feat: Add deploy-rs integration with basic configuration

- Add deploy-rs as flake input
- Configure deploy.nodes for all 4 machines (sleeper-service, grey-area, reverse-proxy, congenital-optimist)
- Include safety features: autoRollback, magicRollback, activation timeouts
- Add deploy-rs checks for validation
- Successfully tested dry-run deployment

This completes Tasks 1-3 from the deploy-rs integration roadmap.

.taskmaster/config.json

@@ -1,8 +1,8 @@
 {
   "models": {
     "main": {
-      "provider": "openai",
+      "provider": "openrouter",
-      "modelId": "qwen3:4b",
+      "modelId": "deepseek/deepseek-chat-v3-0324:free",
       "maxTokens": 4096,
       "temperature": 0.2,
       "baseURL": "http://grey-area:11434/v1"
@@ -32,6 +32,7 @@
     "bedrockBaseURL": "https://bedrock.us-east-1.amazonaws.com",
     "vertexProjectId": "your-gcp-project-id",
     "vertexLocation": "us-central1",
-    "userId": "1234567890"
+    "userId": "1234567890",
+    "defaultTag": "master"
   }
 }

.taskmaster/reports/task-complexity-report.json

@@ -0,0 +1,10 @@
+{
+  "meta": {
+    "generatedAt": "2025-06-14T14:52:56.566Z",
+    "tasksAnalyzed": 0,
+    "thresholdScore": 5,
+    "projectName": "Home Lab Infrastructure",
+    "usedResearch": false
+  },
+  "complexityAnalysis": []
+}

.taskmaster/state.json

@@ -0,0 +1,6 @@
+{
+  "currentTag": "master",
+  "lastSwitched": "2025-06-15T07:35:25.838Z",
+  "branchTagMapping": {},
+  "migrationNoticeShown": false
+}

flake.lock

@@ -1,17 +1,53 @@
 {
   "nodes": {
+    "deploy-rs": {
+      "inputs": {
+        "flake-compat": "flake-compat",
+        "nixpkgs": "nixpkgs",
+        "utils": "utils"
+      },
+      "locked": {
+        "lastModified": 1749105467,
+        "narHash": "sha256-hXh76y/wDl15almBcqvjryB50B0BaiXJKk20f314RoE=",
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "rev": "6bc76b872374845ba9d645a2f012b764fecd765f",
+        "type": "github"
+      },
+      "original": {
+        "owner": "serokell",
+        "repo": "deploy-rs",
+        "type": "github"
+      }
+    },
+    "flake-compat": {
+      "flake": false,
+      "locked": {
+        "lastModified": 1733328505,
+        "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
+        "type": "github"
+      },
+      "original": {
+        "owner": "edolstra",
+        "repo": "flake-compat",
+        "type": "github"
+      }
+    },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1749024892,
+        "lastModified": 1743014863,
-        "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
+        "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=",
         "owner": "NixOS",
         "repo": "nixpkgs",
-        "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
+        "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f",
         "type": "github"
       },
       "original": {
         "owner": "NixOS",
-        "ref": "nixos-25.05",
+        "ref": "nixpkgs-unstable",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -32,11 +68,61 @@
         "type": "github"
       }
     },
+    "nixpkgs_2": {
+      "locked": {
+        "lastModified": 1749024892,
+        "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-25.05",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
     "root": {
       "inputs": {
-        "nixpkgs": "nixpkgs",
+        "deploy-rs": "deploy-rs",
+        "nixpkgs": "nixpkgs_2",
         "nixpkgs-unstable": "nixpkgs-unstable"
       }
+    },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
+    "utils": {
+      "inputs": {
+        "systems": "systems"
+      },
+      "locked": {
+        "lastModified": 1731533236,
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
+        "type": "github"
+      },
+      "original": {
+        "owner": "numtide",
+        "repo": "flake-utils",
+        "type": "github"
+      }
     }
   },
   "root": "root",

flake.nix

@@ -4,12 +4,14 @@
   inputs = {
     nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
     nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
+    deploy-rs.url = "github:serokell/deploy-rs";
   };
 
   outputs = {
     self,
     nixpkgs,
     nixpkgs-unstable,
+    deploy-rs,
     ...
   } @ inputs: let
     system = "x86_64-linux";
@@ -146,6 +148,68 @@
       };
     };
 
+    # Deploy-rs configuration for automated deployments
+    deploy.nodes = {
+      sleeper-service = {
+        hostname = "sleeper-service.tail807ea.ts.net";
+        profiles.system = {
+          user = "root";
+          path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.sleeper-service;
+          sshUser = "sma";
+          sudo = "sudo -u";
+          autoRollback = true;
+          magicRollback = true;
+          activationTimeout = 180;
+          confirmTimeout = 30;
+        };
+      };
+
+      grey-area = {
+        hostname = "grey-area.tail807ea.ts.net";
+        profiles.system = {
+          user = "root";
+          path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.grey-area;
+          sshUser = "sma";
+          sudo = "sudo -u";
+          autoRollback = true;
+          magicRollback = true;
+          activationTimeout = 180;
+          confirmTimeout = 30;
+        };
+      };
+
+      reverse-proxy = {
+        hostname = "reverse-proxy.tail807ea.ts.net";
+        profiles.system = {
+          user = "root";
+          path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.reverse-proxy;
+          sshUser = "sma";
+          sudo = "sudo -u";
+          autoRollback = true;
+          magicRollback = true;
+          activationTimeout = 240; # VPS might be slower
+          confirmTimeout = 30;
+        };
+      };
+
+      congenital-optimist = {
+        hostname = "congenital-optimist.tail807ea.ts.net";
+        profiles.system = {
+          user = "root";
+          path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.congenital-optimist;
+          sshUser = "sma";
+          sudo = "sudo -u";
+          autoRollback = true;
+          magicRollback = true;
+          activationTimeout = 180;
+          confirmTimeout = 30;
+        };
+      };
+    };
+
+    # Deploy-rs checks (recommended by deploy-rs)
+    checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib;
+
     # Formatter for Nix files
     formatter.${system} = nixpkgs.legacyPackages.${system}.alejandra;
   };

packages/claude-task-master-ai.nix

@@ -4,7 +4,6 @@
   fetchurl,
   nodejs,
 }:
-
 buildNpmPackage rec {
   pname = "task-master-ai";
   version = "0.16.2";

packages/default.nix

@@ -1,6 +1,4 @@
-{ pkgs ? import <nixpkgs> { } }:
+{pkgs ? import <nixpkgs> {}}: {
-
-{
   # Custom packages for Home-lab infrastructure
 
   # Home-lab administration command-line tool