manage a DigitalOcean virtual machine with nixos

Add a new machine on DigitalOcean and provision it using terraform +
nixos-anywhere. This takes care of bringing the machine up on nixos
completely, and use a static SSH host key in order to configure
wireguard at the same time.

1 files changed, 5 insertions, 14 deletions

diff --git a/machines/nixos/x86_64-linux/vm-synology.nix b/machines/nixos/x86_64-linux/vm-synology.nix
index 309c3a6..468d0dd 100644
--- a/machines/nixos/x86_64-linux/vm-synology.nix
+++ b/machines/nixos/x86_64-linux/vm-synology.nix
@@ -1,4 +1,5 @@
 {
+  lib,
   adminUser,
   config,
   self,
@@ -37,7 +38,11 @@
 
   # Use the systemd-boot EFI boot loader.
   boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.systemd-boot.enable = true;
+
   networking.hostName = "vm-synology";
+  networking.useDHCP = lib.mkDefault true;
+  systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP;
 
   home-manager.users.${adminUser.name} = {
     imports = [
@@ -45,20 +50,6 @@
     ];
   };
 
-  services.cloudflared = {
-    enable = true;
-    certificateFile = config.age.secrets.cloudflared-cert.path;
-    tunnels = {
-      "cragmont" = {
-        credentialsFile = config.age.secrets.cloudflared-tunnel.path;
-        default = "http_status:404";
-        ingress = {
-          "git.fcuny.net".service = "ssh://127.0.0.1:22";
-        };
-      };
-    };
-  };
-
   my.modules.nas-client = {
     enable = true;
     volumes = {