tbarnouin/nixos-hypervisor
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Format using alejandra
All checks were successful
/ Build Nix targets (push) Successful in 3m36s
Details

Browse source
This commit is contained in:
Théo Barnouin 2025-01-23 14:13:19 +01:00
parent 1a25b198ef
commit 781ce2d5e9
24 changed files with 610 additions and 505 deletions
Download patch file Download diff file Expand all files Collapse all files

53
systems/minimalLXCConfig.nix
View file

@ -1,15 +1,20 @@
{ config, pkgs, lib, inputs, modulesPath, ... }:
{
config,
pkgs,
lib,
inputs,
modulesPath,
...
}: {
nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
settings.trusted-users = [ "root" "@wheel" ];
settings.experimental-features = ["nix-command" "flakes"];
settings.trusted-users = ["root" "@wheel"];
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 22 9002 ];
allowedTCPPorts = [22 9002];
};
};
@ -30,7 +35,7 @@
console.keyMap = "fr";
i18n.defaultLocale = "fr_FR.UTF-8";
environment.sessionVariables = rec {
TERM = "xterm-256color";
TERM = "xterm-256color";
};
nix.gc = {
@ -43,7 +48,7 @@
users = {
users.tbarnouin = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
@ -66,7 +71,7 @@
};
ohMyZsh = {
enable = true;
plugins = [ "git" ];
plugins = ["git"];
theme = "bira";
};
};
@ -78,21 +83,21 @@
nixpkgs.config.allowUnfree = true;
environment = {
localBinInPath = true;
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
services = {
openssh = {
@ -118,7 +123,7 @@
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
enabledCollectors = ["systemd"];
port = 9002;
};
};

71
systems/minimalMicrovmConfig.nix
View file

@ -1,8 +1,14 @@
{ config, pkgs, lib, inputs, modulesPath, microvm, ... }:
let
cfg = config.services.micro_vm;
in
{
config,
pkgs,
lib,
inputs,
modulesPath,
microvm,
...
}: let
cfg = config.services.micro_vm;
in {
options.services.micro_vm = {
enable = lib.mkEnableOption "Enable NixOS microvm config";
hostname = lib.mkOption {
@ -53,11 +59,13 @@ in
mountPoint = "/run/secrets/${cfg.hostname}";
}
];
interfaces = [ {
type = "tap";
id = "vm-${cfg.hostname}";
mac = "${cfg.macAddr}";
} ];
interfaces = [
{
type = "tap";
id = "vm-${cfg.hostname}";
mac = "${cfg.macAddr}";
}
];
hypervisor = "qemu";
socket = "control.socket";
@ -76,14 +84,14 @@ in
};
nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
settings.trusted-users = [ "root" "@wheel" ];
settings.experimental-features = ["nix-command" "flakes"];
settings.trusted-users = ["root" "@wheel"];
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 22 9002 ];
allowedTCPPorts = [22 9002];
};
};
@ -91,7 +99,7 @@ in
console.keyMap = "fr";
i18n.defaultLocale = "fr_FR.UTF-8";
environment.sessionVariables = rec {
TERM = "xterm-256color";
TERM = "xterm-256color";
};
nix.gc = {
@ -104,7 +112,7 @@ in
users = {
users.tbarnouin = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
@ -127,7 +135,7 @@ in
};
ohMyZsh = {
enable = true;
plugins = [ "git" ];
plugins = ["git"];
theme = "bira";
};
};
@ -139,21 +147,21 @@ in
nixpkgs.config.allowUnfree = true;
environment = {
localBinInPath = true;
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
services = {
openssh = {
@ -179,7 +187,7 @@ in
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
enabledCollectors = ["systemd"];
port = 9002;
};
};
@ -192,4 +200,3 @@ in
};
};
}

53
systems/minimalVMConfig.nix
View file

@ -1,15 +1,20 @@
{ config, pkgs, lib, inputs, modulesPath, ... }:
{
config,
pkgs,
lib,
inputs,
modulesPath,
...
}: {
nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
settings.trusted-users = [ "root" "@wheel" ];
settings.experimental-features = ["nix-command" "flakes"];
settings.trusted-users = ["root" "@wheel"];
};
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 22 9002 ];
allowedTCPPorts = [22 9002];
};
};
@ -17,7 +22,7 @@
console.keyMap = "fr";
i18n.defaultLocale = "fr_FR.UTF-8";
environment.sessionVariables = rec {
TERM = "xterm-256color";
TERM = "xterm-256color";
};
nix.gc = {
@ -30,7 +35,7 @@
users = {
users.tbarnouin = {
isNormalUser = true;
extraGroups = [ "wheel" ];
extraGroups = ["wheel"];
shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxccGxdfOFXeEClqz3ULl94ubzaJnk4pUus+ek18G0B tbarnouin@nixos"
@ -53,7 +58,7 @@
};
ohMyZsh = {
enable = true;
plugins = [ "git" ];
plugins = ["git"];
theme = "bira";
};
};
@ -65,21 +70,21 @@
nixpkgs.config.allowUnfree = true;
environment = {
localBinInPath = true;
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
systemPackages = with pkgs; [
vim
bash
wget
curl
git
htop
tree
dig
ncdu
nmap
iperf3
netcat-openbsd
];
};
services = {
cloud-init.network.enable = true;
@ -106,7 +111,7 @@
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" ];
enabledCollectors = ["systemd"];
port = 9002;
};
};