From cb204b1edf97194360f80a27f07fbbbdf2c9e49a Mon Sep 17 00:00:00 2001 From: Erwin Boskma Date: Thu, 26 Jan 2023 11:36:08 +0100 Subject: [PATCH 1/3] Enable envfs --- machines/mimir/configuration.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/machines/mimir/configuration.nix b/machines/mimir/configuration.nix index 12c24f7..a94b3a1 100644 --- a/machines/mimir/configuration.nix +++ b/machines/mimir/configuration.nix @@ -126,6 +126,8 @@ services.openssh.enable = true; programs.ssh.startAgent = true; + services.envfs.enable = true; + services.xserver.libinput = { enable = true; mouse = { From 7c1a30edafbe46fea324b94229a467507b68311b Mon Sep 17 00:00:00 2001 From: Erwin Boskma Date: Thu, 26 Jan 2023 11:36:19 +0100 Subject: [PATCH 2/3] Update flake.lock MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit • Updated input 'disko': 'github:nix-community/disko/825be2b6275b0b2f1556873acba5b8bea6dd7e4d' (2023-01-23) → 'github:nix-community/disko/d7e178126f05d9b1e5bfbf115c36ec9f75b85e8b' (2023-01-23) • Updated input 'emacs-overlay': 'github:nix-community/emacs-overlay/908646b952e01a03b292cdda646e81b5ced87aa9' (2023-01-23) → 'github:nix-community/emacs-overlay/6b44cc8a441bed3796e6ddc984745fcdeaba8aa4' (2023-01-26) • Updated input 'home-manager': 'github:nix-community/home-manager/275ab728912006eecb549338a50f24f294a7cfb7' (2023-01-20) → 'github:nix-community/home-manager/c59f0eac51da91c6989fd13a68e156f63c0e60b6' (2023-01-24) • Updated input 'hyprland': 'github:Hyprwm/Hyprland/cb98242ea7faff04dad3ae166aff7126184f17c5' (2023-01-22) → 'github:Hyprwm/Hyprland/fc89e70a1fb74429ad0f772d399325f69e65b357' (2023-01-25) • Updated input 'nil': 'github:oxalica/nil/3f84b783d36d564c4380631ab48d771e2558cb81' (2023-01-19) → 'github:oxalica/nil/6e5321582ca7595455edf2a9643f83ce390d0a71' (2023-01-24) • Updated input 'nixos-hardware': 'github:NixOS/nixos-hardware/7bd6b87b3712e68007823e8dd5c37ee9b114fee3' (2023-01-15) → 'github:NixOS/nixos-hardware/b7ac0a56029e4f9e6743b9993037a5aaafd57103' (2023-01-24) • Updated input 'nixpkgs': 'github:nixos/nixpkgs/5ed481943351e9fd354aeb557679624224de38d5' (2023-01-20) → 'github:nixos/nixpkgs/1b1f50645af2a70dc93eae18bfd88d330bfbcf7f' (2023-01-23) • Updated input 'pre-commit-hooks': 'github:cachix/pre-commit-hooks.nix/53e766957b73298fa68b47478c48cbcc005cc18a' (2023-01-19) → 'github:cachix/pre-commit-hooks.nix/7bdf85f6bbef581eb687838d19f2b35a4c9d77f0' (2023-01-24) • Updated input 'rust-overlay': 'github:oxalica/rust-overlay/57b363f390f031b8b8d26235c2d21b0ad5a84640' (2023-01-23) → 'github:oxalica/rust-overlay/480f9cc37db841d1fd3ac0b0c059d48e5eb6946c' (2023-01-26) • Updated input 'sops': 'github:Mic92/sops-nix/51fdbd2d6fc2a7ba318e823a12609276bcc4dbe9' (2023-01-22) → 'github:Mic92/sops-nix/b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c' (2023-01-24) --- flake.lock | 60 +++++++++++++++++++++++++++--------------------------- 1 file changed, 30 insertions(+), 30 deletions(-) diff --git a/flake.lock b/flake.lock index 06ff1e3..ab1febe 100644 --- a/flake.lock +++ b/flake.lock @@ -31,11 +31,11 @@ ] }, "locked": { - "lastModified": 1674462584, - "narHash": "sha256-iHJMot3aNi0U8mDtc1WY6ug8Dre4QwGcjFkBtmH9qU4=", + "lastModified": 1674484560, + "narHash": "sha256-VhAgNQSSWeX53PXRaszaBW39f1ekvKSQhH5Ijy0H/RM=", "owner": "nix-community", "repo": "disko", - "rev": "825be2b6275b0b2f1556873acba5b8bea6dd7e4d", + "rev": "d7e178126f05d9b1e5bfbf115c36ec9f75b85e8b", "type": "github" }, "original": { @@ -54,11 +54,11 @@ ] }, "locked": { - "lastModified": 1674439070, - "narHash": "sha256-MyUdGR0vYs0rM8aDfZ4kOigbyppTpFvKi16Wi7S6keo=", + "lastModified": 1674727661, + "narHash": "sha256-yiT8F+VrFS5xnDwfb6kLYitAztXuxiblhz8+AP6T28g=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "908646b952e01a03b292cdda646e81b5ced87aa9", + "rev": "6b44cc8a441bed3796e6ddc984745fcdeaba8aa4", "type": "github" }, "original": { @@ -176,11 +176,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1674250603, - "narHash": "sha256-SBolFspxBHpW3hCCDNAFXUiO2mucmkVmf17UmSIK3Cs=", + "lastModified": 1674556204, + "narHash": "sha256-HCRmkZsq01h2Evch08zpgE9jeHdMtGdT1okWotyvuhY=", "owner": "nix-community", "repo": "home-manager", - "rev": "275ab728912006eecb549338a50f24f294a7cfb7", + "rev": "c59f0eac51da91c6989fd13a68e156f63c0e60b6", "type": "github" }, "original": { @@ -199,11 +199,11 @@ "xdph": "xdph" }, "locked": { - "lastModified": 1674403405, - "narHash": "sha256-FPOER3tINOEI+oWQGeiWLkpCudVJC3V8wk5cvP9857s=", + "lastModified": 1674661101, + "narHash": "sha256-iFFUngau5KHjsKScLhovpb7kCMjJvw/mXXOj6I62sVM=", "owner": "Hyprwm", "repo": "Hyprland", - "rev": "cb98242ea7faff04dad3ae166aff7126184f17c5", + "rev": "fc89e70a1fb74429ad0f772d399325f69e65b357", "type": "github" }, "original": { @@ -266,11 +266,11 @@ ] }, "locked": { - "lastModified": 1674113703, - "narHash": "sha256-au1KKVBZTyWulPxmy3CtNzJQrQWPZtTjwcfD/bDftgo=", + "lastModified": 1674573236, + "narHash": "sha256-VN1KG1Sh9s5IpLzVhCYAQcBITh4jmG8gl0F4wBX8lVk=", "owner": "oxalica", "repo": "nil", - "rev": "3f84b783d36d564c4380631ab48d771e2558cb81", + "rev": "6e5321582ca7595455edf2a9643f83ce390d0a71", "type": "github" }, "original": { @@ -281,11 +281,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1673803274, - "narHash": "sha256-zaJDlHFXewT4KUsidMpRcPE+REymGH1Y3Eoc3Pjv4Xs=", + "lastModified": 1674550793, + "narHash": "sha256-ljJlIFQZwtBbzWqWTmmw2O5BFmQf1A/DspwMOQtGXHk=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "7bd6b87b3712e68007823e8dd5c37ee9b114fee3", + "rev": "b7ac0a56029e4f9e6743b9993037a5aaafd57103", "type": "github" }, "original": { @@ -296,11 +296,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1674211260, - "narHash": "sha256-xU6Rv9sgnwaWK7tgCPadV6HhI2Y/fl4lKxJoG2+m9qs=", + "lastModified": 1674459583, + "narHash": "sha256-L0UZl/u2H3HGsrhN+by42c5kNYeKtdmJiPzIRvEVeiM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "5ed481943351e9fd354aeb557679624224de38d5", + "rev": "1b1f50645af2a70dc93eae18bfd88d330bfbcf7f", "type": "github" }, "original": { @@ -398,11 +398,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1674122161, - "narHash": "sha256-9QM4rvgUSEwO8DWtJN9sR/afEqrH1s3b6ACsZT5wiAM=", + "lastModified": 1674550893, + "narHash": "sha256-HXI8AB96PP7UZ7iPANACXM8qc9eMz0ljxBEDM8JJKhY=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "53e766957b73298fa68b47478c48cbcc005cc18a", + "rev": "7bdf85f6bbef581eb687838d19f2b35a4c9d77f0", "type": "github" }, "original": { @@ -442,11 +442,11 @@ ] }, "locked": { - "lastModified": 1674440843, - "narHash": "sha256-kMCGL1wADpbcgGiMgj1pcOxbLy2zfmzsn46YCMWwtIE=", + "lastModified": 1674699969, + "narHash": "sha256-gkhhGV7zBVoEIl1sFSz67r0d8fTeY57coY/+zDzxrbk=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "57b363f390f031b8b8d26235c2d21b0ad5a84640", + "rev": "480f9cc37db841d1fd3ac0b0c059d48e5eb6946c", "type": "github" }, "original": { @@ -463,11 +463,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1674356914, - "narHash": "sha256-gY5vsvZD7u2vQhrFU89kKHrwTVfsbJermcpeiXVbzXA=", + "lastModified": 1674546403, + "narHash": "sha256-vkyNv0xzXuEnu9v52TUtRugNmQWIti8c2RhYnbLG71w=", "owner": "Mic92", "repo": "sops-nix", - "rev": "51fdbd2d6fc2a7ba318e823a12609276bcc4dbe9", + "rev": "b6ab3c61e2ca5e07d1f4eb1b67304e2670ea230c", "type": "github" }, "original": { From 25f77884ec27394f84ff67d5470d9cff09985980 Mon Sep 17 00:00:00 2001 From: Erwin Boskma Date: Fri, 27 Jan 2023 15:36:05 +0100 Subject: [PATCH 3/3] Microvm experiments --- flake.lock | 24 ++++++++++++++++++ flake.nix | 6 +++++ machines/mimir/configuration.nix | 42 +++++++++++++++++++++++++++++++- 3 files changed, 71 insertions(+), 1 deletion(-) diff --git a/flake.lock b/flake.lock index ab1febe..1bd96c3 100644 --- a/flake.lock +++ b/flake.lock @@ -233,6 +233,29 @@ "type": "github" } }, + "microvm": { + "inputs": { + "flake-utils": [ + "flake-utils" + ], + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1674747738, + "narHash": "sha256-FSaBkfXiKo6jdvjUx/SJhM/+h+QQIxFu7cCXs8uxZ6Q=", + "owner": "astro", + "repo": "microvm.nix", + "rev": "0a3d48e06b8c04beb3de0a3283bd1ef29fe4a47d", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "microvm.nix", + "type": "github" + } + }, "naersk": { "inputs": { "nixpkgs": [ @@ -420,6 +443,7 @@ "ha-now-playing": "ha-now-playing", "home-manager": "home-manager", "hyprland": "hyprland", + "microvm": "microvm", "naersk": "naersk", "nil": "nil", "nixos-hardware": "nixos-hardware", diff --git a/flake.nix b/flake.nix index a7cc79c..28caef6 100644 --- a/flake.nix +++ b/flake.nix @@ -36,6 +36,12 @@ inputs.flake-utils.follows = "flake-utils"; }; + microvm = { + url = "github:astro/microvm.nix"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.flake-utils.follows = "flake-utils"; + }; + sops = { url = "github:Mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/machines/mimir/configuration.nix b/machines/mimir/configuration.nix index a94b3a1..4adbdbb 100644 --- a/machines/mimir/configuration.nix +++ b/machines/mimir/configuration.nix @@ -2,7 +2,7 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ nixos-hardware, nomachine, ... }: +{ nixos-hardware, nomachine, microvm, ... }: { pkgs, ... }: { imports = @@ -13,6 +13,8 @@ nixos-hardware.nixosModules.common-pc-ssd "${nomachine}/nixos/modules/services/admin/nomachine.nix" + microvm.nixosModules.host + ./hardware-configuration.nix ../../users/erwin @@ -94,13 +96,32 @@ 7000 ]; }; + + nat = { + enable = true; + internalInterfaces = [ "microvm" ]; + externalInterface = "enp4s0"; + }; }; + microvm.autostart = [ + "miniflux" + ]; + systemd.network = { enable = true; wait-online.extraArgs = [ "--interface=enp4s0" ]; + netdevs = { + "10-microvm" = { + netdevConfig = { + Kind = "bridge"; + Name = "microvm"; + }; + }; + }; + networks = { "40-enp4s0" = { enable = true; @@ -120,6 +141,25 @@ Name = "enp5s0f1"; }; }; + + "10-microvm" = { + matchConfig = { + Name = "microvm"; + }; + + addresses = [ + { addressConfig.Address = "172.16.0.1/24"; } + ]; + }; + + "11-microvm" = { + matchConfig = { + Name = "vm-*"; + }; + networkConfig = { + Bridge = "microvm"; + }; + }; }; };