diff --git a/configuration.nix b/configuration.nix
index 010c487..625bbfa 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -3,12 +3,12 @@
 {
   imports = [ ./qemu.nix ];
   not-os.nix = true;
+  not-os.simpleStaticIp = true;
   environment.systemPackages = [ pkgs.utillinux ];
   environment.etc = {
     "ssh/authorized_keys.d/root" = {
       text = ''
-        ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC34wZQFEOGkA5b0Z6maE3aKy/ix1MiK1D0Qmg4E9skAA57yKtWYzjA23r5OCF4Nhlj1CuYd6P1sEI/fMnxf+KkqqgW3ZoZ0+pQu4Bd8Ymi3OkkQX9kiq2coD3AFI6JytC6uBi6FaZQT5fG59DbXhxO5YpZlym8ps1obyCBX0hyKntD18RgHNaNM+jkQOhQ5OoxKsBEobxQOEdjIowl2QeEHb99n45sFr53NFqk3UCz0Y7ZMf1hSFQPuuEC/wExzBBJ1Wl7E1LlNA4p9O3qJUSadGZS4e5nSLqMnbQWv2icQS/7J8IwY0M8r1MsL8mdnlXHUofPlG1r4mtovQ2myzOx clever@nixos
-        ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKITUnIETct0d1Ky7iEofM8BV/U9ViuAd72abm26ibhkVKYuLlIvNBtf7+fsyaHR3cc4kmiUz26co4LV2q10HLO7nua7Ry0QhtPvPnpudandB4LbV4ieW1cqcWcPpsM1GssUZhZthbkwLf7h2exojqVj8vqPm5RaBl1eULXaPTldCiSe5ZxNuVbm3qT8Lfc2E3ifKT6A7WqZN00f1+YSnaA9uy0VgVDReDqyujAZaKGUwSa2G8eqzN3guN7VcBZek2p1v1n0EwpFdBxzT3Ncqh5wIYPNn084q5lU13TAjw+tTO7Q059e4HFLaR24w8NT60BrO1dbGYLbjWNri1G3pz root@router
+ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp81f16cQWHn/LJlgH91TO/E9JvRt5GlWYi7FpXlstlZMsTSBrAbkC4P94VSni27N3NzAxldJ+3D5Vm6OBHmdRtZgeMz3exyveBqoqnYhBTDnHJwNQpyZky4p6WjIKM07a7aw1tZstPmHI2PpmGKc6myZL9F8a4iH06LGPuh1dN8pVg1i5b8a4ppNJQLGTjfYUc7ZJBLUMVrIvIXKocBVXoUEerRsuE5rVX8769ogrZ0hbdbRMcHZDotTGkI2dKxv/V1HDGoIAaTsqedUQxibsoknPSHbZUpWtPcyDX3NMIA+r7G0r1Bzjy0b4GOtbl7BjMJDj2vt+3tu37Kz6n/pZ myrl@myrl-lappy
       '';
       mode = "0444";
     };
diff --git a/default.nix b/default.nix
index 6246308..afdb63c 100644
--- a/default.nix
+++ b/default.nix
@@ -6,7 +6,7 @@ let
     _file = ./default.nix;
     key = _file;
     config = {
-      nixpkgs.localSystem = { inherit system; };
+      nixpkgs.system = pkgs.lib.mkDefault system;
     };
   };
   baseModules = [
@@ -15,6 +15,7 @@ let
       ./stage-1.nix
       ./stage-2.nix
       ./runit.nix
+      ./make-iso.nix
       (nixpkgs + "/nixos/modules/system/etc/etc.nix")
       (nixpkgs + "/nixos/modules/system/activation/activation-script.nix")
       (nixpkgs + "/nixos/modules/misc/nixpkgs.nix")
diff --git a/make-iso.nix b/make-iso.nix
new file mode 100644
index 0000000..558dd04
--- /dev/null
+++ b/make-iso.nix
@@ -0,0 +1,174 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  max = x: y: if x > y then x else y;
+
+  # The configuration file for syslinux.
+
+  # Notes on syslinux configuration and UNetbootin compatiblity:
+  #   * Do not use '/syslinux/syslinux.cfg' as the path for this
+  #     configuration. UNetbootin will not parse the file and use it as-is.
+  #     This results in a broken configuration if the partition label does
+  #     not match the specified config.isoImage.volumeID. For this reason
+  #     we're using '/isolinux/isolinux.cfg'.
+  #   * Use APPEND instead of adding command-line arguments directly after
+  #     the LINUX entries.
+  #   * COM32 entries (chainload, reboot, poweroff) are not recognized. They
+  #     result in incorrect boot entries.
+
+  baseIsolinuxCfg = ''
+    SERIAL 0 38400
+    TIMEOUT 10
+    UI vesamenu.c32
+    MENU TITLE NotOS
+    MENU BACKGROUND /isolinux/background.png
+    DEFAULT boot
+
+    LABEL boot
+    MENU LABEL NotOS
+    LINUX /boot/kernel
+    APPEND ${toString config.boot.kernelParams} panic=-1
+    INITRD /boot/initrd
+  '';
+
+  isolinuxCfg = baseIsolinuxCfg;
+  targetArch = if pkgs.stdenv.isi686 then
+    "ia32"
+  else if pkgs.stdenv.isx86_64 then
+    "x64"
+  else
+    throw "Unsupported architecture";
+
+in
+
+{
+  options = {
+
+    isoImage.isoName = mkOption {
+      default = "${config.isoImage.isoBaseName}.iso";
+      description = ''
+        Name of the generated ISO image file.
+      '';
+    };
+
+    isoImage.isoBaseName = mkOption {
+      default = "not-os";
+      description = ''
+        Prefix of the name of the generated ISO image file.
+      '';
+    };
+
+    isoImage.compressImage = mkOption {
+      default = false;
+      description = ''
+        Whether the ISO image should be compressed using
+        <command>bzip2</command>.
+      '';
+    };
+
+    isoImage.volumeID = mkOption {
+      default = "NOTOS_BOOT_CD";
+      description = ''
+        Specifies the label or volume ID of the generated ISO image.
+        Note that the label is used by stage 1 of the boot process to
+        mount the CD, so it should be reasonably distinctive.
+      '';
+    };
+
+    isoImage.contents = mkOption {
+      example = literalExample ''
+        [ { source = pkgs.memtest86 + "/memtest.bin";
+            target = "boot/memtest.bin";
+          }
+        ]
+      '';
+      description = ''
+        This option lists files to be copied to fixed locations in the
+        generated ISO image.
+      '';
+    };
+
+    isoImage.splashImage = mkOption {
+      default = pkgs.fetchurl {
+          url = https://raw.githubusercontent.com/NixOS/not-os-artwork/5729ab16c6a5793c10a2913b5a1b3f59b91c36ee/ideas/grub-splash/grub-not-os-1.png;
+          sha256 = "43fd8ad5decf6c23c87e9026170a13588c2eba249d9013cb9f888da5e2002217";
+        };
+      description = ''
+        The splash image to use in the bootloader.
+      '';
+    };
+  };
+
+  config = {
+    # !!! Hack - attributes expected by other modules.
+    environment.systemPackages = [ ];
+
+    # In stage 1 of the boot, mount the CD as the root FS by label so
+    # that we don't need to know its device.  We pass the label of the
+    # root filesystem on the kernel command line, rather than in
+    # `fileSystems' below.  This allows CD-to-USB converters such as
+    # UNetbootin to rewrite the kernel command line to pass the label or
+    # UUID of the USB stick.  It would be nicer to write
+    # `root=/dev/disk/by-label/...' here, but UNetbootin doesn't
+    # recognise that.
+    boot.kernelParams =
+      [ "root=/cdrom/nix-store.squashfs"
+        # "root=LABEL=${config.isoImage.volumeID}"
+        # "boot.shell_on_fail"
+      ];
+
+    boot.initrd.availableKernelModules = [];
+
+    boot.initrd.kernelModules = [
+      "ata_piix"  # PIIX for VirtualBox
+      "sr_mod"    # CD Device Driver
+      "iso9660"   # CD File System
+      "e1000"     # Network Driver
+      "af_packet" # CONFIG_PACKET
+    ];
+
+    not-os.preMount = ''
+      mkdir -p /cdrom
+      mount -t iso9660 /dev/sr0 /cdrom
+    '';
+
+    # Individual files to be included on the CD, outside of the Nix
+    # store on the CD.
+    isoImage.contents =
+      [ { source = pkgs.substituteAll  {
+            name = "isolinux.cfg";
+            src = pkgs.writeText "isolinux.cfg-in" isolinuxCfg;
+            bootRoot = "/boot";
+          };
+          target = "/isolinux/isolinux.cfg";
+        }
+        { source = "${config.system.build.kernel}/bzImage";
+          target = "/boot/kernel";
+        }
+        { source = "${config.system.build.initialRamdisk}/initrd";
+          target = "/boot/initrd";
+        }
+        { source = config.system.build.squashfs;
+          target = "/nix-store.squashfs";
+        }
+        { source = "${pkgs.syslinux}/share/syslinux";
+          target = "/isolinux";
+        }
+        { source = config.isoImage.splashImage;
+          target = "/isolinux/background.png";
+        }
+        { source = pkgs.writeText "version" "NotOS";
+          target = "/version.txt";
+        }
+      ];
+
+    # Create the ISO image.
+    system.build.isoImage = pkgs.callPackage (pkgs.path + "/nixos/lib/make-iso9660-image.nix") {
+      inherit (config.isoImage) isoName compressImage volumeID contents;
+      bootable = true;
+      bootImage = "/isolinux/isolinux.bin";
+    };
+  };
+}
diff --git a/runit.nix b/runit.nix
index 03ffcad..416759b 100644
--- a/runit.nix
+++ b/runit.nix
@@ -30,10 +30,9 @@ in
     "runit/1".source = pkgs.writeScript "1" ''
       #!${pkgs.stdenv.shell}
       ${lib.optionalString config.not-os.simpleStaticIp ''
-      ip addr add 10.0.2.15 dev eth0
+      ip addr add 192.168.56.15 dev eth0
       ip link set eth0 up
-      ip route add 10.0.2.0/24 dev eth0
-      ip  route add default via 10.0.2.2 dev eth0
+      ip route add 192.168.56.0/24 dev eth0
       ''}
       mkdir /bin/
       ln -s ${pkgs.stdenv.shell} /bin/sh
@@ -44,7 +43,7 @@ in
 
       touch /etc/runit/stopit
       chmod 0 /etc/runit/stopit
-      ${if true then "" else "${pkgs.dhcpcd}/sbin/dhcpcd"}
+      ${pkgs.dhcp}/sbin/dhclient eth1
     '';
     "runit/2".source = pkgs.writeScript "2" ''
       #!/bin/sh
@@ -55,15 +54,16 @@ in
       #!/bin/sh
       echo and down we go
     '';
+
     "service/sshd/run".source = pkgs.writeScript "sshd_run" ''
       #!/bin/sh
       ${pkgs.openssh}/bin/sshd -f ${sshd_config}
     '';
-    "service/rngd/run".source = pkgs.writeScript "rngd" ''
-      #!/bin/sh
-      export PATH=$PATH:${pkgs.rng_tools}/bin
-      exec rngd -r /dev/hwrng
-    '';
+#    "service/rngd/run".source = pkgs.writeScript "rngd" ''
+#      #!/bin/sh
+#      export PATH=$PATH:${pkgs.rng_tools}/bin
+#      exec rngd
+#    '';
     "service/nix/run".source = pkgs.writeScript "nix" ''
       #!/bin/sh
       nix-store --load-db < /nix/store/nix-path-registration
diff --git a/stage-1.nix b/stage-1.nix
index f5db13f..f49e940 100644
--- a/stage-1.nix
+++ b/stage-1.nix
@@ -41,6 +41,7 @@ let
       copy_bin_and_libs $BIN
     done
 
+    copy_bin_and_libs ${pkgs.file}/bin/file
     copy_bin_and_libs ${pkgs.dhcpcd}/bin/dhcpcd
 
     # Copy ld manually since it isn't detected correctly
@@ -158,12 +159,11 @@ let
     if [ $realroot = tmpfs ]; then
       mount -t tmpfs root /mnt/ -o size=1G || exec ${shell}
     else
-      mount $realroot /mnt || exec ${shell}
+      mount $realroot -t iso9660 /mnt || exec ${shell}
     fi
     chmod 755 /mnt/
     mkdir -p /mnt/nix/store/
 
-    
       cat /proc/partitions
       lsblk
       lspci
@@ -188,6 +188,8 @@ let
     plymouth update-root-fs --new-root-dir=/mnt --read-write
     ''}
 
+    ip link
+
     exec env -i $(type -P switch_root) /mnt/ $sysconfig/init
     exec ${shell}
   '';