swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2026-04-14 13:19:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat[server]: first working microvm

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-12-24 14:48:27 +01:00 committed by Leon Schwarzäugl
parent e00defbd83
commit 2f4ebcba44
40 changed files with 759 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

40
modules/shared/config-lib.nix
View file

@ -1,4 +1,4 @@
{ config, lib, globals, nixosConfig ? null, ... }:
{ self, config, lib, globals, inputs, outputs, minimal, nixosConfig ? null, ... }:
{
_module.args = {
confLib = rec {
@ -36,6 +36,44 @@
proxyAddress4 = globals.hosts.${proxy}.wanAddress4 or null;
proxyAddress6 = globals.hosts.${proxy}.wanAddress6 or null;
};
mkMicrovm =
if config.swarselsystems.withMicroVMs then
(guestName: {
${guestName} = {
backend = "microvm";
autostart = true;
modules = [
(config.node.configDir + /guests/${guestName}.nix)
{
node.secretsDir = config.node.configDir + /secrets/${guestName};
node.configDir = config.node.configDir + /guests/${guestName};
networking.nftables.firewall = {
zones.untrusted.interfaces = lib.mkIf
(
lib.length config.guests.${guestName}.networking.links == 1
)
config.guests.${guestName}.networking.links;
};
}
"${self}/modules/nixos/optional/microvm-guest.nix"
];
microvm = {
system = config.node.arch;
baseMac = config.repo.secrets.local.networking.networks.lan.mac;
interfaces.vlan-services = { };
};
extraSpecialArgs = {
inherit (outputs) nodes;
inherit (inputs.self.pkgs.${config.node.arch}) lib;
inherit inputs outputs minimal;
inherit (inputs) self;
withHomeManager = false;
globals = outputs.globals.${config.node.arch};
};
};
}) else (_: { _ = { }; });
};
};
}