diff --git a/README.md b/README.md
index 48f98ea..26657cd 100644
--- a/README.md
+++ b/README.md
@@ -78,5 +78,14 @@ See [sops-nix](https://github.com/Mic92/sops-nix)
 
 ## VM Configuration
 
-**TODO**
+Any NixOS VM can be reconfigured remotely by calling:
 
+```bash
+./switch_remote.sh <action> <machine>`
+```
+
+- `<action>` can be any of the [standard nixos-rebuild actions](https://wiki.nixos.org/wiki/Nixos-rebuild), e.g. `boot`, `switch`, etc.
+- `<macine>` should be the FQDN of the machine config to apply.
+
+  The script uses this argument to know how to reach the machine in addition to choosing a nixos configuration from this flake as system source (see [systems/](./systems/)).
+  This also means that you should have a config entry in you SSH config resolving the system name to an IP address (during the event, we will probably have an internal DNS server which also resolves the hostname).
diff --git a/switch_remote.sh b/switch_remote.sh
new file mode 100755
index 0000000..2f044fc
--- /dev/null
+++ b/switch_remote.sh
@@ -0,0 +1,14 @@
+#/usr/bin/env bash
+# a small script for calling nixos-rebuild switch on a remote host but with less repitition
+set -euo pipefail
+
+ACTION=$1
+HOST=$2
+
+exec nixos-rebuild $ACTION \
+  --use-substitutes \
+  --no-build-nix \
+  --use-remote-sudo \
+  --build-host "$HOST" \
+  --target-host "$HOST" \
+  --flake ".#$HOST" \