diff --git a/data/zones/noc.eh22.intern.zone b/data/zones/noc.eh22.intern.zone
index e53b328..afbd71f 100644
--- a/data/zones/noc.eh22.intern.zone
+++ b/data/zones/noc.eh22.intern.zone
@@ -2,6 +2,7 @@ $ORIGIN noc.eh22.intern.
 @ 0 IN SOA auth-dns noc.eh22.easterhegg.eu. 1 7200 3600 3600000 60
 @ 0 IN NS 10.20.25.3.
 auth-dns 0 IN A 10.20.25.3
+monitoring 0 IN A 10.20.25.4
 grafana 0 IN A 10.20.25.4
 proxmox 0 IN A 10.20.25.1
 resolv-dns 0 IN A 10.20.25.5
diff --git a/systems/default.nix b/systems/default.nix
index 41dd469..dd900c3 100644
--- a/systems/default.nix
+++ b/systems/default.nix
@@ -43,11 +43,11 @@ in
   # prod hosts
   "auth-dns.noc.eh22.intern" = mkSystem "x86_64-linux" "auth-dns.noc.eh22.intern";
   "resolv-dns.noc.eh22.intern" = mkSystem "x86_64-linux" "resolv-dns.noc.eh22.intern";
+  "monitoring.noc.eh22.intern" = mkSystem "x86_64-linux" "monitoring.noc.eh22.intern";
 
   # staging temp infra
   "sketchy-router.noc.eh22.intern" = mkSystem "x86_64-linux" "sketchy-router.noc.eh22.intern";
 
-  "grafana.noc.eh22.intern" = mkSystem "x86_64-linux" "grafana.noc.eh22.intern";
   # misc hosts
   "test.eh22.intern" = mkSystem "x86_64-linux" "test.eh22.intern";
   "installer" = mkSystem "x86_64-linux" "installer";
diff --git a/systems/grafana.noc.eh22.intern.nix b/systems/monitoring.noc.eh22.intern/grafana.nix
similarity index 55%
rename from systems/grafana.noc.eh22.intern.nix
rename to systems/monitoring.noc.eh22.intern/grafana.nix
index 0b7f35c..7a670e1 100644
--- a/systems/grafana.noc.eh22.intern.nix
+++ b/systems/monitoring.noc.eh22.intern/grafana.nix
@@ -4,32 +4,6 @@
   ...
 }:
 {
-  imports = [ ];
-
-  sops = {
-    defaultSopsFile = ../secrets/passwords.yaml;
-    secrets."services/grafana/admin_password" = {
-      mode = "0440";
-      owner = "grafana";
-      group = "grafana";
-      restartUnits = [ "grafana.service" ];
-    };
-  };
-
-  # configure static IP address
-  networking.useDHCP = false;
-  systemd.network = {
-    enable = true;
-    networks = {
-      "10-mgmtNet" = {
-        matchConfig.MACAddress = "BC:24:11:FC:C2:26";
-        address = [ "10.20.25.4/24" ];
-        gateway = [ "10.20.25.2" ];
-      };
-    };
-  };
-
-  networking.firewall.allowedTCPPorts = [ 80 ];
 
   services = {
     grafana = {
@@ -73,8 +47,4 @@
       };
     };
   };
-  # DO NOT CHANGE
-  # this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
-  home-manager.users.noc.home.stateVersion = "24.11";
-  system.stateVersion = "24.11";
 }
diff --git a/systems/monitoring.noc.eh22.intern/system.nix b/systems/monitoring.noc.eh22.intern/system.nix
new file mode 100644
index 0000000..a134aa1
--- /dev/null
+++ b/systems/monitoring.noc.eh22.intern/system.nix
@@ -0,0 +1,40 @@
+{
+  pkgs,
+  config,
+  ...
+}:
+{
+  sops = {
+    defaultSopsFile = ../../secrets/passwords.yaml;
+    secrets."services/grafana/admin_password" = {
+      mode = "0440";
+      owner = "grafana";
+      group = "grafana";
+      restartUnits = [ "grafana.service" ];
+    };
+  };
+
+  # configure static IP address
+  networking.useDHCP = false;
+  systemd.network = {
+    enable = true;
+    networks = {
+      "10-mgmtNet" = {
+        matchConfig.MACAddress = "BC:24:11:FC:C2:26";
+        address = [ "10.20.25.4/24" ];
+        gateway = [ "10.20.25.2" ];
+      };
+    };
+  };
+
+  networking.firewall.allowedTCPPorts = [ 80 ];
+
+  imports = [
+    ./grafana.nix
+  ];
+
+  # DO NOT CHANGE
+  # this defines the first version of NixOS that was installed on the machine so that programs with non-migratable data files are kept compatible
+  home-manager.users.noc.home.stateVersion = "24.11";
+  system.stateVersion = "24.11";
+}