diff --git a/hosts/chilly/default.nix b/hosts/chilly/default.nix
index 82348f8..aecaa71 100644
--- a/hosts/chilly/default.nix
+++ b/hosts/chilly/default.nix
@@ -22,24 +22,6 @@
   services.tailscaleAutoconnect.authkey = "tskey-auth-kRXS9oPyPm11CNTRL-BE6YnbP9J6ZZuV9dHkX17ZMnm1JGdu93";
   services.consul.interface.advertise = lib.mkForce "br0";
 
-  virtualisation.libvirtd = {
-    enable = true;
-    allowedBridges = [ "br0" ];
-  };
-
-  environment.systemPackages = with pkgs; [
-    unstable.qemu
-    usbutils
-    virt-manager
-    (pkgs.writeShellScriptBin "qemu-system-x86_64-uefi" ''
-      qemu-system-x86_64 \
-        -bios ${pkgs.OVMF.fd}/FV/OVMF.fd \
-        "$@"
-    '')
-  ];
-
-  users.users.ppetru.extraGroups = [ "libvirtd" ];
-
   networking.useNetworkd = true;
   systemd.network.enable = true;
   # not useful and potentially a security loophole
@@ -69,4 +51,29 @@
       # DHCP = "yes";
 	};
   };
+
+  virtualisation.libvirtd = {
+    enable = true;
+    allowedBridges = [ "br0" ];
+  };
+
+  systemd.services.hassos = {
+    description = "Home Assistant OS VM";
+    wantedBy = [ "multi-user.target" ];
+    script = ''
+      ${pkgs.qemu}/bin/qemu-system-x86_64 -bios ${pkgs.OVMF.fd}/FV/OVMF.fd -name 'hassos' -enable-kvm -cpu host -m 16384 -smp 4 -drive 'if=virtio,file=/persist/hassos/disk-drive-sata0.raw,format=raw' -nic 'bridge,br=br0,mac=2E:DD:78:D5:78:9B' -device qemu-xhci,id=xhci -device usb-host,bus=xhci.0,vendorid=0x0658,productid=0x0200 -device usb-host,bus=xhci.0,vendorid=0x10c4,productid=0xea60 -nographic -serial telnet:localhost:4321,server=on,wait=off -monitor telnet:localhost:4322,server=on,wait=off
+      '';
+    preStop = ''
+      echo 'system_powerdown' | ${pkgs.netcat-gnu}/bin/nc localhost 4322
+      sleep 10
+      '';
+  };
+
+  environment.systemPackages = with pkgs; [
+    qemu
+    inetutils # for telnet to qemu
+    usbutils
+  ];
+
+  users.users.ppetru.extraGroups = [ "libvirtd" ];
 }