mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-30 03:56:12 +01:00
93 lines
1.8 KiB
Nix
93 lines
1.8 KiB
Nix
|
{ inputs', ... }:
|
||
|
{
|
||
|
systemd.network.netdevs."mvm0" = {
|
||
|
netdevConfig = {
|
||
|
Name = "mvm0";
|
||
|
Kind = "bridge";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
systemd.network.networks."10-mvm0" = {
|
||
|
matchConfig.Name = "mvm0";
|
||
|
networkConfig.Address = "10.80.1.1/24";
|
||
|
linkConfig.RequiredForOnline = "yes";
|
||
|
};
|
||
|
|
||
|
systemd.network.networks."11-mvm-test" = {
|
||
|
matchConfig.Name = "mvm-test";
|
||
|
networkConfig.Bridge = "mvm0";
|
||
|
linkConfig.RequiredForOnline = "no";
|
||
|
};
|
||
|
|
||
|
microvm.services.tcpUdp.test-ssh = {
|
||
|
hostName = "test";
|
||
|
port = 22;
|
||
|
protocol = [ "tcp" ];
|
||
|
};
|
||
|
|
||
|
microvm.services.http.test = {
|
||
|
hostName = "test";
|
||
|
port = 80;
|
||
|
};
|
||
|
|
||
|
microvm.services.icmp.test = {
|
||
|
hostName = "test";
|
||
|
};
|
||
|
|
||
|
microvm.connections.http = [
|
||
|
{
|
||
|
target = "test";
|
||
|
}
|
||
|
];
|
||
|
microvm.connections.tcpUdp = [
|
||
|
{
|
||
|
target = "test-ssh";
|
||
|
}
|
||
|
];
|
||
|
microvm.connections.icmp = [
|
||
|
{
|
||
|
target = "test";
|
||
|
}
|
||
|
];
|
||
|
|
||
|
microvm.vms = {
|
||
|
test.config = {
|
||
|
imports = [ inputs'.self.nixosModules.microvm-extras ];
|
||
|
|
||
|
microvm = {
|
||
|
hostName = "test";
|
||
|
hostsHostName = "omen";
|
||
|
groupId = 1;
|
||
|
taskId = 2;
|
||
|
};
|
||
|
|
||
|
microvm.hypervisor = "cloud-hypervisor";
|
||
|
microvm.shares = [{
|
||
|
source = "/nix/store";
|
||
|
mountPoint = "/nix/.ro-store";
|
||
|
tag = "ro-store";
|
||
|
proto = "virtiofs";
|
||
|
}];
|
||
|
microvm.storeOnDisk = false;
|
||
|
|
||
|
networking.firewall.allowedTCPPorts = [ 80 22 ];
|
||
|
|
||
|
services.nginx = {
|
||
|
enable = true;
|
||
|
virtualHosts."example.com" = {
|
||
|
root = "/var/www/blog";
|
||
|
};
|
||
|
};
|
||
|
|
||
|
users.users.root.password = "";
|
||
|
services.getty.helpLine = ''
|
||
|
Log in as "root" with an empty password.
|
||
|
'';
|
||
|
services.openssh = {
|
||
|
enable = true;
|
||
|
settings.PermitRootLogin = "yes";
|
||
|
};
|
||
|
};
|
||
|
};
|
||
|
}
|