home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 0a250ead84c17367b26b0d406d07cb255be1dae2
parent c3a9b0be4c773ee94b409240fc0ae6c2baafc75f
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Thu, 11 Jun 2020 15:21:21 +0200

systems: add support for building VMs

… and add foo as a VM (to try things out)

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Mdefault.nix | 12++++++++++--
Mhosts.nix | 2++
Asystems/foo.nix | 67+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 79 insertions(+), 2 deletions(-)

diff --git a/default.nix b/default.nix @@ -26,10 +26,18 @@ let if cfg ? type && cfg.type == "unstable" then pkgs-unstable else pkgs; + # If vm == true, build a VM, otherwise build the system nixos = import (p.path + "/nixos") { inherit configuration system; }; + main = + if cfg ? vm && cfg.vm + then nixos.vm + else nixos.config.system.build; in - nixos.config.system.build; - mkSystem = name: cfg: (mkNixOS name cfg).toplevel; + main; + mkSystem = name: cfg: + if cfg ? vm && cfg.vm + then (mkNixOS name cfg) + else (mkNixOS name cfg).toplevel; # mkDigitalOceanImage = name: arch: (mkNixOS name arch).digitalocean systemAttrs = (mapAttrs mkSystem (import ./hosts.nix)); diff --git a/hosts.nix b/hosts.nix @@ -4,5 +4,7 @@ kerkouane = { arch = "x86_64-linux"; }; okinawa = { arch = "x86_64-linux"; }; sakhalin = { arch = "x86_64-linux"; }; + # Test VM + foo = { arch = "x86_64-linux"; type = "unstable"; vm = true; }; # mypi = { arch = "aarch64-linux" }; } diff --git a/systems/foo.nix b/systems/foo.nix @@ -0,0 +1,67 @@ +{ lib, ... }: + +with lib; +let + hostname = "foo"; + secretPath = ../secrets/machines.nix; + secretCondition = (builtins.pathExists secretPath); +in +{ + imports = [ + ./modules + (import ../users).vincent + (import ../users).root + ]; + + nix.maxJobs = 2; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/884a3d57-f652-49b2-9c8b-f6eebd5edbeb"; + fsType = "ext4"; + }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/C036-34B9"; + fsType = "vfat"; + }; + swapDevices = [{ device = "/dev/disk/by-uuid/e1833693-77ac-4d52-bcc7-54d082788639"; }]; + + networking = { + hostName = hostname; + }; + + profiles = { + home = true; + avahi.enable = true; + git.enable = true; + ssh.enable = true; + dev.enable = true; + yubikey.enable = true; + }; + + services.xserver.enable = true; + services.xserver.layout = "fr(bepo),fr"; + services.xserver.xkbVariant = "oss"; + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome3.enable = true; + + services.gnome3 = { + core-os-services.enable = true; + core-shell.enable = true; + core-utilities.enable = true; + }; + + virtualisation.containers = { + enable = true; + registries = { + search = [ "registry.fedoraproject.org" "registry.access.redhat.com" "registry.centos.org" "docker.io" "quay.io" ]; + }; + policy = { + default = [{ type = "insecureAcceptAnything"; }]; + transports = { + docker-daemon = { + "" = [{ type = "insecureAcceptAnything"; }]; + }; + }; + }; + }; +}