diff --git a/.sops.yaml b/.sops.yaml
index ad0aeb5..af24c65 100644
--- a/.sops.yaml
+++ b/.sops.yaml
@@ -1,12 +1,14 @@
 keys:
   - &katana age18ujjw92tm6vpcpgqqky7dzg3yvzm9nytgzeptkfhtz5jhdskcdpsgmv0vs
   - &bomba age1ynu6zhhy84rr5xqce0flp25x5tnfgskesxfe39u7ewsk900fvagq9sq0lx
+  - &frog age1xfr76wj2hzz9mkxxce5qxgr2n72zsypatzhgl2fxgsh408wdzsaq39wt9z
 creation_rules:
   - path_regex: secrets/default.sops.yaml
     key_groups:
       - age:
         - *katana
         - *bomba
+        - *frog
   - path_regex: secrets/bomba.sops.yaml
     key_groups:
       - age:
diff --git a/flake.nix b/flake.nix
index dc336e8..1329d8d 100644
--- a/flake.nix
+++ b/flake.nix
@@ -86,5 +86,13 @@
           nixflix.nixosModules.default
         ];
       };
+      nixosConfigurations."frog" = mkSystem "frog" {
+        system = "x86_64-linux";
+        user = username;
+        email = personalEmail;
+        workSystem = true;
+        desktopEnvironment = "gnome";
+        enableZram = true;
+      };
     };
 }
diff --git a/machines/frog/configuration.nix b/machines/frog/configuration.nix
new file mode 100644
index 0000000..c1b4811
--- /dev/null
+++ b/machines/frog/configuration.nix
@@ -0,0 +1,59 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [ # Include the results of the hardware scan.
+      ./hardware-configuration.nix
+    ];
+
+  boot.loader.grub.enable = true;
+  boot.loader.grub.device = "/dev/vda";
+  boot.loader.grub.useOSProber = true;
+
+  networking.hostName = "frog"; # Define your hostname.
+
+  networking.networkmanager.enable = true;
+
+  time.timeZone = "Europe/Rome";
+
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "it_IT.UTF-8";
+    LC_IDENTIFICATION = "it_IT.UTF-8";
+    LC_MEASUREMENT = "it_IT.UTF-8";
+    LC_MONETARY = "it_IT.UTF-8";
+    LC_NAME = "it_IT.UTF-8";
+    LC_NUMERIC = "it_IT.UTF-8";
+    LC_PAPER = "it_IT.UTF-8";
+    LC_TELEPHONE = "it_IT.UTF-8";
+    LC_TIME = "it_IT.UTF-8";
+  };
+
+  services.xserver.enable = true;
+
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+
+  services.xserver.xkb = {
+    layout = "us";
+    variant = "";
+  };
+  services.printing.enable = true;
+  services.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+  };
+  environment.systemPackages = with pkgs; [
+  ];
+  system.stateVersion = "25.11"; # Did you read the comment?
+
+}
diff --git a/machines/frog/default.nix b/machines/frog/default.nix
new file mode 100644
index 0000000..6f3fc87
--- /dev/null
+++ b/machines/frog/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+	imports = [
+		./configuration.nix
+	];
+}
diff --git a/machines/frog/hardware-configuration.nix b/machines/frog/hardware-configuration.nix
new file mode 100644
index 0000000..eb0c7c2
--- /dev/null
+++ b/machines/frog/hardware-configuration.nix
@@ -0,0 +1,26 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/profiles/qemu-guest.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/b3a05e5f-6394-4115-b206-8fb51c235067";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/c94fa719-f29a-41bb-8e85-e186fe96846c"; }
+    ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+}
diff --git a/secrets/default.sops.yaml b/secrets/default.sops.yaml
index 682db81..4bfe382 100644
--- a/secrets/default.sops.yaml
+++ b/secrets/default.sops.yaml
@@ -2,24 +2,33 @@ wifi_password: ENC[AES256_GCM,data:7plUlREKK8mNdWGhlTG5+3ICFqZq+hBp6aHz1mrLbOm9x
 user_password: ENC[AES256_GCM,data:oRb4aO3iby+cA5YU5cyCeyOeSzZqd58/WozcHrK00VSHG01OnUZqpWbBa6zIm43UqfoZUM7IScWQZcWPbVR6t4H/uErZbZi2dQ==,iv:UzoJS290MWP7E/A1todnmyiNV3C8f5lg5h1Tf81QSPA=,tag:rvGNdn2I2TxVX8xDpDe/Vw==,type:str]
 sops:
     age:
-        - recipient: age18ujjw92tm6vpcpgqqky7dzg3yvzm9nytgzeptkfhtz5jhdskcdpsgmv0vs
-          enc: |
+        - enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvM3dublNrNkQ2dlpJQUVP
-            MVE4c1hwdksyN3BtL1pWRXBISS9yaDRkNmhnCm5EQW4wTXZNQWxIYkhNVjh5TWFO
-            cGJGRHFBekwzMUJWZzc2NCtTNDV2ckEKLS0tIDJpN0UyK0sraExiOVk1UTN2dUEw
-            ZjVBVUpBekJOaTZraEtWdEx2QU9VSWsKql10qo6BZUPZw/oXDQV0AlEihQnOi9Qd
-            f4gtZWBFpy5EUXolgtbbJH0LPwKhi7hVvQk/PkOGq11jNnA6PQJ93w==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2QjFrS0Zhbm9KRk1VUy9h
+            MjNxMXU0UFB0MzZkeG1NV2hEN0lNcnBVczNvCitFWjk5ellheEpsUE16ZE8rbkZa
+            QmtZUm51bHpyOGFGcDdscENZckh2SGcKLS0tIEJKVHNPY0hvRStCdjl5bDNjWmxx
+            MlhmSFREVEdmaHhnb2lneWdPK0trK0UKyLnmxyb+1D4Rg40Vdt5j0ChSWDXc8Ft3
+            UCIXrOebQlaJjbO3B8I2HkuOUtwg/SrljTa6SFwMlY2gZOhneEn/8g==
             -----END AGE ENCRYPTED FILE-----
-        - recipient: age1ynu6zhhy84rr5xqce0flp25x5tnfgskesxfe39u7ewsk900fvagq9sq0lx
-          enc: |
+          recipient: age18ujjw92tm6vpcpgqqky7dzg3yvzm9nytgzeptkfhtz5jhdskcdpsgmv0vs
+        - enc: |
             -----BEGIN AGE ENCRYPTED FILE-----
-            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBPN2R4cFZpOFlLcG4zVmlm
-            ZGF3MW9sb1NHOEhZY0UxNzF0TVIxanZHSFhFCkZYR01lUGFZaW9tbXhFZjg3UFB4
-            dUhZNEduNUt3elFwSFRGYVF0Z3BZVWcKLS0tIC9oOUhER0JxWjg2OUhmTTI1ellE
-            NDN3c1J1dVcvY21uOUYrVFZMVXZXUTQK8GFPONewI3mzyG9Eh8PSjGVETsslyHiy
-            ud/QT1fJFbjZzbKHu2RsFNYukLuoEodQ5t9ccGfWCpSfgddNXjGtHg==
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvQkJQZVgrcW05TEEyYmRV
+            VjFuVW9nVFIzcVc5ZnpPQm1rRThPQ3d1RTNNCnhmUjc2RkxSNU81dXUwbWM3RGpM
+            ZWZSNng0eDFoN0w0eDFia05mKzZqNGcKLS0tIGVIU2JMZXBIelFScWJGR2pCdWN4
+            akYvWXFVbXl6a0syY2FNdGhpSExKbGMKRzJDY2JPQoLG2MutoqQKzDfTT06QbsQz
+            aukZRfGNouysaBvrXU7uasJ9KRvJQXjFRI/JRmkWicYR8oxXbkgSeQ==
             -----END AGE ENCRYPTED FILE-----
+          recipient: age1ynu6zhhy84rr5xqce0flp25x5tnfgskesxfe39u7ewsk900fvagq9sq0lx
+        - enc: |
+            -----BEGIN AGE ENCRYPTED FILE-----
+            YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzb2laTm13VTRBeUpaS0VK
+            ZEUzL1g0M1A2ZzJudytPUnU2czNzbWdDMkhNCjVjOHBzcE8wQXdWZmt1eVl6VzBJ
+            bkhHMUczdG9sbCtMNVNUbDcraWovV2MKLS0tIEtuQ29rQk9PY0ZVTytMVGRGNGVt
+            dytEdkxoS3NtOFR0bHd0dmFUbEJ5b3cKju79g7jKN+m11YKHqTK+sNzXaw9j/gCI
+            EFS3/WCaFB4VI4olS0uzDsnsBzBywzgj/RTVwXYagzDkIqH2CAXRsw==
+            -----END AGE ENCRYPTED FILE-----
+          recipient: age1xfr76wj2hzz9mkxxce5qxgr2n72zsypatzhgl2fxgsh408wdzsaq39wt9z
     lastmodified: "2026-03-07T16:01:24Z"
     mac: ENC[AES256_GCM,data:Ni5qtsBcjKj9R2g78rdzd7+4tBL20SsU6aD5YZII/jaxjFxwFeVzfXuJruLnq3bEUiZShzOBVCc7gUi/6DaaluhXfltwwywu0QjJkPxfpGtQ7gmmiSDQAItwmj+9bJ/BFjx6ViBI/Vi1hnSRsS/gr1K0QkAzCT0JRehWi2HwnE4=,iv:rHWCfNa2hR6kB7lGB/VhPlB7MexgSFyWl5xyteQC3sk=,tag:6vBjVUIJLKDkJ7hjbkQXKw==,type:str]
     unencrypted_suffix: _unencrypted