diff --git a/flake.lock b/flake.lock
index c44d4a0..d144fcb 100644
--- a/flake.lock
+++ b/flake.lock
@@ -40,6 +40,26 @@
         "type": "github"
       }
     },
+    "deploy-rs": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs",
+        "utils": "utils"
+      },
+      "locked": {
+        "lastModified": 1659725433,
+        "narHash": "sha256-1ZxuK67TL29YLw88vQ18Y2Y6iYg8Jb7I6/HVzmNB6nM=",
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "rev": "41f15759dd8b638e7b4f299730d94d5aa46ab7eb",
+        "type": "github"
+      },
+      "original": {
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "type": "github"
+      }
+    },
     "devshell": {
       "flake": false,
       "locked": {
@@ -64,7 +84,7 @@
         "flake-utils-pre-commit": "flake-utils-pre-commit",
         "gomod2nix": "gomod2nix",
         "mach-nix": "mach-nix",
-        "nixpkgs": "nixpkgs_2",
+        "nixpkgs": "nixpkgs_3",
         "poetry2nix": "poetry2nix",
         "pre-commit-hooks": "pre-commit-hooks"
       },
@@ -128,6 +148,22 @@
         "type": "github"
       }
     },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1648199409,
+        "narHash": "sha256-JwPKdC2PoVBkG6E+eWw3j6BMR6sL3COpYWfif7RVb8Y=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "64a525ee38886ab9028e6f61790de0832aa3ef03",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "flake-utils-pre-commit": {
       "locked": {
         "lastModified": 1644229661,
@@ -192,16 +228,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1665466769,
-        "narHash": "sha256-L+qcHpb4Ac3PipMXJY/Ktbu1+KXy23WCZ8pXWmsf7zY=",
-        "owner": "nixos",
+        "lastModified": 1648219316,
+        "narHash": "sha256-Ctij+dOi0ZZIfX5eMhgwugfvB+WZSrvVNAyAuANOsnQ=",
+        "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "0b20bf89e0035b6d62ad58f9db8fdbc99c2b01e8",
+        "rev": "30d3d79b7d3607d56546dd2a6b49e156ba0ec634",
         "type": "github"
       },
       "original": {
-        "owner": "nixos",
-        "ref": "nixos-22.05",
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -223,6 +259,22 @@
       }
     },
     "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1665466769,
+        "narHash": "sha256-L+qcHpb4Ac3PipMXJY/Ktbu1+KXy23WCZ8pXWmsf7zY=",
+        "owner": "nixos",
+        "repo": "nixpkgs",
+        "rev": "0b20bf89e0035b6d62ad58f9db8fdbc99c2b01e8",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nixos",
+        "ref": "nixos-22.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixpkgs_3": {
       "locked": {
         "lastModified": 1657638268,
         "narHash": "sha256-blBNtQSslAFkg0Gym9fWNJk+bPxGSZib4SOcPrmTPi4=",
@@ -283,7 +335,8 @@
     },
     "root": {
       "inputs": {
-        "nixpkgs": "nixpkgs",
+        "deploy-rs": "deploy-rs",
+        "nixpkgs": "nixpkgs_2",
         "sops-nix": "sops-nix",
         "tlaternet-webserver": "tlaternet-webserver"
       }
@@ -364,6 +417,21 @@
         "type": "git",
         "url": "https://gitea.tlater.net/tlaternet/tlaternet.git"
       }
+    },
+    "utils": {
+      "locked": {
+        "lastModified": 1648297722,
+        "narHash": "sha256-W+qlPsiZd8F3XkzXOzAoR+mpFqzm3ekQkJNa+PIh1BQ=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "0f8662f1319ad6abf89b3380dd2722369fc51ade",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
     }
   },
   "root": "root",
diff --git a/flake.nix b/flake.nix
index a67b314..ec91b53 100644
--- a/flake.nix
+++ b/flake.nix
@@ -3,6 +3,7 @@
 
   inputs = {
     nixpkgs.url = "github:nixos/nixpkgs/nixos-22.05";
+    deploy-rs.url = "github:serokell/deploy-rs";
     sops-nix = {
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
@@ -17,6 +18,7 @@
     self,
     nixpkgs,
     sops-nix,
+    deploy-rs,
     tlaternet-webserver,
   }: let
     system = "x86_64-linux";
@@ -56,6 +58,29 @@
       };
     };
 
+    ############################
+    # Deployment configuration #
+    ############################
+    deploy.nodes.tlaternet = {
+      hostname = "tlater.net";
+
+      profiles.system = {
+        user = "root";
+        path = deploy-rs.lib.${system}.activate.nixos self.nixosConfigurations.tlaternet;
+      };
+
+      sshUser = "tlater";
+      sshOpts = ["-t" "-p" "2222"];
+      fastConnection = true;
+      # Currently broken, see https://github.com/serokell/deploy-rs/issues/78
+      magicRollback = false;
+    };
+
+    #########
+    # Tests #
+    #########
+    checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
+
     ####################
     # Helper functions #
     ####################
@@ -76,7 +101,7 @@
     in {
       type = "app";
       program = builtins.toString (writeShellScript "run-vm" ''
-        export QEMU_OPTS="-m 3941 -smp 2 -curses"
+        export QEMU_OPTS="-m 3941 -smp 2 -display curses"
         export QEMU_NET_OPTS="${qemuNetOpts}"
         "${vm}/bin/run-tlaternet-vm"
       '');
@@ -95,18 +120,13 @@
         nativeBuildInputs = [
           sops-import-keys-hook
         ];
+
         packages = with pkgs; [
           nixfmt
           git-lfs
           sops-init-gpg-key
           deploy-rs-bin
         ];
-
-        shellHook = ''
-          # Work around sudo requiring a full terminal when deploying to
-          # a remote host
-          export NIX_SSHOPTS="-t"
-        '';
       };
   };
 }