diff --git a/base/defaults.nix b/base/defaults.nix
index 0b1882b..74e9d01 100644
--- a/base/defaults.nix
+++ b/base/defaults.nix
@@ -1,28 +1,30 @@
 { lib, ... }:
 {
-    i18n.defaultLocale = lib.mkDefault "en_GB.UTF-8";
-    console.keyMap = lib.mkDefault "us";
-    services.xserver.xkb.layout = lib.mkDefault "us-fruchti";
-    services.openssh = {
-        enable = lib.mkDefault true;
-        settings = {
-            PasswordAuthentication = lib.mkDefault false;
-            KbdInteractiveAuthentication = lib.mkDefault false;
-            X11Forwarding = lib.mkDefault true;
+    config = lib.mkDefault {
+        i18n.defaultLocale = "en_GB.UTF-8";
+        console.keyMap = "us";
+        services.xserver.xkb.layout = "us-fruchti";
+        services.openssh = {
+            enable = true;
+            settings = {
+                PasswordAuthentication = false;
+                KbdInteractiveAuthentication = false;
+                X11Forwarding = true;
+            };
+        };
+
+        programs.command-not-found.enable = true;
+
+        programs.direnv.enable = true;
+
+        nix.gc = {
+            automatic = true;
+            dates = "weekly";
+            options = "--delete-older-than 30d";
+        };
+        services.angrr = {
+            enable = true;
+            period = "2weeks";
         };
     };
-
-    programs.command-not-found.enable = lib.mkDefault true;
-
-    programs.direnv.enable = lib.mkDefault true;
-
-    nix.gc = {
-        automatic = lib.mkDefault true;
-        dates = lib.mkDefault "weekly";
-        options = lib.mkDefault "--delete-older-than 30d";
-    };
-    services.angrr = {
-        enable = lib.mkDefault true;
-        period = lib.mkDefault "2weeks";
-    };
 }
diff --git a/hosts/Emitter.nix b/hosts/Emitter.nix
index 8f12e6e..12e9958 100644
--- a/hosts/Emitter.nix
+++ b/hosts/Emitter.nix
@@ -3,6 +3,8 @@
     imports = [
         ./forgejo.nix
         ./tls_sni.nix
+
+        ./labs.nix
     ];
 
     boot.loader.grub.enable = true;
diff --git a/hosts/labs.nix b/hosts/labs.nix
new file mode 100644
index 0000000..295a337
--- /dev/null
+++ b/hosts/labs.nix
@@ -0,0 +1,29 @@
+{ config, lib, pkgs, ... }:
+{
+    environment.systemPackages = with pkgs; [
+        vagrant
+    ];
+
+    nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
+        "vagrant"
+    ];
+
+    environment.variables = {
+        VAGRANT_DEFAULT_PROVIDER = "libvirt";
+    };
+
+    virtualisation.libvirtd = {
+        enable = true;
+    };
+
+    users.users.fruchti.extraGroups = [
+        "libvirtd"
+    ];
+
+    networking.firewall.allowedTCPPorts = [
+        8000
+        8001
+        4119
+        2222
+    ];
+}