diff --git a/kube1.nix b/kube1.nix
new file mode 100644
index 0000000..1236a83
--- /dev/null
+++ b/kube1.nix
@@ -0,0 +1,46 @@
+with import <nixpkgs> {};
+let
+  pki = pkgs.callPackage ./lib/pki.nix {};
+  certs = {
+    ca = pki.ca;
+    apiserver = pki.apiserver ''
+          "10.253.18.109",
+          "10.0.0.1",
+          "127.0.0.1",
+          "kubernetes",
+          "etcd0",
+          "k1-0"
+        '';
+    kube-proxy = pki.kube-proxy;
+    admin = pki.admin;
+    etcd = pki.etcd ''
+        "etcd0",
+        "etcd1",
+        "10.253.18.109",
+        "10.253.18.110",
+        "127.0.0.1"
+      '';
+      k1-0 = pki.worker { name = "k1-0"; ip = "10.253.18.109"; };
+      k1-1 = pki.worker { name = "k1-1"; ip = "10.253.18.110"; };
+  };
+  cluster = callPackage ./lib/k8s.nix {
+    masterNode = "10.253.18.109";
+    etcdNodes = [ "etcd0" "etcd1" ];
+    clusterHosts = ''
+          10.253.18.109 k1-0 etcd0 kubernetes fs0-2
+          10.253.18.110 k1-1 etcd1
+          10.253.18.106 fs0-0
+          10.1.2.164    fs0-1
+          10.253.18.100 k0-0
+    '';
+    inherit certs;
+  };
+in
+{
+  k1-0 = { ... }:
+  {
+    require = [ (cluster.apiserver "10.253.18.109" "k1-0" "etcd0") ];
+    services.dnsmasq.enable = true;
+  };
+  k1-1 = cluster.server "10.253.18.110" "k1-1" "etcd1";
+}