flake-parts/dev-shell.nix

@@ -1,11 +1,12 @@
 _: {
   perSystem =
-    { pkgs, ... }:
+    { inputs', pkgs, ... }:
     {
       devShells.default = pkgs.mkShellNoCC {
         packages = [
           pkgs.just
           pkgs.nh
+          inputs'.deploy-rs.packages.default
         ];
       };
     };

flake-parts/hosts.nix

@@ -17,8 +17,26 @@ let
       ]
       ++ lib.optional (lib.pathExists "${self}/users/seb/@${hostName}") "${self}/users/seb/@${hostName}";
     };
+
+  mkDeployNode = hostName: {
+    hostname = "${hostName}.${
+      self.nixosConfigurations.${hostName}.config.custom.networking.overlay.domain
+    }";
+    user = "root";
+    interactiveSudo = true;
+    profiles.system.path =
+      inputs.deploy-rs.lib.x86_64-linux.activate.nixos
+        self.nixosConfigurations.${hostName};
+  };
+
+  hostNames = "${self}/hosts" |> self.lib.listDirectoryNames;
 in
 {
-  flake.nixosConfigurations =
+  flake = {
-    "${self}/hosts" |> self.lib.listDirectoryNames |> self.lib.genAttrs mkHost;
+    nixosConfigurations = hostNames |> self.lib.genAttrs mkHost;
+
+    deploy.nodes = hostNames |> self.lib.genAttrs mkDeployNode;
+
+    checks = inputs.deploy-rs.lib |> lib.mapAttrs (_: deployLib: deployLib.deployChecks self.deploy);
+  };
 }

flake-parts/modules.nix

@@ -2,6 +2,6 @@
 {
   flake = {
     nixosModules.default.imports = self.lib.listNixFilesRecursively "${self}/modules/system";
-    homeModules.default.imports = self.lib.listNixFilesRecursively "${self}/modules/home";
+    homeManagerModules.default.imports = self.lib.listNixFilesRecursively "${self}/modules/home";
   };
 }

flake.lock

@@ -58,6 +58,28 @@
         "url": "https://codeberg.org/kampka/nix-flake-crowdsec.git"
       }
     },
+    "deploy-rs": {
+      "inputs": {
+        "flake-compat": "flake-compat_2",
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "utils": "utils"
+      },
+      "locked": {
+        "lastModified": 1766051518,
+        "narHash": "sha256-znKOwPXQnt3o7lDb3hdf19oDo0BLP4MfBOYiWkEHoik=",
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "rev": "d5eff7f948535b9c723d60cd8239f8f11ddc90fa",
+        "type": "github"
+      },
+      "original": {
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "type": "github"
+      }
+    },
     "disko": {
       "inputs": {
         "nixpkgs": [
@@ -117,6 +139,22 @@
         "type": "github"
       }
     },
+    "flake-compat_2": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1733328505,
+        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-parts": {
       "inputs": {
         "nixpkgs-lib": "nixpkgs-lib"
@@ -313,6 +351,7 @@
         "betterfox": "betterfox",
         "comin": "comin",
         "crowdsec": "crowdsec",
+        "deploy-rs": "deploy-rs",
         "disko": "disko",
         "firefox-addons": "firefox-addons",
         "flake-parts": "flake-parts",
@@ -362,6 +401,21 @@
         "type": "github"
       }
     },
+    "systems_2": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "treefmt": {
       "inputs": {
         "nixpkgs": [
@@ -382,6 +436,24 @@
         "type": "github"
       }
     },
+    "utils": {
+      "inputs": {
+        "systems": "systems_2"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
+    },
     "vscode-extensions": {
       "inputs": {
         "nixpkgs": [

flake.nix

@@ -30,6 +30,11 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    deploy-rs = {
+      url = "github:serokell/deploy-rs";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     treefmt = {
       url = "github:numtide/treefmt-nix";
       inputs.nixpkgs.follows = "nixpkgs";

justfile

@@ -40,9 +40,7 @@ reboot:
 
 [group('remote')]
 deploy +hosts:
-    for host in {{ hosts }}; do \
+    deploy --skip-checks --targets $(echo {{ hosts }} | sed 's/[^ ]*/\.#&/g')
-      nh os switch . --hostname=$host --target-host=$host; \
-    done
 
 [group('remote')]
 install host destination='root@installer':

modules/home/sops.nix

@@ -9,7 +9,7 @@ let
   cfg = config.custom.sops;
 in
 {
-  imports = [ inputs.sops.homeModules.sops ];
+  imports = [ inputs.sops.homeManagerModules.sops ];
 
   options.custom.sops = {
     enable = lib.mkEnableOption "";

users/seb/home.nix

@@ -5,7 +5,7 @@
   ...
 }:
 {
-  imports = [ self.homeModules.default ];
+  imports = [ self.homeManagerModules.default ];
 
   xdg = {
     enable = true;