diff --git a/nixos/hosts/nixos-rpi4-01/default.nix b/nixos/hosts/nixos-rpi4-01/default.nix
index de4fc53b..e616ebaa 100644
--- a/nixos/hosts/nixos-rpi4-01/default.nix
+++ b/nixos/hosts/nixos-rpi4-01/default.nix
@@ -39,12 +39,15 @@
   sops.secrets.nixos-rpi4-01_tailscale_key = {
     owner = "root";
     sopsFile = ../../../secrets/tailscale.yaml;
-    restartUnits = [ "tailscaled.service" ];
+    restartUnits = [ 
+      "tailscaled.service"
+      "tailscaled-autoconnect.service" 
+    ];
   };
   services.tailscale.authKeyFile = "/run/secrets/nixos-rpi4-01_tailscale_key";
   services.tailscale.extraUpFlags = [ "--advertise-exit-node" ];
   boot.kernel.sysctl = { "net.ipv4.ip_forward" = true; };
   
   # Temporary
-  networking.firewall.allowedTCPPorts = [ 22 ];
+  # networking.firewall.allowedTCPPorts = [ 22 ];
 }
\ No newline at end of file
diff --git a/sd-image.nix b/sd-image.nix
new file mode 100644
index 00000000..cf854f38
--- /dev/null
+++ b/sd-image.nix
@@ -0,0 +1,15 @@
+# Raspberry Pi SD Image
+# $ nix-build '<nixpkgs/nixos>' -A config.system.build.sdImage -I nixos-config=./sd-image.nix
+# https://nixos.wiki/wiki/NixOS_on_ARM#Installation
+{ ... }: {
+  nixpkgs.crossSystem.system = "armv7l-linux";
+  
+  # Simple bootstrap SD image for the Raspberry Pi
+  imports = [
+    <nixpkgs/nixos/modules/installer/sd-card/sd-image-aarch64.nix>
+    ./nixos/users/albert
+  ];
+
+  # Temporarily allow ssh access for imaging
+  networking.firewall.allowedTCPPorts = [ 22 ];
+}
\ No newline at end of file