diff --git a/modules/installer/tools/nixos-deploy-network/deploy.nix b/modules/installer/tools/nixos-deploy-network/deploy.nix
new file mode 100644
index 00000000000..8d426780b10
--- /dev/null
+++ b/modules/installer/tools/nixos-deploy-network/deploy.nix
@@ -0,0 +1,61 @@
+{ nixos ? /etc/nixos/nixos
+, nixpkgs ? /etc/nixos/nixpkgs
+, networkExpr
+, infrastructureExpr
+}:
+
+let
+  pkgs = import nixpkgs {};
+  
+  inherit (builtins) attrNames getAttr listToAttrs concatMapStrings;
+  
+  network = import networkExpr;
+  infrastructure = import infrastructureExpr;
+ 
+  generateScript = network: infrastructure: configs:
+    concatMapStrings (configurationName: 
+      let
+        infrastructureElement = getAttr configurationName infrastructure;
+	config = getAttr configurationName configs;
+      in
+      ''
+        echo "=== upgrading ${infrastructureElement.hostName} ==="
+        nix-copy-closure --to ${infrastructureElement.hostName} ${config.system.build.toplevel} \
+        && ssh $NIX_SSHOPTS ${infrastructureElement.hostName} nix-env -p /nix/var/nix/profiles/system --set ${config.system.build.toplevel} \
+        && ssh $NIX_SSHOPTS ${infrastructureElement.hostName} ${config.system.build.toplevel}/bin/switch-to-configuration switch \
+        && { succeeded=$((succeeded + 1)); } \
+        || { failed=$((failed + 1)); echo 'WARNING: upgrade of ${infrastructureElement.hostName} failed!'; }
+      ''
+    ) (attrNames network)
+  ;
+
+  evaluateMachines = network: infrastructure:
+    listToAttrs (map (configurationName:
+      let
+        configuration = getAttr configurationName network;
+        system = (getAttr configurationName infrastructure).system;
+      in
+      { name = configurationName;
+        value = (import "${nixos}/lib/eval-config.nix" {
+          inherit nixpkgs system;
+          modules = [ configuration ];
+          extraArgs = evaluateMachines network infrastructure;
+        }).config; }
+    ) (attrNames (network)))
+  ;
+
+  configs = evaluateMachines network infrastructure;
+in
+pkgs.stdenv.mkDerivation {
+  name = "deploy-script";
+  buildCommand = ''
+    ensureDir $out/bin
+    cat > $out/bin/deploy-systems << "EOF"
+    #! ${pkgs.stdenv.shell} -e
+    failed=0; succeeded=0
+    ${generateScript network infrastructure configs}
+    echo "Upgrade of $failed machines failed, $succeeded machines succeeded.";
+    EOF
+    chmod +x $out/bin/deploy-systems
+  '';
+}
diff --git a/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh b/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh
new file mode 100644
index 00000000000..62463285f0f
--- /dev/null
+++ b/modules/installer/tools/nixos-deploy-network/nixos-deploy-network.sh
@@ -0,0 +1,73 @@
+#! @shell@ -e
+
+# Shows the usage of this command to the user
+
+showUsage()
+{
+    echo "Usage: $0 -n network_expr -i infrastructure_expr"
+    echo "Options:"
+    echo
+    echo "-n,--network        Network Nix expression which captures properties of machines in the network"
+    echo "-i,--infrastructure Infrastructure Nix expression which captures properties of machines in the network"
+    echo "-h,--help           Shows the usage of this command"
+}
+
+# Parse valid argument options
+
+PARAMS=`getopt -n $0 -o n:i:h -l network:,infrastructure:,show-trace,help -- "$@"`
+
+if [ $? != 0 ]
+then
+    showUsage
+    exit 1
+fi
+
+eval set -- "$PARAMS"
+
+# Evaluate valid options
+
+while [ "$1" != "--" ]
+do
+    case "$1" in
+	-n|--network)
+	    networkExpr=`readlink -f $2`
+	    ;;
+	-i|--infrastructure)
+	    infrastructureExpr=`readlink -f $2`
+	    ;;
+	--show-trace)
+	    showTraceArg="--show-trace"
+	    ;;
+	-h|--help)
+	    showUsage
+	    exit 0
+	    ;;
+    esac
+    
+    shift
+done
+
+# Validate the given options
+
+if [ "$infrastructureExpr" = "" ]
+then
+    echo "ERROR: A infrastructure expression must be specified!" >&2
+    exit 1
+fi
+
+if [ "$networkExpr" = "" ]
+then
+    echo "ERROR: A network expression must be specified!" >&2
+    exit 1
+fi
+
+if [ -z "$NIXOS" ]
+then
+    NIXOS=/etc/nixos/nixos
+fi
+
+# Deploy the network
+
+nix-build $NIXOS/deploy.nix --argstr networkExpr $networkExpr --argstr infrastructureExpr $infrastructureExpr $showTraceArg
+./result/bin/deploy-systems
+rm -f result
diff --git a/modules/installer/tools/tools.nix b/modules/installer/tools/tools.nix
index cb4c52f31ef..8dd07c67f91 100644
--- a/modules/installer/tools/tools.nix
+++ b/modules/installer/tools/tools.nix
@@ -11,6 +11,11 @@ let
     isExecutable = true;
   });
   
+  nixosDeployNetwork = makeProg {
+    name = "nixos-deploy-network";
+    src = ./nixos-deploy-network/nixos-deploy-network.sh;
+  };
+  
   nixosInstall = makeProg {
     name = "nixos-install";
     src = ./nixos-install.sh;
@@ -126,7 +131,8 @@ in
 
   config = {
     environment.systemPackages =
-      [ nixosInstall
+      [ nixosDeployNetwork
+        nixosInstall
         nixosRebuild
          nixosHardwareScan
          nixosGenSeccureKeys