diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
index 231972c5f..c56ac97b7 100644
--- a/.github/workflows/rust.yml
+++ b/.github/workflows/rust.yml
@@ -5,56 +5,55 @@ name: Rust
 
 on:
   push:
-    branches: [ main ]
+    branches: [main]
   pull_request:
-    branches: [ main ]
+    branches: [main]
 
 jobs:
   check-style:
     runs-on: ubuntu-18.04
     steps:
-    # actions/checkout@v2
-    - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
-    - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746
-      with:
-        toolchain: nightly-2021-03-25
-        default: false
-        components: rustfmt
-    - name: Report cargo version
-      run: cargo +nightly-2021-03-25 --version
-    - name: Report rustfmt version
-      run: cargo +nightly-2021-03-25 fmt -- --version
-    - name: Check style
-      run: cargo +nightly-2021-03-25 fmt -- --check
+      - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
+      - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746
+        with:
+          toolchain: nightly-2021-03-25
+          default: false
+          components: rustfmt
+      - name: Report cargo version
+        run: cargo +nightly-2021-03-25 --version
+      - name: Report rustfmt version
+        run: cargo +nightly-2021-03-25 fmt -- --version
+      - name: Check style
+        run: cargo +nightly-2021-03-25 fmt -- --check
 
   clippy-lint:
     runs-on: ubuntu-18.04
     steps:
-    # actions/checkout@v2
-    - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
-    - name: Report cargo version
-      run: cargo --version
-    - name: Report Clippy version
-      run: cargo clippy -- --version
-    - name: Run Clippy Lints
-      run: cargo clippy -- -D warnings
+      - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
+      - name: Report cargo version
+        run: cargo --version
+      - name: Report Clippy version
+        run: cargo clippy -- --version
+      - name: Run Clippy Lints
+        run: cargo clippy -- -D warnings
 
   build-and-test:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ ubuntu-18.04, windows-2019, macos-10.15 ]
+        os: [ubuntu-18.04, windows-2019, macos-10.15]
     steps:
-    # actions/checkout@v2
-    - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
-    - uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746
-      with:
-        profile: minimal
-        toolchain: stable
-        override: true
-    - name: Report cargo version
-      run: cargo --version
-    - name: Build
-      run: cargo build --locked --all-targets --verbose
-    - name: Run tests
-      run: cargo test --locked --verbose
+      - uses: actions/checkout@230611dbd0eb52da1e1f4f7bc8bb0c3a339fc8b7
+      # Temporary fork until https://github.com/actions-rs/toolchain/pull/209 is merged
+      - uses: oxidecomputer/actions-rs_toolchain@ad3f86084a8a5acf2c09cb691421b31cf8af7a36
+        with:
+          profile: minimal
+          override: true
+      - name: Report cargo version
+        run: cargo --version
+      - name: Report rustc version
+        run: rustc --version
+      - name: Build
+        run: cargo build --locked --all-targets --verbose
+      - name: Run tests
+        run: cargo test --locked --verbose
diff --git a/MAINTAINERS.adoc b/MAINTAINERS.adoc
index be80f597e..25c908cab 100644
--- a/MAINTAINERS.adoc
+++ b/MAINTAINERS.adoc
@@ -36,6 +36,17 @@ We currently configure Dependabot to treat Dropshot as an application so that it
 
 If you find yourself trying to debug what Dependabot is doing, you can https://github.com/oxidecomputer/dropshot/network/updates[view its activity on GitHub by clicking the Insights tab, then "Dependency Graph" on the left, and then the "Dependabot" subtab].  You'll see sections for dropshot/Cargo.toml and dropshot_endpoint/Cargo.toml.  For each one, you can click the "Last checked" link to get a log of its last run.  This may only make sense if you've looked at the https://github.com/dependabot/dependabot-core/[source].
 
+== Renovate
+
+Renovate is another dependency management tool which we're utilizing for a smaller set of automated updates. It's currently responsible for opening update PRs for GitHub actions and rust-toolchain versions. The repo's renovate configuration can be found https://github.com/oxidecomputer/dropshot/blob/main/.github/renovate.json[here] with most of the functionality coming from our https://github.com/oxidecomputer/renovate-config[shared renovate config repo]. Refer to the readme of that repo for more information about what shared renovate rules exist and how to configure them. 
+
+=== Dependency Dashboard
+
+Renovate includes the ability to gate dependency updates behind an automated issue called a dependency dashboard. Dropshot's dependency dashboard is at https://github.com/oxidecomputer/dropshot/issues/238[oxidecomputer/dropshot#238]. This functionality is useful to test what types of updates Renovate may queue up on a configuration change without creating unnecessary PRs. The issue itself is created automatically and must be https://docs.renovatebot.com/key-concepts/dashboard/#how-to-disable-the-dashboard[disabled via configuration] if it's no longer needed. 
+
+=== Debugging Renovate
+
+Like Dependabot, Renovate provides a log for update runs related to the project. See https://app.renovatebot.com/dashboard#github/oxidecomputer/dropshot[Dropshot's renovate log].
 
 == Publishing a new release
 
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
new file mode 100644
index 000000000..dacac656f
--- /dev/null
+++ b/rust-toolchain.toml
@@ -0,0 +1,8 @@
+# We use a specific toolchain revision to ensure our tests - which
+# occasionally depend on specific compiler output - remain stable
+# for all developers until the toolchain is explicitly advanced.
+# The intent is to keep this updated as new stable versions are relased.
+
+[toolchain]
+channel = "1.57.0"
+profile = "default"