diff --git a/.github/workflows/build-host.yml b/.github/workflows/build-host.yml
new file mode 100644
index 0000000..392691a
--- /dev/null
+++ b/.github/workflows/build-host.yml
@@ -0,0 +1,30 @@
+name: Build host
+on:
+  workflow_call:
+    inputs:
+      hosts:
+        required: true
+        type: string
+    secrets:
+      CACHIX_AUTH_TOKEN:
+        required: true
+jobs:
+  build-host:
+    name: ${{ matrix.host }}
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        host: ${{ fromJson(inputs.hosts) }}
+    steps:
+      - uses: actions/checkout@v5
+      - uses: cachix/install-nix-action@v31
+        with:
+          extra_nix_config: experimental-features = nix-command flakes pipe-operators
+      - uses: cachix/cachix-action@v15
+        with:
+          name: sebastian-stork
+          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
+          useDaemon: false
+      - name: Build host
+        run: nix build .#nixosConfigurations.${{ matrix.host }}.config.system.build.toplevel --print-build-logs
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 0b7cfd0..376bf53 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -16,6 +16,11 @@ jobs:
       - uses: cachix/install-nix-action@v31
         with:
           extra_nix_config: experimental-features = nix-command flakes pipe-operators
+      - name: Get packages
+        id: packages
+        run: |
+          packages=$(nix flake show --json | jq -c '.packages."x86_64-linux" | keys')
+          printf "packages=%s" "$packages" >> "$GITHUB_OUTPUT"
       - name: Get checks
         id: checks
         run: |
@@ -27,11 +32,38 @@ jobs:
           servers=$(nix eval .#nixosConfigurations --apply 'configs:
             configs
             |> builtins.attrNames
-            |> builtins.filter (hostName: configs.${hostName}.config.custom.services.comin.enable)
+            |> builtins.filter (name: configs.${name}.config.custom.services.comin.enable)
           ' --json)
           printf "servers=%s" "$servers" >> "$GITHUB_OUTPUT"
+      - name: Get workstations
+        id: workstations
+        run: |
+          workstations=$(nix eval .#nixosConfigurations --apply 'configs:
+            configs
+            |> builtins.attrNames
+            |> builtins.filter (name: !configs.${name}.config.custom.services.comin.enable)
+          ' --json)
+          printf "workstations=%s" "$workstations" >> "$GITHUB_OUTPUT"
+  build-package:
+    needs: parse-flake
+    runs-on: ubuntu-latest
+    strategy:
+      fail-fast: false
+      matrix:
+        package: ${{ fromJson(needs.parse-flake.outputs.packages) }}
+    steps:
+      - uses: actions/checkout@v5
+      - uses: cachix/install-nix-action@v31
+        with:
+          extra_nix_config: experimental-features = nix-command flakes pipe-operators
+      - uses: cachix/cachix-action@v15
+        with:
+          name: sebastian-stork
+          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
+          useDaemon: false
+      - name: Build package
+        run: nix build .#packages.x86_64-linux.${{ matrix.package }} --print-build-logs
   build-check:
-    name: ${{ matrix.check }}
     needs: parse-flake
     runs-on: ubuntu-latest
     strategy:
@@ -51,25 +83,19 @@ jobs:
       - name: Build check
         run: nix build .#checks.x86_64-linux.${{ matrix.check }} --print-build-logs
   build-server:
-    name: ${{ matrix.server }}
     needs: parse-flake
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        server: ${{ fromJson(needs.parse-flake.outputs.servers) }}
-    steps:
-      - uses: actions/checkout@v5
-      - uses: cachix/install-nix-action@v31
-        with:
-          extra_nix_config: experimental-features = nix-command flakes pipe-operators
-      - uses: cachix/cachix-action@v15
-        with:
-          name: sebastian-stork
-          authToken: "${{ secrets.CACHIX_AUTH_TOKEN }}"
-          useDaemon: false
-      - name: Build server
-        run: nix build .#nixosConfigurations.${{ matrix.server }}.config.system.build.toplevel --print-build-logs
+    uses: ./.github/workflows/build-host.yml
+    with:
+      hosts: ${{ needs.parse-flake.outputs.servers }}
+    secrets:
+      CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
+  build-workstation:
+    needs: parse-flake
+    uses: ./.github/workflows/build-host.yml
+    with:
+      hosts: ${{ needs.parse-flake.outputs.workstations }}
+    secrets:
+      CACHIX_AUTH_TOKEN: ${{ secrets.CACHIX_AUTH_TOKEN }}
   deploy:
     needs: [build-check, build-server]
     runs-on: ubuntu-latest
diff --git a/hosts/srv-core/default.nix b/hosts/homeserver/default.nix
similarity index 100%
rename from hosts/srv-core/default.nix
rename to hosts/homeserver/default.nix
diff --git a/hosts/srv-core/disko.nix b/hosts/homeserver/disko.nix
similarity index 100%
rename from hosts/srv-core/disko.nix
rename to hosts/homeserver/disko.nix
diff --git a/hosts/srv-core/hardware.nix b/hosts/homeserver/hardware.nix
similarity index 100%
rename from hosts/srv-core/hardware.nix
rename to hosts/homeserver/hardware.nix
diff --git a/hosts/srv-core/keys/age.pub b/hosts/homeserver/keys/age.pub
similarity index 100%
rename from hosts/srv-core/keys/age.pub
rename to hosts/homeserver/keys/age.pub
diff --git a/hosts/homeserver/keys/nebula.crt b/hosts/homeserver/keys/nebula.crt
new file mode 100644
index 0000000..1df53cf
--- /dev/null
+++ b/hosts/homeserver/keys/nebula.crt
@@ -0,0 +1,7 @@
+-----BEGIN NEBULA CERTIFICATE V2-----
+MIG+oFiACmhvbWVzZXJ2ZXKhBwQFCv76BhijEwwGc2VydmVyDAlzeW5jdGhpbmeF
+BGmiGqqGBGsoffSHIBVD/hlbqt7XLMVqDE4DhIQzJRBaXtQIwm5gRTI7c0VogiAZ
+e96epRDtw/rMTdFK2zGNir1IwMaj+yBQZk7+5zkMdYNAgVBstID36JKriSzF5nlz
+oonUUfccrIASiwr3HqRgeWA2SnvS9r8qf2s+PfTkX2a+jymnHOlzB0GSeWx7JeZo
+AQ==
+-----END NEBULA CERTIFICATE V2-----
diff --git a/hosts/srv-core/keys/nebula.pub b/hosts/homeserver/keys/nebula.pub
similarity index 100%
rename from hosts/srv-core/keys/nebula.pub
rename to hosts/homeserver/keys/nebula.pub
diff --git a/hosts/srv-core/keys/syncthing.id b/hosts/homeserver/keys/syncthing.id
similarity index 100%
rename from hosts/srv-core/keys/syncthing.id
rename to hosts/homeserver/keys/syncthing.id
diff --git a/hosts/srv-core/secrets.json b/hosts/homeserver/secrets.json
similarity index 100%
rename from hosts/srv-core/secrets.json
rename to hosts/homeserver/secrets.json
diff --git a/hosts/srv-core/keys/nebula.crt b/hosts/srv-core/keys/nebula.crt
deleted file mode 100644
index 8eb3e62..0000000
--- a/hosts/srv-core/keys/nebula.crt
+++ /dev/null
@@ -1,6 +0,0 @@
------BEGIN NEBULA CERTIFICATE V2-----
-MIG8oFaACHNydi1jb3JloQcEBQr++gYYoxMMBnNlcnZlcgwJc3luY3RoaW5nhQRp
-pz3vhgRrKH30hyAVQ/4ZW6re1yzFagxOA4SEMyUQWl7UCMJuYEUyO3NFaIIgGXve
-nqUQ7cP6zE3RStsxjYq9SMDGo/sgUGZO/uc5DHWDQMuJeHoWRFXit1LEzlKFWrXR
-/I4ZGhqCsE9r/bNYw5uYzVcVGb1DNIWu7KJJ/TPB2syGBYzYOWy8yJOa0rmU3wI=
------END NEBULA CERTIFICATE V2-----