Best practices for auto-updating remotely deployed systems

I’ve recently set up a server with Colmena, but before I decided to do that my original plan was “clone the git repo with all my other configs, push/pull whenever i make changes on my laptop, and have system.autoUpgrade on”.

With Colmena however, the configuration doesn’t make it to the server, so system.autoUpgrade isn’t an option as I see it (since it basically runs nixos-rebuild)…so I’m wondering if there’s an alternative that combines being able to “push” updated configs to remote targets as well as said targets auto-updating

I’ve wondered this as well. I think the way this is typically handled in an organizational setting is to set up CI/CD that can do a deploy when the repo changes, and then use something like dependabot to automatically update dependencies. You can of course do manual updates, or use a little cronjob to automate that process on the laptop.

Sorry, that’s kind of a non-answer, but the best I’ve got for you.