| configuration.nix | ||
| fetchHetznerKeys.nix | ||
| nixos-install-hetzner-cloud.sh | ||
| README.md | ||
Bootstrap NixOS on Hetzner Cloud servers
Based on nix-community/nixops_hcloud.
Basic usage
Run the nixos-install-hetzner-cloud.sh script on the VPS.
curl -L https://git.claudi.tech/claudi/hetzner-nixos-bootstrap/raw/branch/main/nixos-install-hetzner-cloud.sh | sudo bash
Pasting it in the Hetzner Cloud web terminal won't work, you need to use SSH or type it by hand!
Public SSH keys are fetched from Hetzner by the fetchHetznerKeys.nix module.
The configuration.nix enables root login with password maily because it makes the initial NixOps setup easier. If you don't want this, simply remove the services.openssh.permitRootLogin = "yes"; option. This will sill allow root login via SSH.
Example NixOps usage
You could simply use nix-community/nixops_hcloud, but sadly that's currently relatively complicated to install.
Take a look at the NixOps User's Guide.
Create a logical specification and import the hardware-configuration.nix from the VPS, also create a pysical specification pointig to the IP of the VPS.
Logical server specification:
{
network.description = "Test webserver";
webserver = { config, pkgs, ... }: {
imports = [ ./hardware-configuration.nix ];
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.devices = [ "/dev/sda" ];
networking.useDHCP = false;
networking.interfaces.ens3.useDHCP = true;
services.openssh.permitRootLogin = "yes";
services.openssh.enable = true;
environment.systemPackages = with pkgs; [ vim ];
}
}
Pysical server specification:
{
webserver =
{ config, pkgs, ... }:
{ deployment.targetHost = "1.2.3.4"; };
}
To create a deployment use nixops create ./logical.nix ./physical.nix -d webserver and
deploy it with nixops deploy -d webserver. You can SSH into the server with nixops ssh -d webserver webserver.