diff --git a/.forgejo/workflows/ci.yaml b/.forgejo/workflows/ci.yaml
index 5015d407..34ea634d 100644
--- a/.forgejo/workflows/ci.yaml
+++ b/.forgejo/workflows/ci.yaml
@@ -39,6 +39,12 @@ jobs:
       - uses: actions/checkout@v4
       - run: nix-build -A tests.panel
 
+  check-proxmox-basic:
+    runs-on: native
+    steps:
+      - uses: actions/checkout@v4
+      - run: nix build .#checks.x86_64-linux.proxmox-basic -L
+
   check-deployment-basic:
     runs-on: native
     steps:
diff --git a/deployment/check/proxmox/default.nix b/deployment/check/proxmox/default.nix
new file mode 100644
index 00000000..78aa4046
--- /dev/null
+++ b/deployment/check/proxmox/default.nix
@@ -0,0 +1,37 @@
+{
+  runNixOSTest,
+  sources,
+  system,
+}:
+
+let
+  pkgs = import sources.nixpkgs-stable {
+    inherit system;
+    overlays = [ overlay ];
+  };
+  overlay = _: _: {
+    inherit
+      (import "${sources.proxmox-nixos}/pkgs" {
+        craneLib = pkgs.callPackage "${sources.crane}/lib" { };
+        # breaks from https://github.com/NixOS/nixpkgs/commit/06b354eb2dc535c57e9b4caaa16d79168f117a26,
+        # which updates libvncserver to 0.9.15, which was not yet patched at https://git.proxmox.com/?p=vncterm.git.
+        inherit pkgs;
+        # not so picky about version for our purposes
+        pkgs-unstable = pkgs;
+      })
+      proxmox-ve
+      pve-ha-manager
+      ;
+  };
+in
+runNixOSTest {
+  node.specialArgs = {
+    inherit
+      sources
+      pkgs
+      ;
+  };
+  imports = [
+    ./proxmoxTest.nix
+  ];
+}
diff --git a/deployment/check/proxmox/proxmoxTest.nix b/deployment/check/proxmox/proxmoxTest.nix
new file mode 100644
index 00000000..70889294
--- /dev/null
+++ b/deployment/check/proxmox/proxmoxTest.nix
@@ -0,0 +1,87 @@
+# https://github.com/SaumonNet/proxmox-nixos/blob/main/tests/vm.nix
+{
+  pkgs,
+  ...
+}:
+
+let
+  # tracking non-tarball downloads seems unsupported still in npins:
+  # https://github.com/andir/npins/issues/163
+  minimalIso = pkgs.fetchurl {
+    url = "https://releases.nixos.org/nixos/24.05/nixos-24.05.7139.bcba2fbf6963/nixos-minimal-24.05.7139.bcba2fbf6963-x86_64-linux.iso";
+    hash = "sha256-plre/mIHdIgU4xWU+9xErP+L4i460ZbcKq8iy2n4HT8=";
+  };
+in
+{
+  name = "proxmox-basic";
+
+  nodes.mypve =
+    { sources, ... }:
+    {
+      imports = [
+        "${sources.proxmox-nixos}/modules/proxmox-ve"
+      ];
+      services.proxmox-ve = {
+        enable = true;
+        ipAddress = "192.168.1.1";
+        vms = {
+          myvm1 = {
+            vmid = 100;
+            memory = 1024;
+            cores = 1;
+            sockets = 1;
+            kvm = true;
+            scsi = [ { file = "local:16"; } ];
+            cdrom = "local:iso/minimal.iso";
+          };
+        };
+      };
+      virtualisation = {
+        additionalPaths = [ minimalIso ];
+        diskSize = 4096;
+        memorySize = 2048;
+      };
+    };
+
+  testScript = ''
+    machine.start()
+    machine.wait_for_unit("pveproxy.service")
+    assert "running" in machine.succeed("pveproxy status")
+
+    # Copy Iso
+    machine.succeed("mkdir -p /var/lib/vz/template/iso/")
+    machine.succeed("cp ${minimalIso} /var/lib/vz/template/iso/minimal.iso")
+
+    # Declarative VM creation
+    machine.wait_for_unit("multi-user.target")
+    machine.succeed("qm stop 100 --timeout 0")
+
+    # Seabios VM creation
+    machine.succeed(
+      "qm create 101 --kvm 0 --bios seabios -cdrom local:iso/minimal.iso",
+      "qm start 101",
+      "qm stop 101 --timeout 0"
+    )
+
+    # Legacy ovmf vm creation
+    machine.succeed(
+      "qm create 102 --kvm 0 --bios ovmf -cdrom local:iso/minimal.iso",
+      "qm start 102",
+      "qm stop 102 --timeout 0"
+    )
+
+    # UEFI ovmf vm creation
+    machine.succeed(
+      "qm create 103 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m -cdrom local:iso/minimal.iso",
+      "qm start 103",
+      "qm stop 103 --timeout 0"
+    )
+
+    # UEFI ovmf vm creation with secure boot
+    machine.succeed(
+      "qm create 104 --kvm 0 --bios ovmf --efidisk0 local:4,efitype=4m,pre-enrolled-keys=1 -cdrom local:iso/minimal.iso",
+      "qm start 104",
+      "qm stop 104 --timeout 0"
+    )
+  '';
+}
diff --git a/deployment/flake-part.nix b/deployment/flake-part.nix
index 952fc694..32e0ef02 100644
--- a/deployment/flake-part.nix
+++ b/deployment/flake-part.nix
@@ -4,9 +4,14 @@
   _class = "flake";
 
   perSystem =
-    { pkgs, ... }:
+    { pkgs, system, ... }:
     {
       checks = {
+        proxmox-basic = import ./check/proxmox {
+          inherit (pkgs.testers) runNixOSTest;
+          inherit sources system;
+        };
+
         deployment-basic = import ./check/basic {
           inherit (pkgs.testers) runNixOSTest;
           inherit inputs sources;
diff --git a/flake.nix b/flake.nix
index b9d71617..cab1e641 100644
--- a/flake.nix
+++ b/flake.nix
@@ -6,7 +6,13 @@
 
   outputs =
     inputs:
-    import ./mkFlake.nix inputs (
+    {
+      nixConfig = {
+        extra-trusted-substituters = "https://cache.saumon.network/proxmox-nixos";
+        extra-trusted-public-keys = "proxmox-nixos:D9RYSWpQQC/msZUWphOY2I5RLH5Dd6yQcaHIuug7dWM=";
+      };
+    }
+    // import ./mkFlake.nix inputs (
       { inputs, sources, ... }:
       {
         imports = [
diff --git a/nixmoxer.conf b/nixmoxer.conf
new file mode 100644
index 00000000..cf98d0b6
--- /dev/null
+++ b/nixmoxer.conf
@@ -0,0 +1,4 @@
+host=192.168.51.81
+verify_ssl=0
+user=kiara@ProcoliX
+password=
diff --git a/npins/sources.json b/npins/sources.json
index ea9606bd..352ccbb5 100644
--- a/npins/sources.json
+++ b/npins/sources.json
@@ -25,6 +25,22 @@
       "url": null,
       "hash": "1w2gsy6qwxa5abkv8clb435237iifndcxq0s79wihqw11a5yb938"
     },
+    "crane": {
+      "type": "GitRelease",
+      "repository": {
+        "type": "GitHub",
+        "owner": "ipetkov",
+        "repo": "crane"
+      },
+      "pre_releases": false,
+      "version_upper_bound": null,
+      "release_prefix": null,
+      "submodules": false,
+      "version": "v0.20.3",
+      "revision": "8468a0c46f81d806fd643ffe389fa80328b21cf4",
+      "url": "https://api.github.com/repos/ipetkov/crane/tarball/v0.20.3",
+      "hash": "0zw4275c3a6572w6vjmn850yddw6n3qagwfcq6ns247cx72fdfx0"
+    },
     "disko": {
       "type": "GitRelease",
       "repository": {
@@ -150,6 +166,32 @@
       "revision": "f33a4d26226c05d501b9d4d3e5e60a3a59991921",
       "url": "https://github.com/nixos/nixpkgs/archive/f33a4d26226c05d501b9d4d3e5e60a3a59991921.tar.gz",
       "hash": "1b6dm1sn0bdpcsmxna0zzspjaixa2dald08005fry5jrbjvwafdj"
+    },
+    "nixpkgs-stable": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "nixos",
+        "repo": "nixpkgs"
+      },
+      "branch": "nixos-25.05",
+      "submodules": false,
+      "revision": "a1ae8ef72f64a845ecce5c6dcf65d546bf7deeb4",
+      "url": "https://github.com/nixos/nixpkgs/archive/a1ae8ef72f64a845ecce5c6dcf65d546bf7deeb4.tar.gz",
+      "hash": "0d7lp30wyy5647gpm8rnihvdcpmgmfr9c5yg4fhl31lsg8mlbg16"
+    },
+    "proxmox-nixos": {
+      "type": "Git",
+      "repository": {
+        "type": "GitHub",
+        "owner": "SaumonNet",
+        "repo": "proxmox-nixos"
+      },
+      "branch": "main",
+      "submodules": false,
+      "revision": "48f39fbe2e8f90f9ac160dd4b6929f3ac06d8223",
+      "url": "https://github.com/SaumonNet/proxmox-nixos/archive/48f39fbe2e8f90f9ac160dd4b6929f3ac06d8223.tar.gz",
+      "hash": "0606qcs8x1jwckd1ivf52rqdmi3lkn66iiqh6ghd4kqx0g2bw3nv"
     }
   },
   "version": 5