diff --git a/flake/hosts.nix b/flake/hosts.nix
index 0145f9c7..e144cf5d 100644
--- a/flake/hosts.nix
+++ b/flake/hosts.nix
@@ -95,6 +95,10 @@ in {
       name = "dfw0";
       system = "x86_64-linux";
     })
+    (mkHost {
+      name = "hkg2";
+      system = "x86_64-linux";
+    })
     (mkHost {
       name = "fra1";
       system = "x86_64-linux";
diff --git a/nixago/sops-yaml.nix b/nixago/sops-yaml.nix
index 0cafefa3..1b96169d 100644
--- a/nixago/sops-yaml.nix
+++ b/nixago/sops-yaml.nix
@@ -27,7 +27,15 @@
       key = "age1tvfl7y78hv2egs45nqtp7nlydqrrq2twjr47m2028lh68qtqwuxs9wxk3v";
       owned = true;
     };
+    fra1 = {
+      key = "age15l3xz5gddpnml7us007rfd97ntvj60vdezj9gz729z5j20m864dqh07tey";
+      owned = true;
+    };
   };
+    dfw0 = {
+      key = "age1t8qhcsypu2q8n2dnc5ga08dnvdscem764e2eyfgvq5mmja66m5aq003sl2";
+      owned = true;
+    };
   ownedHostKeys = lib.mapAttrsToList (_: cfg: cfg.key) (lib.filterAttrs (_: cfg: cfg.owned) hosts);
   allHostKeys = lib.mapAttrsToList (_: cfg: cfg.key) hosts;
 
diff --git a/nixos/hosts/hkg2/default.nix b/nixos/hosts/hkg2/default.nix
new file mode 100644
index 00000000..e9ff2cb4
--- /dev/null
+++ b/nixos/hosts/hkg2/default.nix
@@ -0,0 +1,21 @@
+{
+  nixosModules,
+  lib,
+  ...
+}: {
+  imports =
+    nixosModules.cloud.all
+    ++ nixosModules.users.tippy.all
+    ++ nixosModules.services.mail.all
+    ++ [
+      ./hardware-configuration.nix
+      nixosModules.services.traefik
+      nixosModules.services.derp
+      nixosModules.services.proxy
+      nixosModules.services.tuic
+      nixosModules.services.searx
+      nixosModules.services.rustdesk
+      nixosModules.services.sogo
+    ];
+  nix.gc.options = lib.mkForce "-d";
+}
diff --git a/nixos/hosts/hkg2/hardware-configuration.nix b/nixos/hosts/hkg2/hardware-configuration.nix
new file mode 100644
index 00000000..3abe9c60
--- /dev/null
+++ b/nixos/hosts/hkg2/hardware-configuration.nix
@@ -0,0 +1,34 @@
+{
+  lib,
+  modulesPath,
+  ...
+}: {
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot.initrd.availableKernelModules = ["ata_piix" "virtio_pci" "virtio_scsi" "sr_mod" "virtio_blk"];
+  # utils.disk = "/dev/sda";
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  networking = {
+    # useDHCP = false;
+    # useNetworkd = true;
+    interfaces.eth0 = {
+      useDHCP = false;
+      ipv4.addresses = [
+        {
+          address = "123.254.105.134";
+          prefixLength = 24;
+        }
+      ];
+    };
+    defaultGateway = "123.254.105.158";
+  };
+
+  swapDevices = [
+    {
+      device = "/swap/swapfile";
+      size = 4096;
+    }
+  ];
+}
diff --git a/terraform/hosts.tf b/terraform/hosts.tf
index c3a76356..a9a23d00 100644
--- a/terraform/hosts.tf
+++ b/terraform/hosts.tf
@@ -62,6 +62,19 @@ locals {
       endpoints_v4 = []
       endpoints_v6 = []
     }
+    hkg2 = {
+      records = {
+        a = {
+          proxied = false
+          type    = "A"
+          value   = "123.254.105.134"
+        }
+      }
+      ddns_records = {}
+      host_indices = [5]
+      endpoints_v4 = []
+      endpoints_v6 = []
+    }
     isk = {
       records = {}
       ddns_records = {