Configure ops-jrz1 for production deployment to Vultr VPS

- Add hardware-configuration.nix from VPS (45.77.205.49)
- Update configuration.nix with correct boot loader (/dev/vda) and network (ens3)
- Enable Matrix homeserver and dev-platform services in hosts/ops-jrz1.nix
- Configure for clarun.xyz domain with Matrix, Forgejo, and mautrix-slack
- Add SSH authorized keys and enable Nix flakes

Ready to deploy to replace ops-base configuration.

configuration.nix

@@ -4,19 +4,13 @@
   # Main NixOS configuration for ops-jrz1 server
   # Imports host-specific configuration from hosts/ops-jrz1.nix
 
-  # Boot loader configuration (placeholder - will be customized for actual server)
+  # Boot loader configuration (Legacy BIOS for Vultr VPS)
   boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/sda";  # REPLACE_ME with actual device
+  boot.loader.grub.device = "/dev/vda";  # Install to MBR
-
-  # Filesystem configuration (minimal placeholder for flake validation)
-  fileSystems."/" = {
-    device = "/dev/sda1";  # REPLACE_ME with actual device
-    fsType = "ext4";
-  };
 
   # Network configuration
   networking.useDHCP = false;
-  networking.interfaces.eth0.useDHCP = true;  # REPLACE_ME with actual interface
+  networking.interfaces.ens3.useDHCP = true;
 
   # Time zone
   time.timeZone = "UTC";
@@ -32,6 +26,9 @@
     curl
   ];
 
+  # Enable Nix flakes
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
   # SSH configuration
   services.openssh = {
     enable = true;
@@ -41,6 +38,11 @@
     };
   };
 
+  # SSH authorized keys for root
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOqHsgAuD/8LL6HN3fo7X1ywryQG393pyQ19a154bO+h delpad-2025"
+  ];
+
   # Firewall (will be configured for Matrix services)
   networking.firewall = {
     enable = true;

hardware-configuration.nix

@@ -0,0 +1,37 @@
+# Do not modify this file!  It was generated by 'nixos-generate-config'
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [ ];
+
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/c3a5ef45-fe8c-4876-a6fa-d2032dd55524";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/55c7afd1-6709-42af-ac26-5265f2701701";
+      fsType = "ext4";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/b06bd8f8-0662-459e-9172-eafa9cbdd354"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  virtualisation.hypervGuest.enable = true;
+}

hosts/ops-jrz1.nix

@@ -1,12 +1,12 @@
 { config, pkgs, pkgs-unstable, ... }:
 
 {
-  # ops-jrz1 dev/test server configuration
+  # ops-jrz1 production VPS configuration
   # Imports extracted Matrix modules from ops-base
 
   imports = [
-    # Hardware configuration will be added based on server specs
+    # Hardware configuration
-    # ./hardware-configuration.nix
+    ../hardware-configuration.nix
 
     # Matrix platform modules
     ../modules/matrix-continuwuity.nix
@@ -20,32 +20,40 @@
   ];
 
   # System configuration
-  networking.hostName = "ops-jrz1";
+  networking.hostName = "jrz1";
 
-  # Example Matrix homeserver configuration (disabled by default)
+  # Matrix homeserver configuration
-  # Uncomment and configure for actual deployment:
+  services.matrix-homeserver = {
-  # services.matrix-homeserver = {
+    enable = true;
-  #   enable = true;
+    domain = "clarun.xyz";
-  #   domain = "matrix.example.org";
+    port = 8008;
-  #   port = 8008;
+    enableRegistration = true;
-  #   enableRegistration = true;
+    enableFederation = false;
-  #   enableFederation = false;
+  };
-  # };
 
-  # Example mautrix-slack bridge configuration (disabled by default)
+  # Development platform services (Matrix, Forgejo, bridges)
-  # services.mautrix-slack = {
+  services.dev-platform = {
-  #   enable = true;
+    enable = true;
-  #   matrix = {
+    domain = "clarun.xyz";
-  #     homeserverUrl = "http://127.0.0.1:8008";
+
-  #     serverName = "matrix.example.org";
+    matrix = {
-  #   };
+      enable = true;
-  #   bridge = {
+      serverName = "clarun.xyz";
-  #     permissions = {
+      port = 8008;
-  #       "matrix.example.org" = "user";
+    };
-  #       "@admin:matrix.example.org" = "admin";
+
-  #     };
+    forgejo = {
-  #   };
+      enable = true;
-  # };
+      subdomain = "git";
+      port = 3000;
+    };
+
+    slackBridge = {
+      enable = true;
+      workspace = "delpadtech";
+      port = 29319;
+    };
+  };
 
   system.stateVersion = "24.05";
 }