mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

fix: update microvm definitions to new combined guests option

Browse source
This commit is contained in:
oddlama 2023-12-21 21:18:08 +01:00
parent 95fac4c72a
commit 61375199e5
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
5 changed files with 51 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

10
hosts/ward/default.nix
View file

@ -1,4 +1,5 @@
{ {
config,
inputs, inputs,
lib, lib,
nodes, nodes,
@ -62,13 +63,16 @@
]; ];
}; };
mkMicrovm = system: guestName: mkMicrovm = guestName: {
${guestName} =
mkGuest guestName mkGuest guestName
// { // {
backend = "microvm"; backend = "microvm";
microvm = { microvm = {
system = "x86_64-linux"; system = "x86_64-linux";
macvtapInterface = "lan"; macvtap = "lan";
baseMac = config.repo.secrets.local.networking.interfaces.lan.mac;
};
}; };
}; };
@ -83,7 +87,7 @@
in in
lib.mkIf (!minimal) ( lib.mkIf (!minimal) (
{} {}
// mkContainer "adguardhome" // mkMicrovm "adguardhome"
// mkContainer "forgejo" // mkContainer "forgejo"
// mkContainer "grafana" // mkContainer "grafana"
// mkContainer "influxdb" // mkContainer "influxdb"

4
modules/config/impermanence.nix
View file

@ -85,7 +85,7 @@ in {
# State that should be kept across reboots, but is otherwise # State that should be kept across reboots, but is otherwise
# NOT important information in any way that needs to be backed up. # NOT important information in any way that needs to be backed up.
fileSystems."/state".neededForBoot = true; fileSystems."/state".neededForBoot = lib.mkForce true;
environment.persistence."/state" = { environment.persistence."/state" = {
hideMounts = true; hideMounts = true;
directories = directories =
@ -105,7 +105,7 @@ in {
}; };
# State that should be kept forever, and backed up accordingly. # State that should be kept forever, and backed up accordingly.
fileSystems."/persist".neededForBoot = true; fileSystems."/persist".neededForBoot = lib.mkForce true;
environment.persistence."/persist" = { environment.persistence."/persist" = {
hideMounts = true; hideMounts = true;
files = [ files = [

21
modules/guests/default.nix
View file

@ -8,6 +8,7 @@
} @ attrs: let } @ attrs: let
inherit inherit
(lib) (lib)
attrNames
attrValues attrValues
attrsToList attrsToList
disko disko
@ -22,6 +23,7 @@
mkIf mkIf
mkMerge mkMerge
mkOption mkOption
net
types types
; ;
@ -156,10 +158,25 @@ in {
description = "The system that this microvm should use"; description = "The system that this microvm should use";
}; };
macvtapInterface = mkOption { macvtap = mkOption {
type = types.str; type = types.str;
description = "The host interface to which the microvm should be attached via macvtap"; description = "The host interface to which the microvm should be attached via macvtap";
}; };
baseMac = mkOption {
type = types.net.mac;
description = "The base mac address from which the guest's mac will be derived. Only the second and third byte are used, so for 02:XX:YY:ZZ:ZZ:ZZ, this specifies XX and YY, while Zs are generated automatically. Not used if the mac is set directly.";
default = "02:01:27:00:00:00";
};
mac = mkOption {
type = types.net.mac;
description = "The MAC address for the guest's macvtap interface";
default = let
base = "02:${lib.substring 3 5 submod.config.microvm.baseMac}:00:00:00";
in
(net.mac.assignMacs base 24 [] (attrNames config.guests)).${submod.config._module.args.name};
};
}; };
# Options for the container backend # Options for the container backend
@ -175,7 +192,7 @@ in {
description = "The main ethernet link name inside of the guest. For containers, this cannot be named similar to an existing interface on the host."; description = "The main ethernet link name inside of the guest. For containers, this cannot be named similar to an existing interface on the host.";
default = default =
if submod.config.backend == "microvm" if submod.config.backend == "microvm"
then submod.config.microvm.macvtapInterface then submod.config.microvm.macvtap
else if submod.config.backend == "container" else if submod.config.backend == "container"
then "mv-${submod.config.container.macvlan}" then "mv-${submod.config.container.macvlan}"
else throw "Invalid backend"; else throw "Invalid backend";

53
modules/guests/microvm.nix
View file

@ -8,20 +8,16 @@ guestName: guestCfg: {
}: let }: let
inherit inherit
(lib) (lib)
attrNames flip
mapAttrsToList
mkDefault mkDefault
mkForce mkForce
net
optional
; ;
mac = (net.mac.assignMacs "02:01:27:00:00:00" 24 [] (attrNames config.guests)).${guestName};
in { in {
specialArgs = { specialArgs = {
inherit (inputs.self) nodes; inherit (inputs.self) nodes;
inherit (inputs.self.pkgs.${guestCfg.microvm.system}) lib; inherit (inputs.self.pkgs.${guestCfg.microvm.system}) lib;
inherit inputs; inherit inputs minimal;
inherit minimal;
}; };
pkgs = inputs.self.pkgs.${guestCfg.microvm.system}; pkgs = inputs.self.pkgs.${guestCfg.microvm.system};
inherit (guestCfg) autostart; inherit (guestCfg) autostart;
@ -30,7 +26,7 @@ in {
# TODO needed because of https://github.com/NixOS/nixpkgs/issues/102137 # TODO needed because of https://github.com/NixOS/nixpkgs/issues/102137
environment.noXlibs = mkForce false; environment.noXlibs = mkForce false;
lib.microvm.mac = mac; lib.microvm.mac = guestCfg.microvm.mac;
microvm = { microvm = {
hypervisor = mkDefault "qemu"; hypervisor = mkDefault "qemu";
@ -43,9 +39,9 @@ in {
{ {
type = "macvtap"; type = "macvtap";
id = "vm-${guestName}"; id = "vm-${guestName}";
inherit mac; inherit (guestCfg.microvm) mac;
macvtap = { macvtap = {
link = guestCfg.microvm.macvtapInterface; link = guestCfg.microvm.macvtap;
mode = "bridge"; mode = "bridge";
}; };
} }
@ -60,41 +56,22 @@ in {
tag = "ro-store"; tag = "ro-store";
proto = "virtiofs"; proto = "virtiofs";
} }
{ ]
source = "/state/guests/${guestName}"; ++ flip mapAttrsToList guestCfg.zfs (
mountPoint = "/state"; _: zfsCfg: {
tag = "state"; source = zfsCfg.hostMountpoint;
mountPoint = zfsCfg.guestMountpoint;
tag = lib.replaceStrings ["/"] ["_"] zfsCfg.hostMountpoint;
proto = "virtiofs"; proto = "virtiofs";
} }
] );
# Mount persistent data from the host
++ optional guestCfg.zfs.enable {
source = guestCfg.zfs.mountpoint;
mountPoint = "/persist";
tag = "persist";
proto = "virtiofs";
}; };
};
# FIXME this should be changed in microvm.nix to mkDefault in order to not require mkForce here
fileSystems."/state".neededForBoot = mkForce true;
fileSystems."/persist".neededForBoot = mkForce true;
# Add a writable store overlay, but since this is always ephemeral # Add a writable store overlay, but since this is always ephemeral
# disable any store optimization from nix. # disable any store optimization from nix.
microvm.writableStoreOverlay = "/nix/.rw-store"; microvm.writableStoreOverlay = "/nix/.rw-store";
nix = {
settings.auto-optimise-store = mkForce false;
optimise.automatic = mkForce false;
gc.automatic = mkForce false;
};
networking.renameInterfacesByMac.${guestCfg.networking.mainLinkName} = mac; networking.renameInterfacesByMac.${guestCfg.networking.mainLinkName} = guestCfg.microvm.mac;
systemd.network.networks."10-${guestCfg.networking.mainLinkName}".matchConfig.MACAddress = guestCfg.microvm.mac;
systemd.network.networks = {
"10-${guestCfg.networking.mainLinkName}" = {
matchConfig.MACAddress = mac;
};
};
}; };
} }

6
nix/hosts.nix
View file

@ -54,13 +54,11 @@ inputs: let
guestConfigs = flip concatMapAttrs self.nixosConfigurations (_: node: guestConfigs = flip concatMapAttrs self.nixosConfigurations (_: node:
flip mapAttrs' (node.config.guests or {}) ( flip mapAttrs' (node.config.guests or {}) (
guestName: guestDef: guestName: guestDef:
nameValuePair guestDef.nodeName nameValuePair guestDef.nodeName (
(
if guestDef.backend == "microvm" if guestDef.backend == "microvm"
then node.config.microvm.vms.${guestName}.config then node.config.microvm.vms.${guestName}.config
else node.config.containers.${guestName} else node.config.containers.${guestName}.nixosConfiguration
) )
.nixosConfiguration
)); ));
in { in {
inherit inherit