diff --git a/README.md b/README.md
index 318b3f3..331840d 100644
--- a/README.md
+++ b/README.md
@@ -1 +1,47 @@
-# NixOS configurations of the FabLab Bad Windsheim
+# Nix Gscheits
+
+NixOS configurations of the FabLab Bad Windsheim
+
+## General
+
+This project uses Nix Flakes
+which currently are only available in unstable Nix.
+
+To make the project more accessible to users of stable nix,
+a compatibility layer is provided.
+If you use [direnv](https://direnv.net/),
+a wrapper for unstable nix should transparently be added to the shell.
+This might only work if you are a [trusted user](https://nixos.org/manual/nix/stable/#conf-trusted-users).
+
+Secrets for NixOS machines are managed with sops using [sops-nix](https://github.com/Mic92/sops-nix).
+The gpg keys are stored in `keys`
+and a flake app is provided for conveniently displaying the fingerprint of a stored key:
+`nix run .#showKeyFingerprint machines/raven`
+
+### Directory structure
+
+ * `machines`: NixOS configurations for machines.
+ * `modules`: Modules that either alter default values
+   or add modules that can be enabled via options.
+ * `pkgs`: nixpkgs overlay for packages not in nixpkgs.
+
+## Deployment
+
+The deployment uses [krops](https://github.com/krebs/krops)
+(more precisely [Mic92’s fork with flake support](https://github.com/Mic92/krops)).
+
+If your public key is installed for root on the target system,
+deploying is as easy as `nix run .#deploy/hostname`.
+
+Building a configuration locally is possible by running `nixos-rebuild build --flake .#HOSTNAME`
+or on systems with stable Nix (using the compatibility wrapper) `nix build .#nixosConfigurations.HOSTNAME.config.system.build.toplevel`.
+
+## License
+
+This project is licensed under the MIT license.
+For details, please see the [COPYING](./COPYING) file.
+
+Note: The MIT license does not apply to the built packages or system closures,
+only to the source files in this repository.
+It also might not apply to patches included in this repository,
+which may be derivative works.
diff --git a/machines/raven/README.md b/machines/raven/README.md
new file mode 100644
index 0000000..ff1372d
--- /dev/null
+++ b/machines/raven/README.md
@@ -0,0 +1,22 @@
+# raven
+
+## setup
+
+```bash
+parted -s /dev/sda -- \
+    mktable GPT \
+    mkpart primary fat32 1MiB 1GiB \
+    set 1 esp on \
+    mkpart primary ext2 1GiB 100%
+
+mkfs.vfat -i 0FEAFAF6 /dev/sda1
+
+cryptsetup luksFormat --type luks2 --uuid=ad04bc72-bc84-42e3-856f-152c162ad88c /dev/sda2
+cryptsetup open --type luks2 /dev/sda2 cryptroot
+
+mkfs.btrfs -U 1ac13504-fb49-4739-a0e3-f87a3f840fb1 /dev/mapper/cryptroot
+
+mount -o compress=zstd /dev/mapper/cryptroot /mnt
+mkdir /mnt/boot
+mount /dev/sda1 /mnt/boot
+```
diff --git a/machines/raven/configuration.nix b/machines/raven/configuration.nix
index 1596aa7..01bc59f 100644
--- a/machines/raven/configuration.nix
+++ b/machines/raven/configuration.nix
@@ -33,6 +33,11 @@
         prefixLength = 24;
       }];
     };
+    nat = {
+      enable = true;
+      externalInterface = "jt";
+      internalInterfaces = "labdev";
+    };
   };
 
   i18n.defaultLocale = "en_US.UTF-8";
@@ -55,9 +60,5 @@
 
   services.openssh.enable = true;
 
-  environment.systemPackages = with pkgs; [
-    neovim
-  ];
-
   system.stateVersion = "21.05";
 }