diff --git a/secrets b/secrets
index 0fe6463..a4e26dd 160000
--- a/secrets
+++ b/secrets
@@ -1 +1 @@
-Subproject commit 0fe64633aeb7ac8dee086865d94121a6db17348e
+Subproject commit a4e26dd9dfe8c9e44dc1d5070b0b76da425958c8
diff --git a/systems/tahina/home-assistant.nix b/systems/tahina/home-assistant.nix
deleted file mode 100644
index 7ce601f..0000000
--- a/systems/tahina/home-assistant.nix
+++ /dev/null
@@ -1,39 +0,0 @@
-{config, ...}: let
-  port = 8123;
-  inherit (import ../../lib) restic;
-  volumeName = "home-assistant";
-in {
-  networking.firewall.allowedTCPPorts = [port];
-
-  services.nginx.virtualHosts."home.kmein.r" = {
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:${toString port}";
-    };
-  };
-
-  services.restic.backups.niveum = {
-    initialize = true;
-    inherit (restic) repository;
-    timerConfig = {
-      OnCalendar = "daily";
-      RandomizedDelaySec = "1h";
-    };
-    passwordFile = config.age.secrets.restic.path;
-    paths = [
-      "/var/lib/containers/storage/volumes/${volumeName}"
-    ];
-  };
-
-  virtualisation.oci-containers = {
-    backend = "podman";
-    containers.homeassistant = {
-      volumes = ["${volumeName}:/config"];
-      environment.TZ = "Europe/Berlin";
-      image = "ghcr.io/home-assistant/home-assistant:stable";
-      extraOptions = [
-        "--network=host"
-        "--device=/dev/ttyACM0:/dev/ttyACM0" # Example, change this to match your own hardware
-      ];
-    };
-  };
-}
diff --git a/systems/tahina/atuin.nix b/systems/zaatar/atuin.nix
similarity index 100%
rename from systems/tahina/atuin.nix
rename to systems/zaatar/atuin.nix
diff --git a/systems/tahina/backup.nix b/systems/zaatar/backup.nix
similarity index 100%
rename from systems/tahina/backup.nix
rename to systems/zaatar/backup.nix
diff --git a/systems/zaatar/configuration.nix b/systems/zaatar/configuration.nix
index 6e17b33..d62761e 100644
--- a/systems/zaatar/configuration.nix
+++ b/systems/zaatar/configuration.nix
@@ -91,5 +91,5 @@ in {
     retiolum = retiolumAddresses.zaatar;
   };
 
-  system.stateVersion = "22.05";
+  system.stateVersion = "23.11";
 }
diff --git a/systems/zaatar/hardware-configuration.nix b/systems/zaatar/hardware-configuration.nix
index f43a0e6..4cb0be8 100644
--- a/systems/zaatar/hardware-configuration.nix
+++ b/systems/zaatar/hardware-configuration.nix
@@ -22,16 +22,18 @@
 
   fileSystems = {
     "/" = {
-      device = "/dev/disk/by-label/nixos";
+      device = "/dev/disk/by-uuid/5dcaa7fe-08e7-46a6-ac93-b267eeb144eb";
       fsType = "ext4";
     };
     "/boot" = {
-      device = "/dev/disk/by-label/boot";
+      device = "/dev/disk/by-uuid/CE3B-F4C6";
       fsType = "vfat";
     };
   };
 
-  swapDevices = [{device = "/dev/disk/by-label/swap";}];
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/7b2a3e4c-e53f-4c53-b599-b6d6cff49f1f"; }
+    ];
 
   nix.settings.max-jobs = lib.mkDefault 4;
   powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
diff --git a/systems/zaatar/home-assistant.nix b/systems/zaatar/home-assistant.nix
new file mode 100644
index 0000000..998ce7d
--- /dev/null
+++ b/systems/zaatar/home-assistant.nix
@@ -0,0 +1,90 @@
+{config, pkgs, lib, ...}: let
+  port = 8123;
+  inherit (import ../../lib) restic;
+  volumeName = "home-assistant";
+  streams = import ../../lib/streams.nix {
+    di-fm-key = "%DI_FM_KEY%"; # TODO lib.strings.fileContents <secrets/di.fm/key>;
+  };
+  playlistDirectoryPath = "/var/lib/mpd/playlists";
+in {
+  networking.firewall.allowedTCPPorts = [port];
+
+  services.nginx.virtualHosts."home.kmein.r" = {
+    locations."/" = {
+      proxyPass = "http://127.0.0.1:${toString port}";
+    };
+  };
+
+  services.restic.backups.niveum = {
+    initialize = true;
+    inherit (restic) repository;
+    timerConfig = {
+      OnCalendar = "daily";
+      RandomizedDelaySec = "1h";
+    };
+    passwordFile = config.age.secrets.restic.path;
+    paths = [
+      "/var/lib/containers/storage/volumes/${volumeName}"
+    ];
+  };
+
+  age.secrets = {
+    di-fm-key.file = ../../secrets/di-fm-key.age;
+  };
+
+  systemd.services.mpd-playlists = {
+    before = ["podman-homeassistant.service"];
+    wantedBy = ["podman-homeassistant.service"];
+    script = let
+      tags = lib.lists.unique (lib.concatMap ({tags ? [], ...}: tags) streams);
+      tagStreams = tag: lib.filter ({tags ? [], ...}: lib.elem tag tags) streams;
+      makePlaylist = name: streams: pkgs.writeText "${name}.m3u" (lib.concatMapStringsSep "\n" (lib.getAttr "stream") streams);
+      playlistDirectory = pkgs.linkFarm "playlists" (
+        [
+          {
+            name = "all.m3u";
+            path = makePlaylist "all" streams;
+          }
+        ]
+        ++ map (tag: {
+          name = "${tag}.m3u";
+          path = makePlaylist tag (tagStreams tag);
+        })
+        tags
+      );
+    in ''
+      mkdir -p ${playlistDirectoryPath}
+
+      export DI_FM_KEY="$(cat "$CREDENTIALS_DIRECTORY/di-fm-key")"
+
+      rm -rf ${playlistDirectoryPath}
+      mkdir ${playlistDirectoryPath}
+
+      for m3u in $(ls ${playlistDirectory})
+      do
+        ${pkgs.gnused}/bin/sed s/%DI_FM_KEY%/"$DI_FM_KEY"/g ${playlistDirectory}/"$m3u" > ${playlistDirectoryPath}/"$(basename "$m3u")"
+      done
+    '';
+    serviceConfig = {
+      LoadCredential = [
+        "di-fm-key:${config.age.secrets.di-fm-key.path}"
+      ];
+    };
+  };
+
+  virtualisation.oci-containers = {
+    backend = "podman";
+    containers.homeassistant = {
+      volumes = [
+        "${volumeName}:/config"
+        "${playlistDirectoryPath}:/media"
+      ];
+      environment.TZ = "Europe/Berlin";
+      image = "ghcr.io/home-assistant/home-assistant:stable";
+      extraOptions = [
+        "--network=host"
+        "--device=/dev/ttyACM0:/dev/ttyACM0" # Example, change this to match your own hardware
+      ];
+    };
+  };
+}