nixos-config/modules/libvirtd/default.nix

68 lines
1.5 KiB
Nix

{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eboskma.libvirtd;
in
{
options.eboskma.libvirtd = { enable = mkEnableOption "libvirtd"; };
config = mkIf (cfg.enable) {
virtualisation.libvirtd = {
enable = true;
allowedBridges = [ "br0" ];
};
systemd.network = {
netdevs = {
"40-br0" = {
enable = true;
netdevConfig = {
Kind = "bridge";
Name = "br0";
};
extraConfig = ''
[Bridge]
STP=yes
'';
};
};
networks = {
"40-br0" = {
enable = true;
matchConfig = {
Name = "br0";
};
linkConfig = {
MACAddress = "04:d9:f5:f9:c2:c6";
};
networkConfig = {
DHCP = "yes";
IPv6PrivacyExtensions = "kernel";
};
};
"40-enp4s0" = {
enable = true;
bridge = [ "br0" ];
matchConfig = {
Name = "enp4s0";
};
networkConfig = {
DHCP = mkForce "no";
IPv6PrivacyExtensions = "kernel";
};
};
};
};
systemd.services.docker = {
serviceConfig = {
ExecStartPre = "${pkgs.iptables}/bin/iptables -I DOCKER-USER -i br0 -o br0 -j ACCEPT";
};
};
users.users.${config.eboskma.var.mainUser}.extraGroups = [ "libvirtd" ];
environment.systemPackages = with pkgs; [ virt-manager ];
};
}