diff --git a/.github/workflows/tflint.yaml b/.github/workflows/tflint.yaml
index a377d684c..f703b11e6 100644
--- a/.github/workflows/tflint.yaml
+++ b/.github/workflows/tflint.yaml
@@ -13,12 +13,13 @@ jobs:
         with:
           files: |
             terraform/**
-
       - name: Tailscale
         if: steps.terraform-changes.outputs.any_changed == 'true'
         uses: tailscale/github-action@v2
         with:
-          authkey: ${{ secrets.TAILSCALE_AUTHKEY }}
+          oauth-client-id: ${{ secrets.TS_OAUTH_CLIENT_ID }}
+          oauth-secret: ${{ secrets.TS_OAUTH_SECRET }}
+          tags: tag:clients
       - name: Clone repo
         if: steps.terraform-changes.outputs.any_changed == 'true'
         uses: actions/checkout@master
diff --git a/.gitignore b/.gitignore
index 97ba60313..4bf7649cd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -84,3 +84,11 @@ terraform/**/*.info
 # k3s config files
 config/k3s/*.yaml
 !config/k3s/.gitkeep
+
+# Talos files
+config/talos/**/*.yaml
+config/talos/**/*.talosconfig
+config/talos/**/talosconfig
+!config/talos/controller-patch.yaml
+!config/talos/patch.yaml
+!config/talos/worker-patch.yaml
diff --git a/apps/argocd/base/core/argocd.yaml b/apps/argocd/base/core/argocd.yaml
index 03c80e56b..d1c2ade40 100644
--- a/apps/argocd/base/core/argocd.yaml
+++ b/apps/argocd/base/core/argocd.yaml
@@ -35,4 +35,4 @@ spec:
         maxDuration: 15m
   ignoreDifferences:
     - group: "redis.redis.opstreelabs.in"
-      kind: "Redis"
\ No newline at end of file
+      kind: "Redis"
diff --git a/tasks/terraform.yaml b/tasks/terraform.yaml
index ffafa5933..a3a89758e 100644
--- a/tasks/terraform.yaml
+++ b/tasks/terraform.yaml
@@ -35,6 +35,11 @@ tasks:
     cmds:
     - terraform init -upgrade -backend-config="conn_str=${TF_CONN_STR}"
 
+  init:b2:
+    dir: terraform/modules/b2
+    cmds:
+    - terraform init -upgrade
+
   plan:
     dir: terraform
     cmds:
@@ -55,6 +60,11 @@ tasks:
     cmds:
     - terraform plan
 
+  plan:b2:
+    dir: terraform/modules/b2
+    cmds:
+    - terraform plan
+
   apply:
     dir: terraform
     cmds:
@@ -75,6 +85,11 @@ tasks:
     cmds:
     - terraform apply -auto-approve
 
+  apply:b2:
+    dir: terraform/modules/b2
+    cmds:
+    - terraform apply -auto-approve
+
   destroy:
     dir: terraform
     cmds:
@@ -90,9 +105,15 @@ tasks:
     cmds:
     - terraform destroy -auto-approve
 
+  destroy:b2:
+    dir: terraform/modules/b2
+    cmds:
+    - terraform destroy -auto-approve
+
   docs:
     cmds:
     - terraform-docs markdown -c ./terraform/.terraform-docs.yaml ./terraform --output-file README.md
     - terraform-docs markdown -c ./terraform/.terraform-docs.yaml ./terraform/modules/vault --output-file README.md
     - terraform-docs markdown -c ./terraform/.terraform-docs.yaml ./terraform/modules/unifi --output-file README.md
     - terraform-docs markdown -c ./terraform/.terraform-docs.yaml ./terraform/modules/vultr --output-file README.md
+    - terraform-docs markdown -c ./terraform/.terraform-docs.yaml ./terraform/modules/b2 --output-file README.md
diff --git a/terraform/modules/b2/README.md b/terraform/modules/b2/README.md
new file mode 100644
index 000000000..476f1b1b0
--- /dev/null
+++ b/terraform/modules/b2/README.md
@@ -0,0 +1,28 @@
+
+<details>
+  <summary>
+   <b>Module documentation</b>
+  </summary>
+
+---
+<!-- BEGIN_TF_DOCS -->
+### Modules
+
+No modules.
+
+### Inputs
+
+| Name | Description | Type | Default |
+|------|-------------|------|---------|
+| app\_key | <sub>(Required) B2 Application Key. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs#optional)</sub> | `string` | `""` |
+| app\_key\_id | <sub>(Required) B2 Application Key ID. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs#optional)</sub> | `string` | `""` |
+| bucket\_name | <sub>A name for your S3 Bucket being created.</sub> | `string` | `"homelab-gruber"` |
+| bucket\_type | <sub>The bucket type. Either 'allPublic', meaning that files in this bucket can be downloaded by anybody, or 'allPrivate'. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs/resources/bucket#required)</sub> | `string` | `"allPrivate"` |
+
+### Outputs
+
+| Name | Description |
+|------|-------------|
+| bucket\_example | n/a |
+<!-- END_TF_DOCS -->
+</details>
diff --git a/terraform/modules/b2/main.tf b/terraform/modules/b2/main.tf
new file mode 100644
index 000000000..b5a31a019
--- /dev/null
+++ b/terraform/modules/b2/main.tf
@@ -0,0 +1,8 @@
+resource "b2_bucket" "standard" {
+  bucket_name = var.bucket_name
+  bucket_type = var.bucket_type
+}
+
+data "b2_bucket" "standard" {
+  bucket_name = b2_bucket.standard.bucket_name
+}
diff --git a/terraform/modules/b2/outputs.tf b/terraform/modules/b2/outputs.tf
new file mode 100644
index 000000000..262b7543a
--- /dev/null
+++ b/terraform/modules/b2/outputs.tf
@@ -0,0 +1,3 @@
+output "bucket_example" {
+  value = data.b2_bucket.standard
+}
diff --git a/terraform/modules/b2/variables.tf b/terraform/modules/b2/variables.tf
new file mode 100644
index 000000000..130c71219
--- /dev/null
+++ b/terraform/modules/b2/variables.tf
@@ -0,0 +1,33 @@
+variable "app_key" {
+  type        = string
+  description = "<sub>(Required) B2 Application Key. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs#optional)</sub>"
+  default     = ""
+  sensitive   = true
+}
+
+variable "app_key_id" {
+  type        = string
+  description = "<sub>(Required) B2 Application Key ID. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs#optional)</sub>"
+  default     = ""
+  sensitive   = true
+}
+
+variable "bucket_type" {
+  type        = string
+  description = "<sub>The bucket type. Either 'allPublic', meaning that files in this bucket can be downloaded by anybody, or 'allPrivate'. [Reference](https://registry.terraform.io/providers/Backblaze/b2/latest/docs/resources/bucket#required)</sub>"
+  default     = "allPrivate"
+  validation {
+    condition     = can(index(["allPublic", "allPrivate"], var.bucket_type))
+    error_message = "Error: Not a valid bucket type."
+  }
+}
+
+variable "bucket_name" {
+  type        = string
+  default     = "homelab-gruber"
+  description = "<sub>A name for your S3 Bucket being created.</sub>"
+  validation {
+    condition     = can(regex("^[a-z0-9][-a-z0-9]*[a-z0-9]$", var.bucket_name))
+    error_message = "Error: Invalid bucket name."
+  }
+}
diff --git a/terraform/modules/b2/versions.tf b/terraform/modules/b2/versions.tf
new file mode 100644
index 000000000..4df8ae9cc
--- /dev/null
+++ b/terraform/modules/b2/versions.tf
@@ -0,0 +1,16 @@
+terraform {
+  backend "local" {
+  }
+  required_version = ">= 1.00"
+  required_providers {
+    b2 = {
+      source  = "Backblaze/b2"
+      version = "0.8.4"
+    }
+  }
+}
+
+provider "b2" {
+  application_key    = var.app_key
+  application_key_id = var.app_key_id
+}
diff --git a/terraform/versions.tf b/terraform/versions.tf
index b0cfba4c1..811402040 100644
--- a/terraform/versions.tf
+++ b/terraform/versions.tf
@@ -14,14 +14,11 @@ terraform {
   # }
 }
 
-
-
 provider "vault" {
   address = var.vault_api_url
   token   = var.vault_token
 }
 
-
 provider "unifi" {
   username       = var.unifi_username
   password       = var.unifi_password