diff --git a/hosts/containers/deployer/configuration.nix b/hosts/containers/deployer/configuration.nix
new file mode 100644
index 00000000..d63c22ae
--- /dev/null
+++ b/hosts/containers/deployer/configuration.nix
@@ -0,0 +1,66 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+
+{ config, pkgs, lib, ... }:
+
+{
+  imports =
+    [ ../../../lib/lxc-container.nix
+    ../../../lib/shared.nix
+    # ../../../lib/admins.nix
+  ];
+
+  environment.systemPackages = with pkgs; [
+    nixops 
+    pass
+    gnupg
+    ansible
+    manpages
+    man
+    zsh
+    vim
+  ];
+
+  networking = {
+    hostName = "deployer";
+    # usePredictableInterfacenames = false;
+    interfaces.ens18.ipv4.addresses = [{
+        address = "172.20.73.7";
+        prefixLength = 26;
+    }];
+    interfaces.ens18.ipv6.addresses = [{
+        address= "2a02:8106:208:5282:8c15:86ff:fe0f:b018";
+        prefixLength = 64;
+    }];
+
+    nameservers = [ "172.20.72.6" "9.9.9.9" ];
+
+    defaultGateway = {
+       address = "172.20.73.1";
+       interface = "eth0@if23";
+    };
+    #defaultGateway6 = {
+    #  address = "fe80::a800:42ff:fe7a:3246";
+    #  interface = "ens18";
+    #};
+  };
+
+  services.openssh = {
+    enable = true;
+    permitRootLogin = "yes";
+  };
+
+  nix.buildCores = 16;
+  nix.maxJobs = 16;
+
+    users.extraUsers.k-ot = {
+     isNormalUser = true;
+     uid = 1000;
+    extraGroups = [ "wheel" ];
+  };
+
+
+  system.stateVersion = "19.03"; # Did you read the comment?
+
+}
diff --git a/secrets b/secrets
index 993ea1f2..80055e7b 160000
--- a/secrets
+++ b/secrets
@@ -1 +1 @@
-Subproject commit 993ea1f26eee63e153486196f061d0bf10ceae22
+Subproject commit 80055e7b3d9953c92cd59fdb4e297ff907a45c36