lightly-toasted/nix-config
1
0
Fork 0
mirror of https://github.com/lightly-toasted/nix-config.git synced 2025-10-04 07:25:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: add vps host configurations

Browse source
This commit is contained in:
lightly-toasted 2025-09-24 17:47:00 +09:00
parent 14fdc3875f
commit d7179b75a8
12 changed files with 113 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
flake.nix
View file

@ -43,6 +43,11 @@
specialArgs = { inherit inputs rootPath; }; specialArgs = { inherit inputs rootPath; };
modules = [ ./hosts/wsl/configuration.nix ]; modules = [ ./hosts/wsl/configuration.nix ];
}; };
vps = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs rootPath; };
modules = [ ./hosts/vps/configuration.nix ];
};
}; };
homeConfigurations = { homeConfigurations = {

25
home/hosts/vps.nix Normal file
View file

@ -0,0 +1,25 @@
{ config, pkgs, inputs, ... }:
{
imports = [
inputs.nixvim.homeManagerModules.nixvim
inputs.nixcord.homeModules.nixcord
inputs.nix-flatpak.homeManagerModules.nix-flatpak
inputs.sops-nix.homeManagerModules.sops
../modules/cli/git.nix
../modules/cli/ripgrep.nix
../modules/cli/sops.nix
../modules/cli/yazi.nix
../modules/cli/zsh.nix
];
home = {
username = "toast";
homeDirectory = "/home/toast";
stateVersion = "24.11";
};
nixpkgs.config.allowUnfree = true;
systemd.user.startServices = "sd-switch";
}

16
hosts/vps/configuration.nix Normal file
View file

@ -0,0 +1,16 @@
{ inputs, ... }:
{
imports = [
inputs.sops-nix.nixosModules.sops
] ++ (
let
modulesPath = ./modules;
moduleFiles = builtins.attrNames (builtins.readDir modulesPath);
in
map (module: modulesPath + ("/" + module)) moduleFiles
);
system.stateVersion = "23.11";
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

9
hosts/vps/modules/boot.nix Normal file
View file

@ -0,0 +1,9 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix" )];
boot.tmp.cleanOnBoot = true;
boot.loader.grub.device = "/dev/vda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
}

4
hosts/vps/modules/filesystem.nix Normal file
View file

@ -0,0 +1,4 @@
{
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
swapDevices = [ { device = "/dev/vda2"; } ];
}

8
hosts/vps/modules/network.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, pkgs, ... }:
{
networking.hostName = "vps";
networking.domain = "";
networking.firewall.enable = true;
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
}

7
hosts/vps/modules/services/default.nix Normal file
View file

@ -0,0 +1,7 @@
{
imports = [
./tailscale.nix
./vaultwarden.nix
./openssh.nix
];
}

3
hosts/vps/modules/services/openssh.nix Normal file
View file

@ -0,0 +1,3 @@
{
services.openssh.enable = true;
}

11
hosts/vps/modules/services/tailscale.nix Normal file
View file

@ -0,0 +1,11 @@
{ config, pkgs, ... }:
{
sops.secrets."tailscale/authkey" = { };
services.tailscale = {
enable = true;
authKeyFile = config.sops.secrets."tailscale/authkey".path;
useRoutingFeatures = "both";
};
}

9
hosts/vps/modules/services/vaultwarden.nix Normal file
View file

@ -0,0 +1,9 @@
{
services.vaultwarden = {
enable = true;
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
};
};
}

8
hosts/vps/modules/sops.nix Normal file
View file

@ -0,0 +1,8 @@
{ rootPath, ... }:
{
sops.defaultSopsFile = rootPath + /secrets/secrets.yaml;
sops.defaultSopsFormat = "yaml";
sops.age.keyFile = "/home/toast/.config/sops/age/keys.txt";
}

8
hosts/vps/modules/users.nix Normal file
View file

@ -0,0 +1,8 @@
{
users.users.toast = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOyVXtny3ca64wdJAwcUro+U4sY4r6v97ypIXdedOuhc toast@nixos'' ];
};
users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOyVXtny3ca64wdJAwcUro+U4sY4r6v97ypIXdedOuhc toast@nixos'' ];
}