introduce a module for digital ocean droplet

3 files changed, 78 insertions, 0 deletions

diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix
index 73e144c..bc5c6de 100644
--- a/modules/nixos/default.nix
+++ b/modules/nixos/default.nix
@@ -4,6 +4,7 @@
     ./backups.nix
     ./base.nix
     ./cgroups.nix
+    ./hardware
     ./home-manager.nix
     ./nas-client.nix
     ./nix.nix
diff --git a/modules/nixos/hardware/default.nix b/modules/nixos/hardware/default.nix
new file mode 100644
index 0000000..f6ea0d9
--- /dev/null
+++ b/modules/nixos/hardware/default.nix
@@ -0,0 +1,6 @@
+{ ... }:
+{
+  imports = [
+    ./do-droplet.nix
+  ];
+}
diff --git a/modules/nixos/hardware/do-droplet.nix b/modules/nixos/hardware/do-droplet.nix
new file mode 100644
index 0000000..369d600
--- /dev/null
+++ b/modules/nixos/hardware/do-droplet.nix
@@ -0,0 +1,71 @@
+{ lib, config, ... }:
+let
+  cfg = config.my.modules.hardware.do-droplet;
+in
+{
+  options.my.modules.hardware.do-droplet = {
+    enable = lib.mkEnableOption "DigitalOcean Droplet hardware defaults";
+  };
+
+  config = lib.mkIf cfg.enable {
+    boot.loader.grub = {
+      efiSupport = true;
+      efiInstallAsRemovable = true;
+    };
+
+    networking.useDHCP = lib.mkForce false;
+
+    # this one seems to always be broken
+    systemd.services.growpart.enable = lib.mkForce false;
+
+    # in order to get networking setup we need to enable it in cloud-init
+    # Disables all modules that do not work with NixOS
+    # Based on https://github.com/nix-community/nixos-anywhere-examples/blob/7f945ff0ae676c0eb77360b892add91328dd1f17/digitalocean.nix
+    services.cloud-init = {
+      enable = true;
+      network.enable = true;
+      settings = {
+        datasource_list = [
+          "ConfigDrive"
+          "Digitalocean"
+        ];
+        datasource.ConfigDrive = { };
+        datasource.Digitalocean = { };
+        # Based on https://github.com/canonical/cloud-init/blob/main/config/cloud.cfg.tmpl
+        cloud_init_modules = [
+          "seed_random"
+          "bootcmd"
+          "write_files"
+          "growpart"
+          "resizefs"
+          "set_hostname"
+          "update_hostname"
+          "set_password"
+        ];
+        cloud_config_modules = [
+          "ssh-import-id"
+          "keyboard"
+          "runcmd"
+          "disable_ec2_metadata"
+        ];
+        cloud_final_modules = [
+          "write_files_deferred"
+          "puppet"
+          "chef"
+          "ansible"
+          "mcollective"
+          "salt_minion"
+          "reset_rmc"
+          "scripts_per_once"
+          "scripts_per_boot"
+          "scripts_user"
+          "ssh_authkey_fingerprints"
+          "keys_to_console"
+          "install_hotplug"
+          "phone_home"
+          "final_message"
+        ];
+      };
+    };
+  };
+}