Nio/NixOS-VPS-small
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial commit

Browse source
This commit is contained in:
System administrator 2026-05-11 19:36:00 +02:00
commit c362a58363
3 changed files with 142 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

121
configuration.nix Normal file
View file

@ -0,0 +1,121 @@
{ ... }:
{
imports = [
./hardware-configuration.nix
# Add further modules here later, e.g.:
./programs.nix
# ./modules/nextcloud.nix
# ./modules/wireguard.nix
# ./modules/docker.nix
];
# ============================================================
# WORKAROUNDS / FIXES
# ============================================================
# Workaround for https://github.com/NixOS/nix/issues/8502
services.logrotate.checkConfig = false;
# ============================================================
# BOOT
# ============================================================
# Clear /tmp on every boot
boot.tmp.cleanOnBoot = true;
# ============================================================
# MEMORY
# ============================================================
# zram swap (compressed RAM swap, good for small VPS)
zramSwap.enable = true;
# ============================================================
# NETWORKING
# ============================================================
networking = {
hostName = "nixos";
domain = "system";
# Firewall only explicitly allowed ports are open
firewall = {
enable = true;
allowedTCPPorts = [
2405 # SSH
# 80 # HTTP (uncomment when needed)
# 443 # HTTPS (uncomment when needed)
];
};
};
# ============================================================
# TIMEZONE & LOCALISATION
# ============================================================
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "de_DE.UTF-8";
# ============================================================
# SSH
# ============================================================
services.openssh = {
enable = true;
ports = [ 2405 ];
settings = {
# Only SSH key authentication, no password login
PasswordAuthentication = false;
# Root login only allowed via SSH key
PermitRootLogin = "prohibit-password";
# Disconnect idle connections after 10 minutes
ClientAliveInterval = 300;
ClientAliveCountMax = 2;
};
};
# ============================================================
# USERS
# ============================================================
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAhH+p950yRQHwznrvswAhD9aOMF+UjOFZVJgG0vOv2B"
];
};
# ============================================================
# NIX / SYSTEM
# ============================================================
nix.settings = {
# Automatically deduplicate the nix store
auto-optimise-store = true;
# Enable flakes
experimental-features = [ "nix-command" "flakes" ];
};
# Automatically delete old generations (older than 14 days)
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
# Rebuild alias
programs.bash.shellAliases = {
rebuild = "sudo nixos-rebuild switch --flake /etc/nixos#nixos";
};
programs.zsh.shellAliases = {
rebuild = "sudo nixos-rebuild switch --flake /etc/nixos#nixos";
};
# ============================================================
# STATE VERSION DO NOT CHANGE
# Indicates with which NixOS version this system was initialised.
# Affects certain default settings.
# ============================================================
system.stateVersion = "23.11";
}

9
hardware-configuration.nix Normal file
View file

@ -0,0 +1,9 @@
{ modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot.loader.grub.device = "/dev/vda";
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/vda1"; fsType = "ext4"; };
}

12
programs.nix Normal file
View file

@ -0,0 +1,12 @@
{pkgs, ...}:
{
environment.systemPackages = with pkgs; [
# General
git
htop
ncdu
];
}