diff --git a/hardware/thinkpad-t470s.nix b/hardware/thinkpad-t470s.nix
new file mode 100644
index 0000000..2a30a6a
--- /dev/null
+++ b/hardware/thinkpad-t470s.nix
@@ -0,0 +1,31 @@
+{ config, lib, pkgs, modulesPath, ... }: {
+
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    <nixos-hardware/lenovo/thinkpad/t470s>
+    <nixos-hardware/common/pc/ssd>
+    <nixos-hardware/common/pc/laptop>
+  ];
+
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usb_storage"
+    "usbhid"
+    "sd_mod"
+  ];
+  boot.kernelModules = [ "kvm-intel" ];
+
+  # Ignore Alcor smartcard (gpg is not very smart)
+  # See https://ludovicrousseau.blogspot.com/2015/12/remove-andor-customize-pcsc-reader-names.html
+  #systemd.services.pcscd.environment.PCSCLITE_FILTER_IGNORE_READER_NAMES =
+  #  "Alcor";
+
+  hardware.video.hidpi.enable = true;
+
+  # CPU Configuration
+  hardware.cpu.intel.updateMicrocode = true;
+  services.throttled.enable = true;
+  powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
+}
diff --git a/host/federispitz/default.nix b/host/federispitz/default.nix
new file mode 100644
index 0000000..68304fa
--- /dev/null
+++ b/host/federispitz/default.nix
@@ -0,0 +1,42 @@
+{ config, pkgs, ... }: {
+
+  imports = [
+    ./filesystems.nix
+    ./networking.nix
+    #./printing.nix
+    #./backup.nix #TODO: Extract applications from desktop role
+
+    ../../hardware/thinkpad-t470s.nix
+
+    ../../defaults/base
+    ../../defaults/cifs-auth-fix
+    ../../defaults/desktop
+    #../../defaults/games
+    ../../defaults/user-configuration
+    ../../defaults/user-configuration/fhauser
+    #../../defaults/printing
+  ];
+
+  #TODO: Clean up next section
+  services.xserver.dpi = 180;
+
+  virtualisation = { # TODO: This should probably be somewhere else.
+    docker = {
+      enable = true;
+      enableOnBoot = false;
+    };
+    libvirtd.enable = true;
+  };
+
+  # Set your time zone.
+  time.timeZone = "Europe/Amsterdam";
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like fi:le locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "20.09"; # Did you read the comment?
+
+}
diff --git a/host/federispitz/filesystems.nix b/host/federispitz/filesystems.nix
new file mode 100644
index 0000000..52e1d12
--- /dev/null
+++ b/host/federispitz/filesystems.nix
@@ -0,0 +1,30 @@
+{ config, pkgs, lib, ... }: {
+  boot.initrd.luks.devices = {
+    "root".device = "/dev/disk/by-uuid/660b61d1-971d-4acc-9577-68a491eaf63b";
+    "swap".device = "/dev/disk/by-uuid/350eebba-6641-46a0-be1d-a7197157b704";
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/mapper/root";
+      fsType = "btrfs";
+      options = [ "subvol=nixos" ];
+    };
+    "/home" = {
+      device = "/dev/mapper/root";
+      fsType = "btrfs";
+      options = [ "subvol=home" ];
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/F2EF-1BBF";
+      fsType = "vfat";
+    };
+  };
+
+  swapDevices = [{ device = "/dev/mapper/swap"; }];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+}
diff --git a/host/federispitz/networking.nix b/host/federispitz/networking.nix
new file mode 100644
index 0000000..8c4ba74
--- /dev/null
+++ b/host/federispitz/networking.nix
@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+{
+
+  networking = {
+    networkmanager.enable = true;
+    useDHCP = false;
+    #wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+    hostName = "federispitz";
+  };
+
+  # Configure network proxy if necessary
+  # networking.proxy.default = "http://user:password@proxy:port/";
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+
+  #networking.wireguard.enable = true;
+  #networking.wireguard.interfaces = let
+  #  meta = import ../../meta;
+  #  vnetworks = meta.network.virtual;
+  #  vnetworkName = "mgmt";
+  #in {
+  #  "wg-${vnetworkName}" =
+  #    pkgs.lib.qois.wireguard.makeInterface config.networking.hostName
+  #    vnetworkName vnetworks.${vnetworkName};
+  #};
+}
diff --git a/host/federispitz/printing.nix b/host/federispitz/printing.nix
new file mode 100644
index 0000000..bb07603
--- /dev/null
+++ b/host/federispitz/printing.nix
@@ -0,0 +1,16 @@
+{ config, pkgs, ... }:
+
+{
+  hardware.printers.ensureDefaultPrinter = "hsr-mfp-8261";
+  hardware.printers.ensurePrinters = [{
+    name = "hsr-mfp-8261";
+    deviceUri = "smb://hsr.ch/printsrv-d.hsr.ch/d8261-a4mfp";
+    location = "HSR 8.261";
+    model = "HP/hp-color_laserjet_mfp_m577-ps.ppd.gz";
+    ppdOptions = {
+      Duplex = "DuplexNoTumble";
+      PageSize = "A4";
+      auth-info-required = "username,password";
+    };
+  }];
+}