commit 0a250ead84c17367b26b0d406d07cb255be1dae2
parent c3a9b0be4c773ee94b409240fc0ae6c2baafc75f
Author: Vincent Demeester <vincent@sbr.pm>
Date: Thu, 11 Jun 2020 15:21:21 +0200
systems: add support for building VMs
… and add foo as a VM (to try things out)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Diffstat:
3 files changed, 79 insertions(+), 2 deletions(-)
diff --git a/default.nix b/default.nix
@@ -26,10 +26,18 @@ let
if cfg ? type && cfg.type == "unstable"
then pkgs-unstable
else pkgs;
+ # If vm == true, build a VM, otherwise build the system
nixos = import (p.path + "/nixos") { inherit configuration system; };
+ main =
+ if cfg ? vm && cfg.vm
+ then nixos.vm
+ else nixos.config.system.build;
in
- nixos.config.system.build;
- mkSystem = name: cfg: (mkNixOS name cfg).toplevel;
+ main;
+ mkSystem = name: cfg:
+ if cfg ? vm && cfg.vm
+ then (mkNixOS name cfg)
+ else (mkNixOS name cfg).toplevel;
# mkDigitalOceanImage = name: arch: (mkNixOS name arch).digitalocean
systemAttrs = (mapAttrs mkSystem (import ./hosts.nix));
diff --git a/hosts.nix b/hosts.nix
@@ -4,5 +4,7 @@
kerkouane = { arch = "x86_64-linux"; };
okinawa = { arch = "x86_64-linux"; };
sakhalin = { arch = "x86_64-linux"; };
+ # Test VM
+ foo = { arch = "x86_64-linux"; type = "unstable"; vm = true; };
# mypi = { arch = "aarch64-linux" };
}
diff --git a/systems/foo.nix b/systems/foo.nix
@@ -0,0 +1,67 @@
+{ lib, ... }:
+
+with lib;
+let
+ hostname = "foo";
+ secretPath = ../secrets/machines.nix;
+ secretCondition = (builtins.pathExists secretPath);
+in
+{
+ imports = [
+ ./modules
+ (import ../users).vincent
+ (import ../users).root
+ ];
+
+ nix.maxJobs = 2;
+
+ fileSystems."/" = {
+ device = "/dev/disk/by-uuid/884a3d57-f652-49b2-9c8b-f6eebd5edbeb";
+ fsType = "ext4";
+ };
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-uuid/C036-34B9";
+ fsType = "vfat";
+ };
+ swapDevices = [{ device = "/dev/disk/by-uuid/e1833693-77ac-4d52-bcc7-54d082788639"; }];
+
+ networking = {
+ hostName = hostname;
+ };
+
+ profiles = {
+ home = true;
+ avahi.enable = true;
+ git.enable = true;
+ ssh.enable = true;
+ dev.enable = true;
+ yubikey.enable = true;
+ };
+
+ services.xserver.enable = true;
+ services.xserver.layout = "fr(bepo),fr";
+ services.xserver.xkbVariant = "oss";
+ services.xserver.displayManager.gdm.enable = true;
+ services.xserver.desktopManager.gnome3.enable = true;
+
+ services.gnome3 = {
+ core-os-services.enable = true;
+ core-shell.enable = true;
+ core-utilities.enable = true;
+ };
+
+ virtualisation.containers = {
+ enable = true;
+ registries = {
+ search = [ "registry.fedoraproject.org" "registry.access.redhat.com" "registry.centos.org" "docker.io" "quay.io" ];
+ };
+ policy = {
+ default = [{ type = "insecureAcceptAnything"; }];
+ transports = {
+ docker-daemon = {
+ "" = [{ type = "insecureAcceptAnything"; }];
+ };
+ };
+ };
+ };
+}