nixpkgs.hostPlatform.system = "aarch64-linux";
             sdImage = {
               imageName = "orange.img";
-              compressImage = false;
             };
           }
-          ./configuration.nix
+
         ];
       };
-      image = self.outputs.nixosConfigurations.orange.config.system.build.sdImage;
+      image = nixosConfigurations.orange.config.system.build.sdImage;
     };
 }