migrates dnsc-vps-sm

modules/hosts/dnsc-vps-sm/_hardware-configuration.nix

@@ -0,0 +1,22 @@
+{
+  config,
+  lib,
+  modulesPath,
+  ...
+}:
+
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "uhci_hcd"
+    "xen_blkfront"
+    "vmw_pvscsi"
+  ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = {
+    device = "/dev/sda1";
+    fsType = "ext4";
+  };
+}

modules/hosts/dnsc-vps-sm/_networking.nix

@@ -0,0 +1,58 @@
+{
+  lib,
+  ...
+}:
+
+{
+  # This file was populated at runtime with the networking
+  # details gathered from the active system.
+  networking = {
+    nameservers = [
+      "8.8.8.8"
+    ];
+    defaultGateway = "172.31.1.1";
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "eth0";
+    };
+    dhcpcd.enable = false;
+    usePredictableInterfaceNames = lib.mkForce false;
+    interfaces = {
+      eth0 = {
+        ipv4.addresses = [
+          {
+            address = "91.99.21.186";
+            prefixLength = 32;
+          }
+        ];
+        ipv6.addresses = [
+          {
+            address = "2a01:4f8:1c1a:cdfb::1";
+            prefixLength = 64;
+          }
+          {
+            address = "fe80::9400:4ff:fe27:8245";
+            prefixLength = 64;
+          }
+        ];
+        ipv4.routes = [
+          {
+            address = "172.31.1.1";
+            prefixLength = 32;
+          }
+        ];
+        ipv6.routes = [
+          {
+            address = "fe80::1";
+            prefixLength = 128;
+          }
+        ];
+      };
+
+    };
+  };
+  services.udev.extraRules = ''
+    ATTR{address}=="96:00:04:27:82:45", NAME="eth0"
+
+  '';
+}

modules/hosts/dnsc-vps-sm/default.nix

@@ -0,0 +1,75 @@
+{ inputs, config, ... }:
+let
+  hostname = "dnsc-vps-sm";
+  secretsDir = "${inputs.self}/secrets";
+in
+{
+  flake.nixosConfigurations.${hostname} = inputs.nixpkgs.lib.nixosSystem {
+    system = "x86_64-linux";
+    modules = with config.flake.modules.nixos; [
+      inputs.agenix.nixosModules.default
+      home-manager
+      base
+      server-shell
+      git
+      ssh
+      cli-tools
+      nix
+      restic
+      caddy
+      vaultwarden
+      uptime-kuma
+      homepage
+      actual-server
+
+      (
+        { config, ... }:
+        {
+          imports = [
+            ./_hardware-configuration.nix
+            ./_networking.nix
+          ];
+
+          networking.hostName = hostname;
+          networking.hostId = "e5d5a602";
+          networking.domain = "dnsc.io";
+          networking.firewall = {
+            enable = true;
+            allowedTCPPorts = [
+              22
+              80
+              443
+            ];
+          };
+
+          system.stateVersion = "24.11";
+          boot.tmp.cleanOnBoot = true;
+          zramSwap.enable = true;
+          # Fix due to https://github.com/NixOS/nixpkgs/issues/180175
+          systemd.services.NetworkManager-wait-online.enable = false;
+
+          # Secrets for this machine
+          age = {
+            identityPaths = [
+              "${config.users.users.dennis.home}/.ssh/id_ed25519"
+            ];
+            secrets."vaultwarden/env" = {
+              file = "${secretsDir}/vaultwarden/env";
+            };
+            secrets."restic/password" = {
+              file = "${secretsDir}/restic/password.age";
+            };
+          };
+
+          # Custom Module Options
+          restic.repository = "sftp:dnsc-storage:restic/dnsc-server";
+          restic.backupPaths = [
+            "/var/backup/vaultwarden"
+            "/data/actual-server"
+            # TODO: Include memos path, maybe uptime kuma
+          ];
+        }
+      )
+    ];
+  };
+}