nixos-config/machines/odin/virtualisation.nix

{ pkgs, ... }:
{
  users.users.erwin.extraGroups = [ "incus-admin" ];
  virtualisation = {
    incus = {
      enable = true;
      preseed = {
        networks = [
          {
            config = {
              "ipv4.address" = "10.0.100.1/24";
              "ipv4.nat" = "true";
            };
            name = "incusbr0";
            type = "bridge";
          }
        ];

        profiles = [
          {
            name = "default";
            devices = {
              root = {
                path = "/";
                pool = "default";
                size = "32GiB";
                type = "disk";
              };
            };
          }
          {
            name = "nixos";
            config = {
              "security.nesting" = true;
            };
          }
          {
            name = "privileged";
            config = {
              "security.privileged" = true;
            };
          }
          {
            name = "autostart";
            config = {
              "boot.autostart" = true;
            };
          }
          {
            name = "net-bridged";
            devices = {
              eth0 = {
                type = "nic";
                nictype = "bridged";
                parent = "vmbr0";
              };
            };
          }
          {
            name = "homeassistant";
            devices = {
              root = {
                path = "/";
                pool = "default";
                size = "128GiB";
                type = "disk";
              };

              eth0 = {
                type = "nic";
                nictype = "bridged";
                parent = "vmbr0";
              };

              zigbee = {
                type = "usb";
                productid = "55d4";
                vendorid = "1a86";
              };

              p1 = {
                type = "usb";
                productid = "0403";
                vendorid = "6001";
              };
            };
            config = {
              "limits.cpu" = 4;
              "limits.memory" = "8GiB";
            };
          }
        ];

        storage_pools = [
          {
            config = {
              "lvm.thinpool_name" = "data";
              "lvm.vg_name" = "data";
            };
            driver = "lvm";
            name = "default";
          }
        ];

        config = {
          "oidc.client.id" = "incus";
          "oidc.issuer" = "https://id.datarift.nl/realms/datarift/.well-known/openid-configuration";
          "core.https_address" = "[::]:8443";
        };
      };
    };
  };

  systemd.services = {
    incus = {
      path = [
        pkgs.nftables
        pkgs.lvm2
        pkgs.e2fsprogs
        pkgs.kmod
      ];
      environment = {
        INCUS_UI = pkgs.incus-ui;
      };
    };
    incus-preseed = {
      path = [ pkgs.lvm2 ];
    };
  };

  networking.firewall.allowedTCPPorts = [
    8443

  ];
}
Finish configuration for odin on NUC, update containers for Incus 2024-01-02 22:01:55 +01:00			`{ pkgs, ... }:`
			`{`
			`users.users.erwin.extraGroups = [ "incus-admin" ];`
			`virtualisation = {`
			`incus = {`
			`enable = true;`
			`preseed = {`
			`networks = [`
			`{`
			`config = {`
			`"ipv4.address" = "10.0.100.1/24";`
			`"ipv4.nat" = "true";`
			`};`
			`name = "incusbr0";`
			`type = "bridge";`
			`}`
			`];`

			`profiles = [`
			`{`
			`name = "default";`
			`devices = {`
			`root = {`
			`path = "/";`
			`pool = "default";`
			`size = "32GiB";`
			`type = "disk";`
			`};`
			`};`
			`}`
			`{`
			`name = "nixos";`
			`config = {`
			`"security.nesting" = true;`
			`};`
			`}`
			`{`
			`name = "privileged";`
			`config = {`
			`"security.privileged" = true;`
			`};`
			`}`
			`{`
			`name = "autostart";`
			`config = {`
			`"boot.autostart" = true;`
			`};`
			`}`
			`{`
			`name = "net-bridged";`
			`devices = {`
			`eth0 = {`
			`type = "nic";`
			`nictype = "bridged";`
			`parent = "vmbr0";`
			`};`
			`};`
			`}`
			`{`
			`name = "homeassistant";`
			`devices = {`
			`root = {`
			`path = "/";`
			`pool = "default";`
			`size = "128GiB";`
			`type = "disk";`
			`};`

			`eth0 = {`
			`type = "nic";`
			`nictype = "bridged";`
			`parent = "vmbr0";`
			`};`

			`zigbee = {`
			`type = "usb";`
			`productid = "55d4";`
			`vendorid = "1a86";`
			`};`

			`p1 = {`
			`type = "usb";`
			`productid = "0403";`
			`vendorid = "6001";`
			`};`
			`};`
			`config = {`
			`"limits.cpu" = 4;`
			`"limits.memory" = "8GiB";`
			`};`
			`}`
			`];`

			`storage_pools = [`
			`{`
			`config = {`
			`"lvm.thinpool_name" = "data";`
			`"lvm.vg_name" = "data";`
			`};`
			`driver = "lvm";`
			`name = "default";`
			`}`
			`];`

			`config = {`
			`"oidc.client.id" = "incus";`
			`"oidc.issuer" = "https://id.datarift.nl/realms/datarift/.well-known/openid-configuration";`
			`"core.https_address" = "[::]:8443";`
			`};`
			`};`
			`};`
			`};`

			`systemd.services = {`
			`incus = {`
			`path = [`
			`pkgs.nftables`
			`pkgs.lvm2`
			`pkgs.e2fsprogs`
odin: add nix-ld, remove cockpit, add kmod to incus PATH 2024-01-10 21:54:54 +01:00			`pkgs.kmod`
Finish configuration for odin on NUC, update containers for Incus 2024-01-02 22:01:55 +01:00			`];`
			`environment = {`
			`INCUS_UI = pkgs.incus-ui;`
			`};`
			`};`
			`incus-preseed = {`
			`path = [ pkgs.lvm2 ];`
			`};`
			`};`

			`networking.firewall.allowedTCPPorts = [`
			`8443`

			`];`
			`}`