From e663d1890e388b901f95e63359b5f06192bd4999 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Wed, 10 Apr 2024 09:23:22 +0200
Subject: [PATCH] add digitalocean

---
 dev/test-configurations.nix             |  6 ++++++
 docs/nixos/hardware.md                  |  6 ++++++
 nixos/default.nix                       |  1 +
 nixos/hardware/digitalocean/droplet.nix | 17 +++++++++++++++++
 4 files changed, 30 insertions(+)
 create mode 100644 nixos/hardware/digitalocean/droplet.nix

diff --git a/dev/test-configurations.nix b/dev/test-configurations.nix
index b769826..f1bf7eb 100644
--- a/dev/test-configurations.nix
+++ b/dev/test-configurations.nix
@@ -50,6 +50,12 @@ in
       self.nixosModules.hardware-amazon
     ];
   };
+  example-hardware-digitalocean-droplet = nixosSystem {
+    modules = [
+      dummy
+      self.nixosModules.hardware-digitalocean-droplet
+    ];
+  };
   example-hardware-hetzner-cloud = nixosSystem {
     modules = [
       dummy
diff --git a/docs/nixos/hardware.md b/docs/nixos/hardware.md
index 23a8e25..57925a6 100644
--- a/docs/nixos/hardware.md
+++ b/docs/nixos/hardware.md
@@ -10,6 +10,12 @@ Hardware configuration for <https://aws.amazon.com/ec2> instances.
 
 The main difference here is that the default userdata service is replaced by cloud-init.
 
+### `nixosModules.hardware-digitalocean`
+
+Hardware configuration for <https://www.digitalocean.com/> instances.
+
+Enables cloud-init but turns of non-working dhcp.
+
 ### `nixosModules.hardware-hetzner-cloud`
 
 Hardware configuration for <https://www.hetzner.com/cloud> instances.
diff --git a/nixos/default.nix b/nixos/default.nix
index 4a8dd85..aaf9820 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -39,6 +39,7 @@ exposeModules ./. [
   ./common
   ./desktop
   ./hardware/amazon
+  ./hardware/digitalocean/droplet.nix
   ./hardware/hetzner-cloud
   ./hardware/hetzner-cloud/arm.nix
   ./hardware/hetzner-online/amd.nix
diff --git a/nixos/hardware/digitalocean/droplet.nix b/nixos/hardware/digitalocean/droplet.nix
new file mode 100644
index 0000000..397ed90
--- /dev/null
+++ b/nixos/hardware/digitalocean/droplet.nix
@@ -0,0 +1,17 @@
+{ modulesPath, lib, ... }:
+{
+  imports = [
+    (modulesPath + "/virtualisation/digital-ocean-config.nix")
+    ../../mixins/cloud-init.nix
+  ];
+  services.cloud-init.settings.datasource_list = [ "DigitalOcean" ];
+  services.cloud-init.settings.datasource.DigitalOcean = { };
+  networking.useDHCP = lib.mkForce false;
+
+  # we disable mutable users in srvos
+  virtualisation.digitalOcean.setRootPassword = false;
+  # we don't allow to read ssh keys from /root/.ssh/authorized_keys
+  virtualisation.digitalOcean.setSshKeys = false;
+  # This assumes that there is NixOS configuration in /etc/nixos and channels beeing used.
+  virtualisation.digitalOcean.rebuildFromUserData = false;
+}