diff --git a/hosts/common/optional/monitoring.nix b/hosts/common/optional/monitoring.nix
new file mode 100644
index 0000000..f4e0c38
--- /dev/null
+++ b/hosts/common/optional/monitoring.nix
@@ -0,0 +1,39 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}: {
+  environment.systemPackages = with pkgs; [
+    ipmitool
+    lm_sensors
+  ];
+  networking.firewall.allowedTCPPorts = [
+    config.services.prometheus.exporters.node.port
+    config.services.prometheus.exporters.zfs.port
+    config.services.prometheus.exporters.smartctl.port
+    config.services.prometheus.exporters.ipmi.port
+  ];
+  services.prometheus = {
+    exporters = {
+      node = {
+        enable = true;
+        enabledCollectors = ["systemd"];
+        disabledCollectors = ["textfile"];
+        port = 9001;
+      };
+      zfs = {
+        enable = true;
+        port = 9002;
+      };
+      smartctl = {
+        enable = true;
+        port = 9003;
+      };
+      ipmi = {
+        enable = true;
+        port = 9004;
+      };
+    };
+  };
+}
diff --git a/hosts/common/optional/samba.nix b/hosts/common/optional/samba.nix
index b6d0c05..ce945c7 100644
--- a/hosts/common/optional/samba.nix
+++ b/hosts/common/optional/samba.nix
@@ -28,7 +28,7 @@
       printcap name = /dev/null
       guest account = nobody
       map to guest = bad user
-      hosts allow = 10.0.7. 10.0.2. 10.2.0. 127.0.0.1 localhost
+      hosts allow = 10.0.7. 10.0.2. 10.2.0. 100.64. 127.0.0.1 localhost
       hosts deny = 0.0.0.0/0
       vfs objects = catia fruit streams_xattr
       fruit:nfs_aces = no
diff --git a/hosts/common/optional/zfs.nix b/hosts/common/optional/zfs.nix
index 51e9374..f9a3a36 100644
--- a/hosts/common/optional/zfs.nix
+++ b/hosts/common/optional/zfs.nix
@@ -5,12 +5,13 @@
 }: {
   boot.supportedFilesystems = [ "zfs" ]; # Enable ZFS support
   boot.zfs.requestEncryptionCredentials = true; # If you're using ZFS encryption, set this to true to prompt for encryption passwords at boot
-  boot.zfs.extraPools = ["tank-test" "ssdtank-test"];
 
   services.zfs.autoScrub = {
     enable = true; # Enable automatic ZFS scrubbing
     interval = "monthly"; # Set the scrubbing interval to 1 month
   };
 
+  services.zfs.trim.enable = true;
+
   environment.systemPackages = with pkgs; [ zfs ]; # Install the ZFS package
 }
diff --git a/hosts/nas/default.nix b/hosts/nas/default.nix
index fa5e5a6..687b28c 100644
--- a/hosts/nas/default.nix
+++ b/hosts/nas/default.nix
@@ -12,6 +12,7 @@
     ../common/nixos/users/nix
     ../common/optional/avahi.nix
     ../common/optional/fish.nix
+    ../common/optional/monitoring.nix
     ../common/optional/nfs.nix
     ../common/optional/reboot-required.nix
     ../common/optional/samba.nix
@@ -37,7 +38,11 @@
       # isNormalUser = true;
     };
   };
+
+  boot.zfs.extraPools = ["tank-test" "ssdtank-test"];
+
   services.smartd.enable = true;
+
   environment.systemPackages = with pkgs; [
     ipmitool
     lshw
diff --git a/hosts/nas/hardware-configuration.nix b/hosts/nas/hardware-configuration.nix
index d6a7eb1..042679d 100644
--- a/hosts/nas/hardware-configuration.nix
+++ b/hosts/nas/hardware-configuration.nix
@@ -12,8 +12,7 @@
   boot.kernelModules = ["kvm-intel usb_storage"];
   boot.extraModulePackages = [];
 
-  # TODO: not certain we actually need to blacklist i915 here..
-  boot.kernelParams = [ "i915.disable_display=1" "module_blacklist=i915" ];
+  boot.kernelParams = [ "i915.disable_display=1" ];
 
   virtualisation.kvmgt.vgpus = {
     "i915-GVTg_V5_8" = {