From 95d4a32acbbb4b900058d190ad35e56b7bc86abe Mon Sep 17 00:00:00 2001 From: Yan Lin Date: Mon, 8 Sep 2025 20:05:11 +0200 Subject: [PATCH] Add VPS host --- flake.nix | 15 ++++ hosts/nixos/home-default.nix | 2 - hosts/nixos/hs/home.nix | 5 ++ hosts/nixos/vps/disk-config.nix | 48 +++++++++++ hosts/nixos/vps/hardware-configuration.nix | 42 ++++++++++ hosts/nixos/vps/home.nix | 7 ++ hosts/nixos/vps/system.nix | 97 ++++++++++++++++++++++ modules/ssh.nix | 6 ++ 8 files changed, 220 insertions(+), 2 deletions(-) create mode 100644 hosts/nixos/vps/disk-config.nix create mode 100644 hosts/nixos/vps/hardware-configuration.nix create mode 100644 hosts/nixos/vps/home.nix create mode 100644 hosts/nixos/vps/system.nix diff --git a/flake.nix b/flake.nix index 2d216b0..b7744f0 100644 --- a/flake.nix +++ b/flake.nix @@ -44,6 +44,15 @@ ]; }; + nixosConfigurations."vps" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + disko.nixosModules.disko + ./hosts/nixos/vps/system.nix + ./hosts/nixos/vps/disk-config.nix + ]; + }; + homeConfigurations = { "yanlin@imac" = home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.aarch64-darwin; @@ -62,6 +71,12 @@ modules = [ ./hosts/nixos/hs/home.nix ]; extraSpecialArgs = { inherit claude-code nixvim; }; }; + + "yanlin@vps" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages.x86_64-linux; + modules = [ ./hosts/nixos/vps/home.nix ]; + extraSpecialArgs = { inherit claude-code nixvim; }; + }; }; }; } diff --git a/hosts/nixos/home-default.nix b/hosts/nixos/home-default.nix index 2e625df..b3424b2 100644 --- a/hosts/nixos/home-default.nix +++ b/hosts/nixos/home-default.nix @@ -12,7 +12,6 @@ ../../modules/termscp.nix ../../modules/rsync.nix ../../modules/btop.nix - ../../modules/syncthing.nix ../../config/fonts.nix ]; @@ -50,7 +49,6 @@ fastfetch # Development and build tools - texlive.combined.scheme-full python312 uv claude-code.packages.x86_64-linux.claude-code diff --git a/hosts/nixos/hs/home.nix b/hosts/nixos/hs/home.nix index 04ed763..0f6ec26 100644 --- a/hosts/nixos/hs/home.nix +++ b/hosts/nixos/hs/home.nix @@ -3,6 +3,7 @@ { imports = [ ../home-default.nix + ../../../modules/syncthing.nix ]; # hs-specific home configuration @@ -11,5 +12,9 @@ smart-report = "sudo /home/yanlin/.config/nix/scripts/daily-smart-report.sh"; move-inbox = "cp -rl /mnt/storage/Media/downloads/.inbox/* /mnt/storage/Media/downloads/inbox && chown -R yanlin:users /mnt/storage/Media/downloads/inbox"; }; + + home.packages = with pkgs; [ + texlive.combined.scheme-full + ]; } diff --git a/hosts/nixos/vps/disk-config.nix b/hosts/nixos/vps/disk-config.nix new file mode 100644 index 0000000..ee6b175 --- /dev/null +++ b/hosts/nixos/vps/disk-config.nix @@ -0,0 +1,48 @@ +{ + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + # GRUB BIOS boot partition + boot = { + size = "1M"; + type = "EF02"; + }; + # Boot partition + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + # Swap partition + swap = { + size = "4G"; + content = { + type = "swap"; + randomEncryption = false; + }; + }; + # Root partition (remaining space) + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ "defaults" "noatime" ]; + }; + }; + }; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/hosts/nixos/vps/hardware-configuration.nix b/hosts/nixos/vps/hardware-configuration.nix new file mode 100644 index 0000000..ecf2974 --- /dev/null +++ b/hosts/nixos/vps/hardware-configuration.nix @@ -0,0 +1,42 @@ +# Hardware configuration for VPS +# This is a generic configuration suitable for most VPS providers + +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + + # Boot configuration - common kernel modules for VPS environments + boot.initrd.availableKernelModules = [ + "ata_piix" + "uhci_hcd" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + "virtio_blk" + "virtio_net" + "xen_blkfront" + "xen_netfront" + ]; + boot.initrd.kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + # Filesystems are managed by disko configuration + # No filesystem declarations needed here + + # No swap devices configured here - handled by disko + + # Networking hardware + networking.useDHCP = lib.mkDefault true; + + # Hardware-specific settings + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + + # CPU microcode updates + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + + # Enable firmware updates + hardware.enableRedistributableFirmware = lib.mkDefault true; +} \ No newline at end of file diff --git a/hosts/nixos/vps/home.nix b/hosts/nixos/vps/home.nix new file mode 100644 index 0000000..bdd9801 --- /dev/null +++ b/hosts/nixos/vps/home.nix @@ -0,0 +1,7 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ../home-default.nix + ]; +} diff --git a/hosts/nixos/vps/system.nix b/hosts/nixos/vps/system.nix new file mode 100644 index 0000000..df34641 --- /dev/null +++ b/hosts/nixos/vps/system.nix @@ -0,0 +1,97 @@ +{ config, pkgs, ... }: { + imports = [ + ./hardware-configuration.nix + ./disk-config.nix + ../../../modules/tailscale.nix + ../../../modules/borg.nix + ]; + + # GRUB bootloader with UEFI support + boot.loader.grub = { + enable = true; + device = "nodev"; # Required for EFI systems + efiSupport = true; + efiInstallAsRemovable = true; # Better compatibility with VPS + }; + + # Network configuration + networking = { + hostName = "vps"; + hostId = "a8c06f42"; # Required for some services, generated randomly + networkmanager.enable = false; # Use systemd-networkd for VPS + useDHCP = true; # VPS typically use DHCP + firewall = { + enable = true; + allowedTCPPorts = [ 22 ]; # Only SSH by default + }; + }; + + # Set your time zone + time.timeZone = "Europe/Copenhagen"; + + # Select internationalisation properties + i18n.defaultLocale = "en_US.UTF-8"; + + # Enable the OpenSSH daemon + services.openssh = { + enable = true; + settings = { + PermitRootLogin = "prohibit-password"; # Allow key-based root login for nixos-anywhere + PasswordAuthentication = false; + KbdInteractiveAuthentication = false; + }; + }; + + # Root user configuration (for nixos-anywhere initial access) + users.users.root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGVvviqbwBEGDIbAUnmgHQJi+N5Qfvo5u49biWl6R7oC yanlin@MacBook-Air" + ]; + }; + + # Regular user account + users.users.yanlin = { + isNormalUser = true; + description = "yanlin"; + extraGroups = [ "wheel" ]; # Enable sudo + shell = pkgs.zsh; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGVvviqbwBEGDIbAUnmgHQJi+N5Qfvo5u49biWl6R7oC yanlin@MacBook-Air" + ]; + }; + + # Enable sudo for wheel group + security.sudo.wheelNeedsPassword = false; + + # List packages installed in system profile + environment.systemPackages = with pkgs; [ + vim + git + htop + curl + wget + rsync + tmux + tree + lsof + tcpdump + iotop + zsh + home-manager + ]; + + # Enable zsh system-wide (required when set as user shell) + programs.zsh.enable = true; + + # Enable experimental nix features + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + # Allow unfree packages globally + nixpkgs.config.allowUnfree = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + system.stateVersion = "24.05"; # Did you read the comment? +} diff --git a/modules/ssh.nix b/modules/ssh.nix index fae45e2..a6275eb 100644 --- a/modules/ssh.nix +++ b/modules/ssh.nix @@ -45,6 +45,12 @@ identityFile = "~/.ssh/keys/hetzner"; }; + "vps" = { + hostname = "91.98.84.215"; + user = "yanlin"; + identityFile = "~/.ssh/keys/hetzner"; + }; + "storage-box" = { hostname = "u448310.your-storagebox.de"; user = "u448310";