From 25f77884ec27394f84ff67d5470d9cff09985980 Mon Sep 17 00:00:00 2001
From: Erwin Boskma <erwin@horus.nu>
Date: Fri, 27 Jan 2023 15:36:05 +0100
Subject: [PATCH] Microvm experiments

---
 flake.lock                       | 24 ++++++++++++++++++
 flake.nix                        |  6 +++++
 machines/mimir/configuration.nix | 42 +++++++++++++++++++++++++++++++-
 3 files changed, 71 insertions(+), 1 deletion(-)

diff --git a/flake.lock b/flake.lock
index ab1febe..1bd96c3 100644
--- a/flake.lock
+++ b/flake.lock
@@ -233,6 +233,29 @@
         "type": "github"
       }
     },
+    "microvm": {
+      "inputs": {
+        "flake-utils": [
+          "flake-utils"
+        ],
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1674747738,
+        "narHash": "sha256-FSaBkfXiKo6jdvjUx/SJhM/+h+QQIxFu7cCXs8uxZ6Q=",
+        "owner": "astro",
+        "repo": "microvm.nix",
+        "rev": "0a3d48e06b8c04beb3de0a3283bd1ef29fe4a47d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "astro",
+        "repo": "microvm.nix",
+        "type": "github"
+      }
+    },
     "naersk": {
       "inputs": {
         "nixpkgs": [
@@ -420,6 +443,7 @@
         "ha-now-playing": "ha-now-playing",
         "home-manager": "home-manager",
         "hyprland": "hyprland",
+        "microvm": "microvm",
         "naersk": "naersk",
         "nil": "nil",
         "nixos-hardware": "nixos-hardware",
diff --git a/flake.nix b/flake.nix
index a7cc79c..28caef6 100644
--- a/flake.nix
+++ b/flake.nix
@@ -36,6 +36,12 @@
       inputs.flake-utils.follows = "flake-utils";
     };
 
+    microvm = {
+      url = "github:astro/microvm.nix";
+      inputs.nixpkgs.follows = "nixpkgs";
+      inputs.flake-utils.follows = "flake-utils";
+    };
+
     sops = {
       url = "github:Mic92/sops-nix";
       inputs.nixpkgs.follows = "nixpkgs";
diff --git a/machines/mimir/configuration.nix b/machines/mimir/configuration.nix
index a94b3a1..4adbdbb 100644
--- a/machines/mimir/configuration.nix
+++ b/machines/mimir/configuration.nix
@@ -2,7 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 
-{ nixos-hardware, nomachine, ... }:
+{ nixos-hardware, nomachine, microvm, ... }:
 { pkgs, ... }:
 {
   imports =
@@ -13,6 +13,8 @@
       nixos-hardware.nixosModules.common-pc-ssd
       "${nomachine}/nixos/modules/services/admin/nomachine.nix"
 
+      microvm.nixosModules.host
+
       ./hardware-configuration.nix
 
       ../../users/erwin
@@ -94,13 +96,32 @@
         7000
       ];
     };
+
+    nat = {
+      enable = true;
+      internalInterfaces = [ "microvm" ];
+      externalInterface = "enp4s0";
+    };
   };
 
+  microvm.autostart = [
+    "miniflux"
+  ];
+
   systemd.network = {
     enable = true;
 
     wait-online.extraArgs = [ "--interface=enp4s0" ];
 
+    netdevs = {
+      "10-microvm" = {
+        netdevConfig = {
+          Kind = "bridge";
+          Name = "microvm";
+        };
+      };
+    };
+
     networks = {
       "40-enp4s0" = {
         enable = true;
@@ -120,6 +141,25 @@
           Name = "enp5s0f1";
         };
       };
+
+      "10-microvm" = {
+        matchConfig = {
+          Name = "microvm";
+        };
+
+        addresses = [
+          { addressConfig.Address = "172.16.0.1/24"; }
+        ];
+      };
+
+      "11-microvm" = {
+        matchConfig = {
+          Name = "vm-*";
+        };
+        networkConfig = {
+          Bridge = "microvm";
+        };
+      };
     };
   };