From d37a9c23a1de1efdbbe4a611ce68d10fcf6c96f8 Mon Sep 17 00:00:00 2001
From: SebastianStork <git@sstork.dev>
Date: Thu, 19 Feb 2026 15:07:48 +0100
Subject: [PATCH 1/3] workflows/check-deploy: Also build the nixos
 configurations

---
 .github/workflows/check-deploy.yml | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/check-deploy.yml b/.github/workflows/check-deploy.yml
index 3f0b87b..3e4f932 100644
--- a/.github/workflows/check-deploy.yml
+++ b/.github/workflows/check-deploy.yml
@@ -17,6 +17,10 @@ jobs:
         run: |
           checks=$(nix flake show --json | jq -c '.checks."x86_64-linux" | keys')
           printf "checks=%s" "$checks" >> "$GITHUB_OUTPUT"
+      - id: hosts
+        run: |
+          hosts=$(nix flake show --json | jq -c '.nixosConfigurations | keys')
+          printf "hosts=%s" "$hosts" >> "$GITHUB_OUTPUT"
   build-check:
     needs: generate-matrix
     runs-on: ubuntu-latest
@@ -35,6 +39,24 @@ jobs:
           authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
           useDaemon: false
       - run: nix build .#checks.x86_64-linux.${{ matrix.check }} --print-build-logs
+  build-host:
+    needs: generate-matrix
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        host: ${{ fromJson(needs.generate-matrix.outputs.hosts) }}
+    steps:
+      - uses: actions/checkout@v5
+      - uses: cachix/install-nix-action@v31
+        with:
+          extra_nix_config: experimental-features = nix-command flakes pipe-operators
+      - uses: cachix/cachix-action@v15
+        with:
+          name: sebastian-stork
+          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
+          useDaemon: false
+      - run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel --print-build-logs
   flake-check:
     needs: build-check
     runs-on: ubuntu-latest
@@ -49,7 +71,7 @@ jobs:
           authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
       - run: nix flake check --keep-going --print-build-logs
   deploy:
-    needs: flake-check
+    needs: [build-host, flake-check]
     runs-on: ubuntu-latest
     permissions:
       contents: write

From 90d01ecd17d893c3742fa9e3fb29d2d9026871eb Mon Sep 17 00:00:00 2001
From: SebastianStork <git@sstork.dev>
Date: Thu, 19 Feb 2026 15:11:52 +0100
Subject: [PATCH 2/3] workflows/check-deploy: Fix generate-matrix outputs

---
 .github/workflows/check-deploy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/check-deploy.yml b/.github/workflows/check-deploy.yml
index 3e4f932..11c4e20 100644
--- a/.github/workflows/check-deploy.yml
+++ b/.github/workflows/check-deploy.yml
@@ -8,6 +8,7 @@ jobs:
     runs-on: ubuntu-latest
     outputs:
       checks: ${{ steps.checks.outputs.checks }}
+      hosts: ${{ steps.hosts.outputs.hosts }}
     steps:
       - uses: actions/checkout@v5
       - uses: cachix/install-nix-action@v31

From 0b87addc97a76e998c2a4dab6b10209fe85faef2 Mon Sep 17 00:00:00 2001
From: SebastianStork <git@sstork.dev>
Date: Thu, 19 Feb 2026 15:26:10 +0100
Subject: [PATCH 3/3] profiles/core: Add personal cachix cache to the
 substituters

---
 profiles/core.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/profiles/core.nix b/profiles/core.nix
index 6fb7510..7690326 100644
--- a/profiles/core.nix
+++ b/profiles/core.nix
@@ -41,6 +41,11 @@
 
         min-free = 4 * 1024 * 1024 * 1024;
         max-free = 6 * 1024 * 1024 * 1024;
+
+        substituters = [ "https://sebastian-stork.cachix.org" ];
+        trusted-public-keys = [
+          "sebastian-stork.cachix.org-1:PAgwmtq5BF/UlUoXdBC2sX2EKZQ2vCjo3iGySujbaME="
+        ];
       };
     };