diff --git a/modules/nixos/my_k3s/default.nix b/modules/nixos/my_k3s/default.nix
index 6c84962..77c74cc 100644
--- a/modules/nixos/my_k3s/default.nix
+++ b/modules/nixos/my_k3s/default.nix
@@ -5,7 +5,6 @@
   ...
 }:
 let
-  cfg = config.my_k3s;
   inherit (lib)
     mkEnableOption
     mkIf
@@ -21,8 +20,11 @@ in
       type = types.nonEmptyStr;
     };
     role = mkOption {
-      type = types.nonEmptyStr;
-      default = "server";
+      type = types.enum [
+        "server"
+        "agent"
+      ];
+      default = "agent";
     };
     clusterInit = mkOption {
       type = types.bool;
@@ -32,6 +34,12 @@ in
       type = types.nonEmptyStr;
       default = "server";
     };
+    nodeIp = mkOption {
+      type = types.nonEmptyStr;
+    };
+    iface = mkOption {
+      type = types.nonEmptyStr;
+    };
     extraFlags = mkOption {
       type = types.listOf types.str;
       default = [ ];
@@ -40,38 +48,40 @@ in
       type = types.bool;
       default = false;
     };
-
   };
 
-  config = mkIf cfg.enable (mkMerge [
-    {
-      services.k3s = {
-        enable = true;
-        role = cfg.role;
-        tokenFile = cfg.tokenFile;
-        clusterInit = cfg.clusterInit;
-        serverAddr = cfg.serverAddr;
-        extraFlags = cfg.extraFlags;
-      };
-      environment.systemPackages = [ pkgs.nfs-utils ];
-      services.openiscsi = {
-        enable = true;
-        name = "iqn.2016-04.com.open-iscsi:${config.networking.hostName}";
-      };
-      systemd.tmpfiles.rules = [
-        "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
-      ];
-    }
-    (mkIf cfg.nvidia {
-      hardware.nvidia-container-toolkit.enable = true;
-      hardware.nvidia-container-toolkit.mount-nvidia-executables = true;
-      # virtualisation.docker = {
-      #   enable = true;
-      #   enableNvidia = true;
-      # };
-      environment.systemPackages = with pkgs; [
-        nvidia-container-toolkit
-      ];
-    })
-  ]);
+  config =
+    let
+      cfg = config.my_k3s;
+      is_server = cfg.role == "server";
+    in
+    mkIf cfg.enable (mkMerge [
+      {
+        services.k3s = {
+          enable = true;
+          role = cfg.role;
+          tokenFile = cfg.tokenFile;
+          clusterInit = is_server && cfg.clusterInit;
+          serverAddr = cfg.serverAddr;
+          extraFlags = [
+            "--node-ip ${cfg.nodeIp}"
+            "--flannel-iface ${cfg.iface}"
+          ]
+          ++ cfg.extraFlags;
+        };
+        environment.systemPackages = [ pkgs.nfs-utils ];
+        services.openiscsi = {
+          enable = true;
+          name = "iqn.2016-04.com.open-iscsi:${config.networking.hostName}";
+        };
+        systemd.tmpfiles.rules = [
+          "L+ /usr/local/bin - - - - /run/current-system/sw/bin/"
+        ];
+      }
+      (mkIf cfg.nvidia {
+        hardware.nvidia-container-toolkit.enable = true;
+        hardware.nvidia-container-toolkit.mount-nvidia-executables = true;
+        environment.systemPackages = [ pkgs.nvidia-container-toolkit ];
+      })
+    ]);
 }
diff --git a/systems/x86_64-linux/penguin/default.nix b/systems/x86_64-linux/penguin/default.nix
index 7d7c4b8..976209e 100644
--- a/systems/x86_64-linux/penguin/default.nix
+++ b/systems/x86_64-linux/penguin/default.nix
@@ -37,10 +37,8 @@ in
       tokenFile = config.age.secrets.k3s.path;
       clusterInit = false;
       serverAddr = "https://10.222.0.13:6443";
-      extraFlags = [
-        "--node-ip 10.222.0.249"
-        "--flannel-iface ztxh6lvd6t"
-      ];
+      nodeIp = "10.222.0.249";
+      iface = "ztxh6lvd6t";
       nvidia = true;
     };
     networking.hostName = "penguin";