diff --git a/server-0.bu b/server-0.bu
index 5deae3a..7f3199a 100644
--- a/server-0.bu
+++ b/server-0.bu
@@ -5,10 +5,52 @@ passwd:
     - name: core
       ssh_authorized_keys:
         - ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1
-storage:
+systemd:
+  units:
+    - name: adguardhome.service
+      enabled: true
+      contents: |
+        [Unit]
+        Description=AdGuardHome
+        After=network-online.target
+        Wants=network-online.target
+
+        [Service]
+        TimeoutStartSec=0
+        ExecStartPre=-/bin/podman kill adguardhome
+        ExecStartPre=-/bin/podman rm adguardhome
+        ExecStartPre=/bin/podman pull adguard/adguardhome
+        ExecStart=docker run \
+          --name adguardhome \
+          --restart unless-stopped \
+          -v /my/own/workdir:/opt/adguardhome/work \
+          -v /my/own/confdir:/opt/adguardhome/conf \
+          -p 53:53/tcp -p 53:53/udp \
+          -p 67:67/udp -p 68:68/udp \
+          -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp \
+          -p 853:853/tcp \
+          -p 784:784/udp -p 853:853/udp -p 8853:8853/udp \
+          -p 5443:5443/tcp -p 5443:5443/udp \
+          -d adguard/adguardhome
+
+        [Install]
+        WantedBy=multi-user.targetstorage:
   files:
     - path: /etc/hostname
       mode: 0644
       contents:
         inline: server-0
-    
\ No newline at end of file
+  luks:
+    - name: data
+      device: /dev/vdb
+  filesystems:
+    - path: /var/lib/data
+      device: /dev/mapper/data
+      format: btrfs
+      label: DATA
+      with_mount_unit: true
+    - path: /var/lib/data
+      device: /dev/disk/by-id/coreos-boot-disk
+      format: ext4
+      label: BOOT
+      with_mount_unit: true
diff --git a/server-0.ign b/server-0.ign
index baf26f6..75ec322 100644
--- a/server-0.ign
+++ b/server-0.ign
@@ -1 +1 @@
-{"ignition":{"version":"3.3.0"},"passwd":{"users":[{"name":"core","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1"]}]},"storage":{"files":[{"path":"/etc/hostname","contents":{"compression":"","source":"data:,server-0"},"mode":420}]}}
+{"ignition":{"version":"3.3.0"},"passwd":{"users":[{"name":"core","sshAuthorizedKeys":["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDR7q2FfdizNkvel66N/jHcwlEA8R5JEOneKXshMWqkX jeff@station-1"]}]},"systemd":{"units":[{"contents":"[Unit]\nDescription=AdGuardHome\nAfter=network-online.target\nWants=network-online.target\n\n[Service]\nTimeoutStartSec=0\nExecStartPre=-/bin/podman kill adguardhome\nExecStartPre=-/bin/podman rm adguardhome\nExecStartPre=/bin/podman pull adguard/adguardhome\nExecStart=docker run \\\n  --name adguardhome \\\n  --restart unless-stopped \\\n  -v /my/own/workdir:/opt/adguardhome/work \\\n  -v /my/own/confdir:/opt/adguardhome/conf \\\n  -p 53:53/tcp -p 53:53/udp \\\n  -p 67:67/udp -p 68:68/udp \\\n  -p 80:80/tcp -p 443:443/tcp -p 443:443/udp -p 3000:3000/tcp \\\n  -p 853:853/tcp \\\n  -p 784:784/udp -p 853:853/udp -p 8853:8853/udp \\\n  -p 5443:5443/tcp -p 5443:5443/udp \\\n  -d adguard/adguardhome\n\n[Install]\nWantedBy=multi-user.targetstorage:\n","enabled":true,"name":"adguardhome.service"}]}}