From 0a1b2e1b3c664da03e40f1d6ee9998668a4392c7 Mon Sep 17 00:00:00 2001
From: Lander Van den Bulcke <landervandenbulcke@gmail.com>
Date: Sat, 11 Jan 2025 17:13:25 +0100
Subject: [PATCH] feat: add hetzner cloud config

Signed-off-by: Lander Van den Bulcke <landervandenbulcke@gmail.com>
---
 flake.nix                     | 15 ++++++++
 hosts/cloud-1/default.nix     | 64 +++++++++++++++++++++++++++++++++++
 hosts/cloud-1/disk-config.nix | 52 ++++++++++++++++++++++++++++
 hosts/cloud-1/hetzner.nix     | 28 +++++++++++++++
 4 files changed, 159 insertions(+)
 create mode 100644 hosts/cloud-1/default.nix
 create mode 100644 hosts/cloud-1/disk-config.nix
 create mode 100644 hosts/cloud-1/hetzner.nix

diff --git a/flake.nix b/flake.nix
index 773fe88..20a438c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -11,6 +11,10 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    # disko
+    disko.url = "github:nix-community/disko";
+    disko.inputs.nixpkgs.follows = "nixpkgs";
+
     # theme
     catppuccin.url = "github:catppuccin/nix";
 
@@ -18,6 +22,7 @@
     home-manager.url = "github:nix-community/home-manager/release-24.11";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
 
+    # neovim
     nixvim.url = "git+https://codeberg.org/landervdb/nixvim.git";
   };
 
@@ -32,6 +37,7 @@
     in
     {
       nixosConfigurations = {
+        # Workstations
         wodan = nixpkgs.lib.nixosSystem {
           specialArgs = { inherit inputs outputs; };
           modules = [
@@ -44,6 +50,15 @@
             ./hosts/widar
           ];
         };
+
+        # servers
+        cloud-1 = nixpkgs.lib.nixosSystem {
+          system = "aarch64-linux";
+          specialArgs = { inherit inputs outputs; };
+          modules = [
+            ./hosts/cloud-1
+          ];
+        };
       };
     };
 }
diff --git a/hosts/cloud-1/default.nix b/hosts/cloud-1/default.nix
new file mode 100644
index 0000000..ab84e05
--- /dev/null
+++ b/hosts/cloud-1/default.nix
@@ -0,0 +1,64 @@
+{ inputs, pkgs, ... }:
+{
+  imports = [
+    inputs.disko.nixosModules.disko
+
+    ./disk-config.nix
+    {
+      _module.args.disks = [ "/dev/sda" ];
+    }
+    ./hetzner.nix
+  ];
+
+  time.timeZone = "Europe/Helsinki";
+
+  networking.hostName = "cloud-1";
+
+  programs.zsh.enable = true;
+  environment.pathsToLink = [ "/share/zsh" ];
+  environment.shells = [ pkgs.zsh ];
+
+  environment.enableAllTerminfo = true;
+
+  users.users.lander = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    extraGroups = [
+      "wheel"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
+    ];
+  };
+
+  nix = {
+    settings = {
+      trusted-users = [ "lander" ];
+
+      accept-flake-config = true;
+      auto-optimise-store = true;
+    };
+
+    registry = {
+      nixpks = {
+        flake = inputs.nixpkgs;
+      };
+    };
+
+    nixPath = [
+      "nixpkgs=${inputs.nixpkgs.outPath}"
+      "nixos-config=/etc/nixos/configuration.nix"
+      "/nix/var/nix/profiles/per-user/root/channels"
+    ];
+
+    package = pkgs.nixVersions.stable;
+    extraOptions = ''experimental-features = nix-command flakes'';
+
+    gc = {
+      automatic = true;
+      options = "--delete-older-than 7d";
+    };
+  };
+
+  system.stateVersion = "24.11";
+}
diff --git a/hosts/cloud-1/disk-config.nix b/hosts/cloud-1/disk-config.nix
new file mode 100644
index 0000000..aa2e1fa
--- /dev/null
+++ b/hosts/cloud-1/disk-config.nix
@@ -0,0 +1,52 @@
+{
+  lib,
+  disks ? [ "/dev/sda" ],
+  ...
+}:
+{
+  disko.devices = {
+    disk = lib.genAttrs disks (disk: {
+      device = disk;
+      type = "disk";
+      content = {
+        type = "gpt";
+        partitions = {
+          boot = {
+            name = "boot";
+            size = "256M";
+            type = "EF00";
+            content = {
+              type = "filesystem";
+              format = "vfat";
+              mountpoint = "/boot";
+            };
+          };
+          main = {
+            size = "100%";
+            content = {
+              type = "btrfs";
+              extraArgs = [ "-f" ]; # override existing partition
+              subvolumes = {
+                "/" = {
+                  mountOptions = [ "compress=zstd" ];
+                  mountpoint = "/";
+                };
+                "/home" = {
+                  mountOptions = [ "compress=zstd" ];
+                  mountpoint = "/home";
+                };
+                "/nix" = {
+                  mountOptions = [
+                    "compress=zstd"
+                    "noatime"
+                  ];
+                  mountpoint = "/nix";
+                };
+              };
+            };
+          };
+        };
+      };
+    });
+  };
+}
diff --git a/hosts/cloud-1/hetzner.nix b/hosts/cloud-1/hetzner.nix
new file mode 100644
index 0000000..740127e
--- /dev/null
+++ b/hosts/cloud-1/hetzner.nix
@@ -0,0 +1,28 @@
+{ modulesPath, ... }:
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot.loader.grub = {
+    devices = [ "/dev/sda" ];
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+  };
+
+  boot.initrd.kernelModules = [ "virtio_gpu" ];
+  boot.kernelParams = [ "console=tty" ];
+
+  services.openssh = {
+    enable = true;
+    settings.PasswordAuthentication = false;
+    extraConfig = ''
+      PrintLastLog no
+    '';
+  };
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnthKtz0fE4yQ/X10cJgKVCjYCNkRNoqV28xAhD7h2M cardno:22_498_026"
+  ];
+}