From 244988d52dbda684973e3c41e451c3f13603896e Mon Sep 17 00:00:00 2001
From: DannyDannyDanny <dth@taiga.ai>
Date: Fri, 24 Apr 2026 16:05:27 +0200
Subject: [PATCH] =?UTF-8?q?fix(vps-relay):=20switch=20to=20GRUB/BIOS=20?=
 =?UTF-8?q?=E2=80=94=20Hetzner=20Cloud=20is=20not=20UEFI=20=F0=9F=A7=B7?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 nixos/disko-cloud.nix     | 15 ++++++---------
 nixos/hosts/vps-relay.nix | 11 ++++++++---
 2 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/nixos/disko-cloud.nix b/nixos/disko-cloud.nix
index dc0a33d..9caa26d 100644
--- a/nixos/disko-cloud.nix
+++ b/nixos/disko-cloud.nix
@@ -1,4 +1,5 @@
 # Disko layout for cloud VPS installs (e.g. Hetzner Cloud).
+# GPT with a 1MB BIOS boot partition (for GRUB on a BIOS system) + root.
 # No LUKS — the provider has physical disk access anyway and there's
 # no operator present at boot to enter a passphrase.
 {
@@ -9,15 +10,11 @@
       content = {
         type = "gpt";
         partitions = {
-          ESP = {
-            size = "512M";
-            type = "EF00";
-            content = {
-              type = "filesystem";
-              format = "vfat";
-              mountpoint = "/boot";
-              mountOptions = [ "fmask=0022" "dmask=0022" ];
-            };
+          # GRUB BIOS boot partition — holds stage-1.5 bootloader code.
+          # Type EF02. No filesystem.
+          BIOSBOOT = {
+            size = "1M";
+            type = "EF02";
           };
           root = {
             size = "100%";
diff --git a/nixos/hosts/vps-relay.nix b/nixos/hosts/vps-relay.nix
index d589cee..00ee58a 100644
--- a/nixos/hosts/vps-relay.nix
+++ b/nixos/hosts/vps-relay.nix
@@ -9,9 +9,14 @@
 
   nixpkgs.hostPlatform = "x86_64-linux";
 
-  # Hetzner Cloud boots EFI with systemd-boot.
-  boot.loader.systemd-boot.enable = true;
-  boot.loader.efi.canTouchEfiVariables = true;
+  # Hetzner Cloud vServers boot in BIOS mode (confirmed via rescue:
+  # /sys/firmware/efi doesn't exist, product_name=vServer). systemd-boot
+  # is UEFI-only, so use GRUB with BIOS MBR support instead.
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/sda";
+    efiSupport = false;
+  };
 
   # Hetzner Cloud cx23 uses QEMU virtio-scsi for the disk and virtio-net
   # for the NIC. Without these modules in initrd, the kernel can't find