Deploying NixOS on the cloud
There are two major things to consider when deploying NixOS systems into the cloud. The first is where to host, the other is how to set it up.
As always, if you have any input such as suggestions, corrections or more data, please ping me on Mastodon and I’d love to hear from you.
Providers
There is a list of NixOS friendly hosters on the wiki, but I have no idea how up-to-date it is.
My criteria are all skewed by the fact that I am an English speaker based on the west coast of the United States. That means additional latency to Europe and I’m subject to a lot of US laws.
- Location
- Local laws and juristictions
- Latency
- Ease of installation
- How easy it is it to install NixOS on their systems? Is it a native option, require a custom image, or a more specialized option?
- Speed
- How much latency is in the network?
- Price
- How much does a box cost? VPS instances are fairly commodified at this point, so prices should be fairly comparable. My benchmark is 2 vCPU with 4 GB of RAM because that will serve most small sites well with overhead for other tasks.
- Support
- How easy is it to contact support?
- Do they speak my language?
- Other offerings
- What other services do they offer if I should choose to expand or require more specialized services? Database hosting, CDN, file hosting, etc.
- Company Values
- I want a company that matches my values and isn’t just an autonomous extractive entity.
Providers I’ve investigated
| Provider | Location | NixOS Support | Notes |
|---|---|---|---|
| Gandi.net | France | Native | Had some billing, latency and packet loss issues. |
| Linode/Akamai | US/Global | Custom ISO | Still setting up |
| Hetzner | Germany/US | Custom ISO | I got blocked here because they do not accept credit-card payment without contacting support. |
| vpsFree.cz | Czech Republic | Native | They operate as a “community” more than a company. |
| Crocuda.com | France | Native | Only accept payment in crypto. IPv6 only. They pride themselves on having no KYC. |
Gandi.net
Last tried: May 2026
I was drawn to them initially because they are based in France and seem relatively professional. I’ve also heard their name come up positively in discussions of domain registrars, so I thought I’d give them a try.
I was able to set up an account fairly quickly, though initially my billing didn’t go through and my account got stuck in a state of pending a charge to fund a pre-paid account. I tried initiating payment for that order, but that just resulted in a new order being created and paid, leaving my account hanging and pending billing verification. Eventually I figured out that I could cancel that first order, putting my account back into the initial state and allowing me to set up billing again which worked.
Setting up a NixOS system was trivial. It is an option in the provisioning flow. I was able to have the system up and running within minutes. They provide a very minimal Nix config whihc is mostly just hardware settings. It was a simple matter to integrate that into a new host configuration, checking that out on the host, building and reboot.
The major issue that I had with this provider was latency. I had a minimum latency of about 150ms, which is just enough to create a noticeable lag when typing. There were occasional spikes in latency and dropped packets which were far more annoying. These would happen for about 1% of pings that I measured and could result in dropped packets for a few seconds at a time.
Linode
TODO
Hetzner
TODO
Crocuda
They have a pretty slick terminal UI that you can access over SSH. It labels itself as being alpha status.
However, only accepting crypto for payments is a bit of a non-started for me. It’s a bit odd since their pricing is all listed in dollars. They’ll give you about $1 in credits, which is enough for about 5 days of usage.
They also pride themselves on no KYC. That’s maybe nice from a privacy standpoint, but they can still access everything on the systems, so your data isn’t private. This makes me think my neighbors on the boxes will not be the most savory folks. I would be wary of my data getting wrapped up in some criminal activity or having my capacity impacted by the actions of my neighbors. A company like this may attract clients who are prone to activities that would get them in trouble with other providers. That could include using exploits to break out of their VMs and affect my data or the stability of the system.
They seem to only support IPv6, which makes it hard to use as a web server.
Prices seem very competitive, at about $10/month for my target system.
Latency is around 180ms.
Installation
If a provider doesn’t support native NixOS then there are a few options. If they support a custom ISO then I can create a NixOS image and load that. Another option is to use one of the tools that allow you to convert an existing system into NixOS, such as nixos-anywhere or nixos-infect.
TODO
Deployments and management
TODO
- morph - Morph is a tool for managing existing NixOS hosts - basically a fancy wrapper around nix-build, nix copy, nix-env, /nix/store/…/bin/switch-to-configuration, scp and more. Morph supports updating multiple hosts in a row, and with support for health checks makes it fairly safe to do so.
- colmena - Colmena is a simple, stateless NixOS deployment tool modeled after NixOps and morph, written in Rust. It’s a thin wrapper over Nix commands like nix-instantiate and nix-copy-closure, and supports parallel deployment.
- NixOps - NixOps is a tool for deploying to NixOS machines in a network or the cloud.