dustinswan/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moving stuff to Hetzner. Nixos via nixos-anywhere.

Browse source
This commit is contained in:
Dustin Swan 2026-03-15 19:19:22 -06:00
commit d760d054b9
No known key found for this signature in database
GPG key ID: 30D46587E2100467
5 changed files with 301 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
deploy Normal file
View file

@ -0,0 +1 @@
nixos-rebuild switch --flake .#soleo --target-host root@178.156.171.49 --build-on remote

195
flake.lock generated Normal file
View file

@ -0,0 +1,195 @@
{
"nodes": {
"disko": {
"inputs": {
"nixpkgs": [
"nixos-anywhere",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769524058,
"narHash": "sha256-zygdD6X1PcVNR2PsyK4ptzrVEiAdbMqLos7utrMDEWE=",
"owner": "nix-community",
"repo": "disko",
"rev": "71a3fc97d80881e91710fe721f1158d3b96ae14d",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "master",
"repo": "disko",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nixos-anywhere",
"nixpkgs"
]
},
"locked": {
"lastModified": 1768135262,
"narHash": "sha256-PVvu7OqHBGWN16zSi6tEmPwwHQ4rLPU9Plvs8/1TUBY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "80daad04eddbbf5a4d883996a73f3f542fa437ac",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"nix-vm-test": {
"inputs": {
"nixpkgs": [
"nixos-anywhere",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769079217,
"narHash": "sha256-R6qzhu+YJolxE2vUsPQWWwUKMbAG5nXX3pBtg8BNX38=",
"owner": "Enzime",
"repo": "nix-vm-test",
"rev": "58c15f78947b431d6c206e0966500c7e9139bd2f",
"type": "github"
},
"original": {
"owner": "Enzime",
"ref": "pr-105-latest",
"repo": "nix-vm-test",
"type": "github"
}
},
"nixos-anywhere": {
"inputs": {
"disko": "disko",
"flake-parts": "flake-parts",
"nix-vm-test": "nix-vm-test",
"nixos-images": "nixos-images",
"nixos-stable": "nixos-stable",
"nixpkgs": "nixpkgs",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1769956140,
"narHash": "sha256-D+RQ+DaIC/GVwv5lUs7e8jSmh8aPc77Kg/gRjaS25Zk=",
"owner": "nix-community",
"repo": "nixos-anywhere",
"rev": "92f82c5196a5f8588be4967e535c4cfd35e85902",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-anywhere",
"type": "github"
}
},
"nixos-images": {
"inputs": {
"nixos-stable": [
"nixos-anywhere",
"nixos-stable"
],
"nixos-unstable": [
"nixos-anywhere",
"nixpkgs"
]
},
"locked": {
"lastModified": 1766770015,
"narHash": "sha256-kUmVBU+uBUPl/v3biPiWrk680b8N9rRMhtY97wsxiJc=",
"owner": "nix-community",
"repo": "nixos-images",
"rev": "e4dba54ddb6b2ad9c6550e5baaed2fa27938a5d2",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-images",
"type": "github"
}
},
"nixos-stable": {
"locked": {
"lastModified": 1769598131,
"narHash": "sha256-e7VO/kGLgRMbWtpBqdWl0uFg8Y2XWFMdz0uUJvlML8o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fa83fd837f3098e3e678e6cf017b2b36102c7211",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-25.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1769900851,
"narHash": "sha256-RgCgXS3WiG9c/1wxFM6OXmmv39dSaLLON9VeAbTTAIM=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "30a3e96da641620c63f2e1f345ea434ac78f5de1",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1773389992,
"narHash": "sha256-wvfdLLWJ2I9oEpDd9PfMA8osfIZicoQ5MT1jIwNs9Tk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c06b4ae3d6599a672a6210b7021d699c351eebda",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixos-anywhere": "nixos-anywhere",
"nixpkgs": "nixpkgs_2"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nixos-anywhere",
"nixpkgs"
]
},
"locked": {
"lastModified": 1769691507,
"narHash": "sha256-8aAYwyVzSSwIhP2glDhw/G0i5+wOrren3v6WmxkVonM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "28b19c5844cc6e2257801d43f2772a4b4c050a1b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
}
},
"root": "root",
"version": 7
}

16
flake.nix Normal file
View file

@ -0,0 +1,16 @@
{
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";
inputs.disko.url = "github:nix-community/disko";
inputs.disko.inputs.nixpkgs.follows = "nixpkgs";
outputs = { nixpkgs, disko, ... }: {
nixosConfigurations.soleo = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
disko.nixosModules.disko
./hosts/wsoleo/configuration.nix
./hosts/wsoleo/disk-config.nix
];
};
};
}

64
hosts/soleo/configuration.nix Normal file
View file

@ -0,0 +1,64 @@
{ modulesPath, ... }: {
imports = [ (modulesPath + "/installer/scan/not-detected.nix")
(modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub = {
enable = true;
efiSupport = false;
};
networking.hostName = "soleo";
services.openssh = {
enable = true;
settings.PermitRootLogin = "prohibit-password";
};
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDZABklyeo2an+O94Ra0MLoYGI3LDHnsA+P+CTNye4h3dJHBJXCUV++VcDtBiA5CEDXm4JKvSQPexmN9Gx8lwLGSSR/np3eLh39UjmPvmpahAPqb9HOBoKh4USNX0EmnJAVpOMDQr9Vt7UA49NpaNUXBIfeDwvoG5XAy/CfyyTskCSzZSBORCYNxdk/jWy/fJq85zQbQy35l6KQYsLt3GZJms5WIO0X/4hUiqHOf5FOFXlE9OXSFM31I+faR1lzN3rGPr+tG68mg16Uck4nUKZwBRAHCpoO2aHlyBR7I2EV2ceU6TpAuLnW0RxqPuLsCCXcr96YCydipLR5WERN9cW/05qY7JB12SHZbK4hUTqijGfE8w0iGP4YQvL+H6bfQBJY33+tXF1XvnyqNoaJle3039/W9Sjdzna4DLPh9Ttp/cmJsFLe+qhZTDrlQHnE4u9283R2mLBFRx3tasNYyqfjVgvoR1QFiPQCC6QKAqG4Z5lqz8evslKxfP8bLJPGpVX+z5qjrfVg8D7io1cPyk5HeOgROyBWwmdQNdYqnA/ueFXJGwaXbsDZsrw92rh6lAYp6hWiHvcaShKzKNDfI4N8IS/pLVw/ABnToYLle54t0piWRvZIog5eMVNXUlnOD2Y/LHYB3lBCg5mRfC30DmpONys7f15/48hdsGx77bgV4w== dustin@dustinswan.com"
];
security.acme = {
acceptTerms = true;
defaults.email = "dustin@dustinswan.com";
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
clientMaxBodySize = "500m";
virtualHosts = {
"dustinswan.com" = {
forceSSL = true;
enableACME = true;
serverAliases = [ "www.dustinswan.com" ];
root = "/var/www/dustinswan.com";
};
"git.dustinswan.com" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:3000";
};
};
};
};
services.forgejo = {
enable = true;
settings = {
server = {
DOMAIN = "git.dustinswan.com";
ROOT_URL = "https://git.dustinswan.com";
};
service.DISABLE_REGISTRATION = true;
};
};
networking.firewall.allowedTCPPorts = [ 80 443 ];
system.stateVersion = "25.11";
}

25
hosts/soleo/disk-config.nix Normal file
View file

@ -0,0 +1,25 @@
{
disko.devices = {
disk.main = {
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # BIOS boot partition
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
}