diff --git a/flake-parts/hosts.nix b/flake-parts/hosts.nix
index ffa40f8..1c8fd1b 100644
--- a/flake-parts/hosts.nix
+++ b/flake-parts/hosts.nix
@@ -6,21 +6,31 @@
 }:
 let
   mkHost =
-    hostName:
+    hostDir:
     inputs.nixpkgs.lib.nixosSystem {
       specialArgs = { inherit inputs self; };
       modules =
-        (lib.singleton { networking = { inherit hostName; }; })
+        (lib.singleton { networking.hostName = lib.baseNameOf hostDir; })
         ++ (
-          "${self}/hosts/${hostName}"
+          hostDir
           |> builtins.readDir
           |> lib.attrNames
-          |> lib.filter (file: file |> lib.hasSuffix ".nix")
-          |> lib.map (file: "${self}/hosts/${hostName}/${file}")
+          |> lib.filter (lib.hasSuffix ".nix")
+          |> lib.map (file: "${hostDir}/${file}")
         );
     };
+
+  mkHosts =
+    baseDir:
+    baseDir
+    |> builtins.readDir
+    |> lib.filterAttrs (_: type: type == "directory")
+    |> lib.mapAttrs (hostName: _: mkHost "${baseDir}/${hostName}");
 in
 {
-  flake.nixosConfigurations =
-    "${self}/hosts" |> self.lib.listDirectoryNames |> self.lib.genAttrs mkHost;
+  flake = {
+    nixosConfigurations = mkHosts "${self}/hosts";
+    externalConfigurations = mkHosts "${self}/external-hosts";
+    allHosts = self.nixosConfigurations // self.externalConfigurations;
+  };
 }
diff --git a/flake-parts/sops-config.nix b/flake-parts/sops-config.nix
index 1d9f167..0f4bf47 100644
--- a/flake-parts/sops-config.nix
+++ b/flake-parts/sops-config.nix
@@ -18,14 +18,14 @@
           };
 
           hostCreationRules =
-            self.nixosConfigurations
+            self.allHosts
             |> lib.attrValues
             |> lib.map (host: host.config.custom.sops)
             |> lib.filter (sops: sops.enable)
             |> lib.map mkCreationRule;
 
           userCreationRules =
-            self.nixosConfigurations
+            self.allHosts
             |> lib.attrValues
             |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
             |> lib.map (host: host.config.home-manager.users.seb.custom.sops)
diff --git a/justfile b/justfile
index 0eb077f..20e4e8b 100644
--- a/justfile
+++ b/justfile
@@ -16,7 +16,7 @@ repair:
     nix-store --verify --check-contents --repair
 
 repl host='$(hostname)':
-    nix repl .#nixosConfigurations.{{ host }}
+    nix repl .#allHosts.{{ host }}
 
 [group('rebuild')]
 rebuild mode:
diff --git a/modules/system/networking/default.nix b/modules/system/networking/default.nix
index 6e7280d..5b790a4 100644
--- a/modules/system/networking/default.nix
+++ b/modules/system/networking/default.nix
@@ -18,7 +18,7 @@ in
     nodes = lib.mkOption {
       type = lib.types.anything;
       default =
-        self.nixosConfigurations
+        self.allHosts
         |> lib.attrValues
         |> lib.map (host: host.config.custom.networking)
         |> lib.map (
diff --git a/modules/system/networking/overlay.nix b/modules/system/networking/overlay.nix
index df79c58..910f3aa 100644
--- a/modules/system/networking/overlay.nix
+++ b/modules/system/networking/overlay.nix
@@ -57,7 +57,7 @@ in
     dnsServers = lib.mkOption {
       type = lib.types.anything;
       default =
-        self.nixosConfigurations
+        self.allHosts
         |> lib.attrValues
         |> lib.filter (host: host.config.custom.services.dns.enable)
         |> lib.map (host: host.config.custom.networking.overlay.address);
diff --git a/modules/system/services/dns.nix b/modules/system/services/dns.nix
index 5847a97..f4c204f 100644
--- a/modules/system/services/dns.nix
+++ b/modules/system/services/dns.nix
@@ -27,7 +27,7 @@ in
                 netCfg.nodes
                 |> lib.map (node: "\"${node.hostName}.${node.overlay.domain}. A ${node.overlay.address}\"");
               serviceRecords =
-                self.nixosConfigurations
+                self.allHosts
                 |> lib.attrValues
                 |> lib.concatMap (
                   host:
diff --git a/modules/system/services/sshd.nix b/modules/system/services/sshd.nix
index 2996290..14f35c7 100644
--- a/modules/system/services/sshd.nix
+++ b/modules/system/services/sshd.nix
@@ -41,7 +41,7 @@ in
     };
 
     users.users.seb.openssh.authorizedKeys.keyFiles =
-      self.nixosConfigurations
+      self.allHosts
       |> lib.attrValues
       |> lib.filter (host: host.config.networking.hostName != netCfg.hostName)
       |> lib.filter (host: host.config |> lib.hasAttr "home-manager")
diff --git a/modules/system/services/syncthing.nix b/modules/system/services/syncthing.nix
index a745d10..bdccc4c 100644
--- a/modules/system/services/syncthing.nix
+++ b/modules/system/services/syncthing.nix
@@ -87,7 +87,7 @@ in
         settings =
           let
             hosts =
-              self.nixosConfigurations
+              self.allHosts
               |> lib.filterAttrs (_: host: host.config.networking.hostName != config.networking.hostName)
               |> lib.filterAttrs (_: host: host.config.custom.services.syncthing.enable);
           in
diff --git a/modules/system/web-services/gatus.nix b/modules/system/web-services/gatus.nix
index 475c688..aa8d3f4 100644
--- a/modules/system/web-services/gatus.nix
+++ b/modules/system/web-services/gatus.nix
@@ -173,7 +173,7 @@ in
       web-services.gatus.endpoints =
         let
           defaultEndpoints =
-            self.nixosConfigurations
+            self.allHosts
             |> lib.mapAttrs (
               _: host:
               host.config.custom.services.caddy.virtualHosts |> lib.attrValues |> lib.map (vHost: vHost.domain)
diff --git a/scripts/nebula/recert-all-hosts.nix b/scripts/nebula/recert-all-hosts.nix
index d143bda..f7526b6 100644
--- a/scripts/nebula/recert-all-hosts.nix
+++ b/scripts/nebula/recert-all-hosts.nix
@@ -9,7 +9,7 @@ pkgs.writeShellApplication {
   ];
 
   text = ''
-    hosts="$(nix eval .#nixosConfigurations --apply 'builtins.attrNames' --json | jq -r '.[]')"
+    hosts="$(nix eval .#allHosts --apply 'builtins.attrNames' --json | jq -r '.[]')"
 
     if ! declare -px BW_SESSION >/dev/null 2>&1; then
       BW_SESSION="$(bw unlock --raw || bw login --raw)"
diff --git a/scripts/nebula/recert-host.nix b/scripts/nebula/recert-host.nix
index 0db5bf2..1aff425 100644
--- a/scripts/nebula/recert-host.nix
+++ b/scripts/nebula/recert-host.nix
@@ -14,11 +14,11 @@ pkgs.writeShellApplication {
     fi
 
     host="$1"
-    address="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.networking.overlay.cidr")"
-    groups="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.groups" --apply 'builtins.concatStringsSep ","')"
+    address="$(nix eval --raw ".#allHosts.$host.config.custom.networking.overlay.cidr")"
+    groups="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.groups" --apply 'builtins.concatStringsSep ","')"
     ca_cert='modules/system/services/nebula/ca.crt'
-    host_pub="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.publicKeyPath")"
-    host_cert="$(nix eval --raw ".#nixosConfigurations.$host.config.custom.services.nebula.certificatePath")"
+    host_pub="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.publicKeyPath")"
+    host_cert="$(nix eval --raw ".#allHosts.$host.config.custom.services.nebula.certificatePath")"
     host_cert="''${host_cert#*-source/}"
 
     if [[ $# -eq 2 ]]; then