tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add second hypervisor

Browse source
This commit is contained in:
tbarnouin 2024-09-17 14:48:19 +02:00
parent eab1652615
commit 5496ce5300
4 changed files with 312 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

67
flake.nix
View file

@ -14,25 +14,24 @@
outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }: outputs = inputs@{ self, nixpkgs, home-manager, microvm, ... }:
let let
hostName = "nixmox-perseverance";
system = "x86_64-linux"; system = "x86_64-linux";
username = "tbarnouin"; username = "tbarnouin";
proxy_host = "192.168.1.40"; proxy_host = "192.168.1.40";
in in
{ {
nixosConfigurations = { nixosConfigurations = {
${hostName} = nixpkgs.lib.nixosSystem { nixmox-perseverance = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [
./hosts/${hostName}/configuration.nix ./hosts/nixmox-perseverance/configuration.nix
{ {
networking.hostName = hostName; networking.hostName = nixmox-perseverance;
} }
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.${username} = import ./hosts/${hostName}/home.nix; home-manager.users.${username} = import ./hosts/nixmox-perseverance/home.nix;
} }
microvm.nixosModules.host microvm.nixosModules.host
{ {
@ -68,7 +67,42 @@
specialArgs = { specialArgs = {
inherit inputs; inherit inputs;
inherit username; inherit username;
inherit hostName; inherit proxy_host;
inherit system;
};
};
nixmox-curiosity = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
./hosts/nixmox-curiosity/configuration.nix
{
networking.hostName = nixmox-curiosity;
}
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.${username} = import ./hosts/nixmox-curiosity/home.nix;
}
microvm.nixosModules.host
{
microvm = {
autostart = [
"jellyfin"
];
vms = {
jellyfin = {
flake = self;
updateFlake = "git+file:///etc/nixos";
};
};
};
}
];
specialArgs = {
inherit inputs;
inherit username;
inherit proxy_host; inherit proxy_host;
inherit system; inherit system;
}; };
@ -92,6 +126,27 @@
} }
]; ];
}; };
jellyfin = nixpkgs.lib.nixosSystem {
inherit system;
modules = [
microvm.nixosModules.microvm
"${inputs.self}/systems"
"${inputs.self}/services"
{
services.vm_jellyfin = {
enable = true;
};
services.vm = {
enable = true;
hostname = "jellyfin";
vm_ip = "192.168.1.42";
vm_cpu = 4;
vm_mem = 8192;
macAddr = "02:00:00:00:00:42";
};
}
];
};
redis = nixpkgs.lib.nixosSystem { redis = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
modules = [ modules = [

105
hosts/nixmox-curiosity/configuration.nix Normal file
View file

@ -0,0 +1,105 @@
{ config, lib, pkgs, ... }:
{ imports = [ ./hardware-configuration.nix ];
nix = {
settings = {
experimental-features = [ "nix-command" "flakes" ];
trusted-users = [ "@wheel" ];
auto-optimise-store = true;
};
gc = {
automatic = true;
dates = "daily";
options = "--delete older-than 3d";
};
};
security.sudo.wheelNeedsPassword = false;
networking= {
useNetworkd = true;
firewall.allowedTCPPorts = [ 22 ];
};
systemd.network = {
enable = true;
netdevs."br0" = {
netdevConfig = {
Name = "br0";
Kind = "bridge";
};
};
networks = {
"10-lan" = {
matchConfig.Name = ["ens18" "vm-*"];
networkConfig = {
Bridge = "br0";
};
};
"10-lan-bridge" = {
matchConfig.Name = "br0";
networkConfig = {
Address = ["192.168.1.67/24"];
Gateway = "192.168.1.254";
DNS = ["192.168.1.254"];
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
};
time.timeZone = "Europe/Paris";
i18n.defaultLocale = "fr_FR.UTF-8";
console = {
useXkbConfig = true; # use xkb.options in tty.
};
users.users = {
tbarnouin = {
isNormalUser = true;
description = "Théo Barnouin";
extraGroups = [
"networkmanager"
"wheel"
"libvirtd"
"docker"
"render"
"video"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
];
};
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
];
};
};
environment.systemPackages = with pkgs; [
vim
htop
wget
curl
git
neofetch
libvirt
qemu_kvm
nmap
];
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
X11Forwarding = false;
PermitRootLogin = "prohibit-password";
};
};
system.stateVersion = "24.05"; # Did you read the comment?
}

49
hosts/nixmox-curiosity/hardware-configuration.nix Normal file
View file

@ -0,0 +1,49 @@
{ lib, system, ... }:
{
boot = {
# use latest kernel
# kernelPackages = pkgs.linuxPackages_latest;
supportedFilesystems = [ "ext4" "btrfs" "xfs" "fat" "vfat" "cifs" "nfs" ];
growPartition = true;
kernelModules = [ "kvm-intel" ];
kernelParams = lib.mkForce [ ];
loader = {
grub = {
enable = true;
device = "nodev";
efiSupport = true;
efiInstallAsRemovable = true;
};
timeout = lib.mkForce 3;
};
initrd = {
availableKernelModules = [ "9p" "9pnet_virtio" "ata_piix" "uhci_hcd" "virtio_blk" "virtio_mmio" "virtio_net" "virtio_pci" "virtio_scsi" ];
kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ];
};
tmp.cleanOnBoot = true;
};
fileSystems = {
"/" = {
device = "/dev/disk/by-label/nixos";
autoResize = true;
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-label/ESP";
fsType = "vfat";
};
};
services.fstrim = {
enable = true;
interval = "weekly";
};
nixpkgs.hostPlatform = lib.mkDefault system;
}

97
hosts/nixmox-curiosity/home.nix Normal file
View file

@ -0,0 +1,97 @@
{ config, pkgs, ... }:
{
home = {
username = "tbarnouin";
stateVersion = "24.05";
sessionPath = [
"$HOME/.local/bin"
];
file.".ssh/authorized_keys".text = ''
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos
'';
};
programs = {
git = {
enable = true;
};
vim = {
enable = true;
plugins = with pkgs.vimPlugins; [
vim-airline
vim-airline-themes
vim-bufferline
vim-markdown
tabular
];
settings = {
expandtab = true;
ignorecase = true;
smartcase = true;
number = true;
shiftwidth = 2;
tabstop = 2;
};
extraConfig = ''
set nocompatible
filetype on
filetype plugin on
filetype indent on
syntax on
set nobackup
set showcmd
set showmode
set showmatch
set hlsearch
set wrap
set linebreak
set textwidth=0
set wrapmargin=0
set scrolloff=15
highlight ExtraWhitespace ctermbg=red guibg=red
autocmd BufWritePre * :%s/\s\+$//e
inoremap " ""<left>
inoremap \' \'\'<left>
inoremap ( ()<left>
inoremap [ []<left>
inoremap { {}<left>
let g:vim_markdown_folding_disabled = 1
let g:mkdp_auto_start = 1
let g:mkdp_auto_close = 1
let g:airline_theme='molokai'
'';
};
zsh = {
enable = true;
shellAliases = {
ll = "ls -l";
lla = "ls -lah";
terraform = "tofu";
# Nixos
update = "sudo nixos-rebuild switch";
upgrade = "sudo nix-channel --update && sudo nixos-rebuild switch --upgrade";
};
oh-my-zsh = {
enable = true;
plugins =
[
"git"
"terraform"
"sudo"
"docker"
"pip"
"python"
"pyenv"
"pipenv"
];
theme = "bira";
};
};
tmux = {
enable = true;
mouse = true;
};
};
}