diff --git a/k8s/metallb/base/kustomization.yaml b/k8s/metallb/base/kustomization.yaml
deleted file mode 100644
index 3a51ea6..0000000
--- a/k8s/metallb/base/kustomization.yaml
+++ /dev/null
@@ -1,2 +0,0 @@
-resources:
-  - github.com/metallb/metallb/config/native?ref=v0.14.8
diff --git a/k8s/metallb/overlays/prod/generators/secrets-generator.yaml b/k8s/metallb/overlays/prod/generators/secrets-generator.yaml
deleted file mode 100644
index 7b50b93..0000000
--- a/k8s/metallb/overlays/prod/generators/secrets-generator.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: viaduct.ai/v1
-kind: ksops-exec
-
-metadata:
-  name: metallb-secret-generator
-files:
-  - ./secrets/memberlist.yaml
diff --git a/k8s/metallb/overlays/prod/kustomization.yaml b/k8s/metallb/overlays/prod/kustomization.yaml
deleted file mode 100644
index e255410..0000000
--- a/k8s/metallb/overlays/prod/kustomization.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-resources:
-  - ../../base
-generators:
-  - ./generators/secrets-generator.yaml
-
-namespace: metallb-system
-
-generatorOptions:
-  disableNameSuffixHash: true
diff --git a/k8s/metallb/overlays/prod/resources/ipaddresspool.yaml b/k8s/metallb/overlays/prod/resources/ipaddresspool.yaml
deleted file mode 100644
index bba6910..0000000
--- a/k8s/metallb/overlays/prod/resources/ipaddresspool.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: metallb.io/v1beta1
-kind: IPAddressPool
-metadata:
-  name: pool
-spec:
-  addresses:
-    - 10.190.0.0/16
diff --git a/k8s/metallb/overlays/prod/secrets/memberlist.yaml b/k8s/metallb/overlays/prod/secrets/memberlist.yaml
deleted file mode 100644
index 60a8856..0000000
--- a/k8s/metallb/overlays/prod/secrets/memberlist.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-apiVersion: v1
-kind: Secret
-metadata:
-    name: memberlist
-    namespace: metallb-system
-stringData:
-    secretkey: ENC[AES256_GCM,data:8nxcJ9rdL7YciYm9rhAloGFrj7vLFn70OO9t64d51W8J/Xp3S5v4bC+6IyQBkMP9aqo4MEBhPPQixD6hWtkjUw==,iv:zjv6M4tepvW5J+rt7rNwSyiOCy6nZVngB8g1bRrl3dQ=,tag:9vAehmuXBLJ4TvG6pU1Txg==,type:str]
-sops:
-    kms: []
-    gcp_kms: []
-    azure_kv: []
-    hc_vault: []
-    age: []
-    lastmodified: "2024-11-05T02:07:25Z"
-    mac: ENC[AES256_GCM,data:nj3xo9faM/j6tlvOymQXFFrfgK3KtJxNtYa4rAFRHwFZmNk/i1luFev2wtojCoHV770EE0m6O9YUvSSi1MYYFXGV8lvgWSSOdsNb/uqMJzZ800PLczPPtK/D2SGVV503eKvRXJakadn87QSrHA/GobNPV2rF+MgebpNV+/e7+q0=,iv:0I6MB99m1Cd/9QQ+713khZoRGcAqnRAjZUjk9arfWek=,tag:K4F7ploHTgk39OpbRe9vdA==,type:str]
-    pgp:
-        - created_at: "2024-11-05T02:06:57Z"
-          enc: |-
-            -----BEGIN PGP MESSAGE-----
-
-            hQIMAwAAAAAAAAAAAQ/7BX7Aj82Q+R0tIAsYkpdQwVAMM20afL9UTCF96E98eCXG
-            5Ru16wIytCmy28jgZ4HBFEcPnBadB/kbuPzxuX2VKtL3HfBNc0akncMojcxf5fML
-            7Ye37BPfUPG8AkbKf6vwfNxBZau9vK5m5a8xIZC3kenmBltVGp2oaaPIj/5kKdRX
-            t71fm8+xnArQQM6xH1SYXf47WiZIJjYmshG4w6kxMYQFsllyDo56ekLhTcqjv+Bf
-            +vn4Yznu6Aa5skkVgTrGZ0YlOcK7p3fyuMLeWxiy4VzFvS49bSlGlDEnBYL2sJqo
-            JPkPomj6y0BMGWczZ4va5RPyQrj86T+alLulSww2J/2gev9itu1FSpbFNoO3Yzv5
-            RDOHLzXuMrJHEo/JMKwl1oMaWnNcTT0DDiSrAAdaH5hhOy9iKDbi54F+duzwZp0F
-            qv6jg199NrLZdviKXzOjNuNMHQHSw/tL2009Zh75WOt+1Xh+FACBW7VhlPKtC6nP
-            133WhWnXROZdY6oBaCQvhMrXrf10mrsrurRhXb6bHaj9WpOdlAuPa/UYjQ5jNbno
-            4e1JtV9kMT2EuTd8yhA/uT5jVEYfXtGVgwU9VrCkOSMilgltt9ASXaji+VRokaWY
-            bCLpdnWURQsbBVmBf2gSe+AK0kEbk1uUnwu/xdMr5e55bzKbpKvsgJqJ6i37v6zS
-            XgEkqgwwAQzRo9rnLLQR4bC7mu0bReqJK0Gutvsv+kR5COWak+QTmg/azxgOco2K
-            iMkZe1qTm85XciA22gUKrRRuoiq4bxLIyvFmIZhPvXpW2iU2y27Qdr1iMVTdE2o=
-            =N3f8
-            -----END PGP MESSAGE-----
-          fp: 78795D9EBD425CBB3E850BC45DF91852CB14CEFF
-    encrypted_regex: ^(data|stringData)$
-    version: 3.8.1
diff --git a/nixos/hosts/eidola/configuration.nix b/nixos/hosts/eidola/configuration.nix
index d76e00b..12ff837 100644
--- a/nixos/hosts/eidola/configuration.nix
+++ b/nixos/hosts/eidola/configuration.nix
@@ -1,6 +1,5 @@
 {
   config,
-  lib,
   pkgs,
   ...
 }: {
@@ -10,7 +9,6 @@
     ./mounts.nix
     ./secrets.nix
     ./nebula.nix
-    # ./k3s.nix
   ];
 
   networking.hostName = "eidola"; # Define your hostname.
@@ -75,13 +73,5 @@
   };
   boot.initrd.network.udhcpc.enable = true;
 
-  # Proxmox
-  services.proxmox-ve = {
-    enable = true;
-    openFirewall = false;
-  };
-  # TODO: add a bridge
-  # TODO: make sure proxmox stuff is persisted
-
   system.stateVersion = "24.05";
 }
diff --git a/nixos/hosts/eidola/default.nix b/nixos/hosts/eidola/default.nix
index acdbafa..63d401d 100644
--- a/nixos/hosts/eidola/default.nix
+++ b/nixos/hosts/eidola/default.nix
@@ -17,12 +17,6 @@
     inputs.sops-nix.nixosModules.sops
     inputs.disko.nixosModules.disko
     inputs.impermanence.nixosModules.impermanence
-    inputs.proxmox-nixos.nixosModules.proxmox-ve
-    ({...}: {
-      nixpkgs.overlays = [
-        inputs.proxmox-nixos.overlays.${system}
-      ];
-    })
     ./configuration.nix
   ];
 }
diff --git a/nixos/hosts/eidola/k3s.nix b/nixos/hosts/eidola/k3s.nix
deleted file mode 100644
index 02b0354..0000000
--- a/nixos/hosts/eidola/k3s.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{config, lib, ...}: {
-  sops.secrets."k3s-token" = {
-    sopsFile = ../../../secrets/k3s-token.txt;
-    format = "binary";
-  };
-
-  services.k3s = {
-    enable = true;
-    role = "server";
-    clusterInit = true;
-    tokenFile = config.sops.secrets."k3s-token".path;
-
-    extraFlags = lib.concatStringsSep " " [
-      "--disable=servicelb"
-      "--disable=local-storage"
-      "--disable=helm-controller"
-      "--tls-san=k8s.int.min.rip"
-    ];
-  };
-}
diff --git a/nixos/hosts/eidola/mounts.nix b/nixos/hosts/eidola/mounts.nix
index ba0dd5e..4816c59 100644
--- a/nixos/hosts/eidola/mounts.nix
+++ b/nixos/hosts/eidola/mounts.nix
@@ -10,11 +10,6 @@
       "/var/lib/systemd/coredump"
       "/var/lib/nixos"
       "/var/db/sudo"
-
-      "/var/lib/rancher/k3s"
-      "/var/lib/kubelet"
-      "/var/lib/cni"
-      "/var/lib/containerd"
     ];
     files = [
       "/etc/machine-id"
diff --git a/nixos/hosts/eidola/nebula.nix b/nixos/hosts/eidola/nebula.nix
index 40356f9..2cced08 100644
--- a/nixos/hosts/eidola/nebula.nix
+++ b/nixos/hosts/eidola/nebula.nix
@@ -56,18 +56,6 @@ in {
         proto = "tcp";
         host = "any";
       }
-      # Allow `kube-apiserver` from anyone
-      {
-        port = 6443;
-        proto = "tcp";
-        host = "any";
-      }
-      # Allow Proxmox Web from anyone
-      {
-        port = 8006;
-        proto = "tcp";
-        host = "any";
-      }
       # Allow iperf3 from anyone
       {
         port = 5201;
diff --git a/secrets/k3s-token.txt b/secrets/k3s-token.txt
deleted file mode 100644
index b015207..0000000
--- a/secrets/k3s-token.txt
+++ /dev/null
@@ -1,30 +0,0 @@
-{
-	"data": "ENC[AES256_GCM,data:vXYcfWeyHiWcH+m80Jpz+YVEMUxAcmE9eyBzwxTqKb0PSaiAQgnx8WWD503hJuAl/E5i70I0c0zj1foqTILGxw==,iv:LAp+2f4k7IXCclEFLifiZmKZUxNWLPiVmPzp4MTkGK0=,tag:2YoMCI+TR1QBx3aibXug7Q==,type:str]",
-	"sops": {
-		"kms": null,
-		"gcp_kms": null,
-		"azure_kv": null,
-		"hc_vault": null,
-		"age": [
-			{
-				"recipient": "age19yhycdgqczrvttszq97ccljh684x3r7f5dj4p0wdwqsrusqlcayse0vsh3",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBiSGNGY3I3eXl0RFFuRFNU\nMVVqTFowVzRsYUpqZlIrTFNKeFFFZGZnQ1FZCnl6VWxraENxeHJqOWZQMmpMTzZY\nVWdXTlg3OXBIMlUxMTRqb0FqbEdzWTAKLS0tIFBFTFRMQUhydEJpUjBGb0NPdytE\nMjlxenNDNzhXNkNoSWJJZjRKYSt4REkKQm9wMW0FDs9zY8XcC4XwmWq8vey2sjDF\nfPPVSJA9VJTj6Oec6u4A6aeNv9YjFbpnv3Q+Vy2YR1wjAgcjfu9qZQ==\n-----END AGE ENCRYPTED FILE-----\n"
-			},
-			{
-				"recipient": "age1uqxzduupzes3tgfrrlret0n6thyldmlef60nqfzk689lmg6yayvsqpwxj6",
-				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA2TlJoYWU3V3N1QS9rMTVq\ncmZTeElGQWZYMEh2My9NaHFCT0hJdWN0S2gwCk91ZlMxckxhRUx6STRiNEVudlNP\nQTNRSEV6NXR1b1lUZk9RVjhBbW5WREkKLS0tIGVYRFZnK2x5MWx0WTdXanhCdTFr\nWVFTVWFYNnF1anZEOWtyT296cnA0b1EKY6KcgefJDOnyVbs3C5USwAfrA3vihfh7\nxxYdIFffyxq6N3+8k2VXg9FSeY6wAKdQuNg/08bNuz4O9tcaGSozug==\n-----END AGE ENCRYPTED FILE-----\n"
-			}
-		],
-		"lastmodified": "2024-11-04T02:46:42Z",
-		"mac": "ENC[AES256_GCM,data:DLeiPKDuOLmylGu7d9pkeIPcPgz92zJ8j5SfOJOkV6k9FogMMxqqoOtg9BmvkyVh0AMO7PGcK/RLd7e2xvjr6g1AUMf8qywYZL3XDxKGr5yZJNldTQOssThvbMAny/ubyNsULTL54adqBV6MikfUd3mRSAV4Quj+yZkKtAuBgOE=,iv:uM0F+bpSAz8p8d33pRtvZGSejTtrCOl4+WHNUAzpLBI=,tag:sTMQuwVV8Ds/Gw2VkOh0Pg==,type:str]",
-		"pgp": [
-			{
-				"created_at": "2024-11-04T02:46:42Z",
-				"enc": "-----BEGIN PGP MESSAGE-----\n\nhQIMAwAAAAAAAAAAAQ/+LWksDzEz7A95gEXPailyDpngtQovg1dTKv9nMJMYo+hr\nnOS1iR0nITg5Ihantt9DEU18OzEEROZr4skAXoel/qP6GEstIHCA1BpzwTdn5QMC\nVCmOGgbjMFoXoCkgyPaUmclNnyZNldODALTmJ+vtY+7457kXCcnBXY4rd9lJNQ9I\n3l8jx9seQFSixA+8rhl5UnBQeGBCT1cMmNiLIr42tMLI9gQgKGbceTQ5AT5Exjks\nLy9IetYwq+VuyJDUnowgK1ZP92DrUVqalpWa2ZdVN3qSGSFEjUZjwKIkCObyu4Zr\nRU8T8VBi2pNAQuVRrpK1WC6TkoMC3QqoMimn8UAlYnpmuRvmJvksHbW3cqx5WxOx\nlWPI9JfyYhzXbzMxTdFUQ1TN6OT4OAPU5fQ59ivPJKqDxKKziauER1kXvwlaVkLR\n1l55HtzOwukJKXigNwxEHZPJzOnM8q+r//XDY4uEDAqogQGw7cFENEn9R/GZQ45c\nZnKBphx2va+6SweAa//w47DCdITLawb4VFOAeIf1m6dx5SY4aEIPefdz7bjwGqRC\nCdLsyrt6maQoJxz6odPOeuKwgoRIigH08FQrTR5VWEHH2bWouXsNfpl4FNRzSb/T\nm0bVKblFDiOcFVMk0roJBx8spm6PKTxBTVCyFh0EE9bS0eyJNp+LNzQ5mJHfgF/S\nXgHMw5JevU+7LUZkOZlzx1xfOSmKKLbPg+cts43wRQBTWgDdOZIgVigHwH0AdCJ0\niZdCA942v+urI20TKx1jbcnwofSndkzqSs4HGn4338ZyPzRGHrUMDzEfY8cx2Ro=\n=MKO9\n-----END PGP MESSAGE-----",
-				"fp": "78795D9EBD425CBB3E850BC45DF91852CB14CEFF"
-			}
-		],
-		"unencrypted_suffix": "_unencrypted",
-		"version": "3.8.1"
-	}
-}
\ No newline at end of file