Nio/NixOS-VPS-small
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
NixOS-VPS-small/configuration.nix
Nio 4ab16345e1 Language changed to english
2026-05-12 08:36:41 +02:00

133 lines
3.7 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{ ... }:
{
imports = [
./hardware-configuration.nix
# Add further modules here later, e.g.:
./programs.nix
# ./modules/nextcloud.nix
# ./modules/wireguard.nix
# ./modules/docker.nix
];
# ============================================================
# WORKAROUNDS / FIXES
# ============================================================
# Workaround for https://github.com/NixOS/nix/issues/8502
services.logrotate.checkConfig = false;
# ============================================================
# BOOT
# ============================================================
# Clear /tmp on every boot
boot.tmp.cleanOnBoot = true;
# ============================================================
# MEMORY
# ============================================================
# zram swap (compressed RAM swap, good for small VPS)
zramSwap.enable = true;
# ============================================================
# NETWORKING
# ============================================================
networking = {
hostName = "nixos";
domain = "system";
# Firewall only explicitly allowed ports are open
firewall = {
enable = true;
allowedTCPPorts = [
2405 # SSH
# 80 # HTTP (uncomment when needed)
# 443 # HTTPS (uncomment when needed)
];
};
};
# ============================================================
# TIMEZONE & LOCALISATION
# ============================================================
time.timeZone = "Europe/Berlin";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "de_DE.UTF-8";
LC_IDENTIFICATION = "de_DE.UTF-8";
LC_MEASUREMENT = "de_DE.UTF-8";
LC_MONETARY = "de_DE.UTF-8";
LC_NAME = "de_DE.UTF-8";
LC_NUMERIC = "de_DE.UTF-8";
LC_PAPER = "de_DE.UTF-8";
LC_TELEPHONE = "de_DE.UTF-8";
LC_TIME = "de_DE.UTF-8";
};
# ============================================================
# SSH
# ============================================================
services.openssh = {
enable = true;
ports = [ 2405 ];
settings = {
# Only SSH key authentication, no password login
PasswordAuthentication = false;
# Root login only allowed via SSH key
PermitRootLogin = "prohibit-password";
# Disconnect idle connections after 10 minutes
ClientAliveInterval = 300;
ClientAliveCountMax = 2;
};
};
# ============================================================
# USERS
# ============================================================
users.users.root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAhH+p950yRQHwznrvswAhD9aOMF+UjOFZVJgG0vOv2B"
];
};
# ============================================================
# NIX / SYSTEM
# ============================================================
nix.settings = {
# Automatically deduplicate the nix store
auto-optimise-store = true;
# Enable flakes
experimental-features = [ "nix-command" "flakes" ];
};
# Automatically delete old generations (older than 14 days)
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 14d";
};
# Rebuild alias
programs.bash.shellAliases = {
rebuild = "sudo nixos-rebuild switch --flake /etc/nixos#nixos";
};
programs.zsh.shellAliases = {
rebuild = "sudo nixos-rebuild switch --flake /etc/nixos#nixos";
};
# ============================================================
# STATE VERSION DO NOT CHANGE
# Indicates with which NixOS version this system was initialised.
# Affects certain default settings.
# ============================================================
system.stateVersion = "23.11";
}
Reference in a new issue View git blame Copy permalink