diff --git a/group-k3s.yml b/group-k3s.yml
new file mode 100644
index 0000000..e653d64
--- /dev/null
+++ b/group-k3s.yml
@@ -0,0 +1,9 @@
+---
+- hosts: k3s
+  become: true
+
+  tasks:
+    - name: Ensure nfs-common is installed on k3s VMs
+      ansible.builtin.apt:
+        pkg: nfs-common
+        state: present
\ No newline at end of file
diff --git a/host-plumbum.yml b/host-plumbum.yml
new file mode 100644
index 0000000..d6d1a18
--- /dev/null
+++ b/host-plumbum.yml
@@ -0,0 +1,11 @@
+---
+- hosts: plumbum.n39.eu
+  become: true
+
+  roles:
+    - role: nfs-host
+      vars:
+        nfs_host_exports:
+          - directory: "/srv/nfs"
+            hosts: "*.n39.eu"
+            options: rw,sync,no_subtree_check
diff --git a/host_vars/plumbum.n39.eu/vars.yml b/host_vars/plumbum.n39.eu/vars.yml
index c7eab39..af6228c 100644
--- a/host_vars/plumbum.n39.eu/vars.yml
+++ b/host_vars/plumbum.n39.eu/vars.yml
@@ -1,2 +1,3 @@
 ---
+server_admin: "admin+plumbum@netz39.de"
 mac: "32:A3:94:A0:23:77"
diff --git a/main.yml b/main.yml
index 785175b..5af6b86 100644
--- a/main.yml
+++ b/main.yml
@@ -39,3 +39,6 @@
 
 - name: Hobbes specific setup
   import_playbook: host-hobbes.yml
+
+- name: Plumbum specific setup
+  import_playbook: host-plumbum.yml
diff --git a/roles/nfs-host/defaults/main.yml b/roles/nfs-host/defaults/main.yml
new file mode 100644
index 0000000..210a3be
--- /dev/null
+++ b/roles/nfs-host/defaults/main.yml
@@ -0,0 +1,8 @@
+# Defaults for nfs-host
+---
+nfs_host_exports: []
+  # - directory: "/srv/nfs"
+  #   hosts: "k3s-w[0-9]+.n39.eu"
+  #   options: rw,sync,no_subtree_check
+
+nfs_host_storage_device: "/dev/sdb"
diff --git a/roles/nfs-host/handlers/main.yml b/roles/nfs-host/handlers/main.yml
new file mode 100644
index 0000000..4cdcec5
--- /dev/null
+++ b/roles/nfs-host/handlers/main.yml
@@ -0,0 +1,3 @@
+---
+- name: reload nfs
+  command: 'exportfs -ra'
diff --git a/roles/nfs-host/tasks/main.yml b/roles/nfs-host/tasks/main.yml
new file mode 100644
index 0000000..c1ac52d
--- /dev/null
+++ b/roles/nfs-host/tasks/main.yml
@@ -0,0 +1,41 @@
+---
+- name: Install required packages
+  ansible.builtin.apt:
+    state: present
+    name:
+    - nfs-kernel-server
+    - nfs-common
+    - parted
+
+- name: Create a new ext4 primary partition
+  community.general.parted:
+    device: "{{ nfs_host_storage_device }}"
+    number: 1
+    state: present
+    fs_type: ext4
+
+- name: ensure nfs mountpoints exist
+  ansible.builtin.file:
+    path: "{{ item.directory }}"
+    state: directory
+    owner: nobody
+    group: nogroup
+    mode: '0777'
+  with_items: "{{ nfs_host_exports }}"
+
+- name: Mount up device by label
+  ansible.posix.mount:
+    path: "{{ nfs_host_exports[0].directory }}"
+    src: /dev/sdb1
+    fstype: ext4
+    state: present
+
+- name: template /etc/exports
+  ansible.builtin.template:
+    src: templates/exports.j2
+    dest: "/etc/exports"
+  notify: reload nfs
+
+- name: Ensure nfs is running.
+  ansible.builtin.service: "name=nfs-kernel-server state=started enabled=yes"
+  when: nfs_host_exports|length
diff --git a/roles/nfs-host/templates/exports.j2 b/roles/nfs-host/templates/exports.j2
new file mode 100644
index 0000000..87d2c20
--- /dev/null
+++ b/roles/nfs-host/templates/exports.j2
@@ -0,0 +1,3 @@
+{% for export in nfs_host_exports %}
+{{ export.directory }} {{ export.hosts }}({{ export.options }})
+{% endfor %}
\ No newline at end of file