fix: update microvm definitions to new combined guests option

hosts/ward/default.nix

@@ -1,4 +1,5 @@
 {
+  config,
   inputs,
   lib,
   nodes,
@@ -62,15 +63,18 @@
       ];
     };
 
-    mkMicrovm = system: guestName:
+    mkMicrovm = guestName: {
-      mkGuest guestName
+      ${guestName} =
-      // {
+        mkGuest guestName
-        backend = "microvm";
+        // {
-        microvm = {
+          backend = "microvm";
-          system = "x86_64-linux";
+          microvm = {
-          macvtapInterface = "lan";
+            system = "x86_64-linux";
+            macvtap = "lan";
+            baseMac = config.repo.secrets.local.networking.interfaces.lan.mac;
+          };
         };
-      };
+    };
 
     mkContainer = guestName: {
       ${guestName} =
@@ -83,7 +87,7 @@
   in
     lib.mkIf (!minimal) (
       {}
-      // mkContainer "adguardhome"
+      // mkMicrovm "adguardhome"
       // mkContainer "forgejo"
       // mkContainer "grafana"
       // mkContainer "influxdb"

modules/config/impermanence.nix

@@ -85,7 +85,7 @@ in {
 
   # State that should be kept across reboots, but is otherwise
   # NOT important information in any way that needs to be backed up.
-  fileSystems."/state".neededForBoot = true;
+  fileSystems."/state".neededForBoot = lib.mkForce true;
   environment.persistence."/state" = {
     hideMounts = true;
     directories =
@@ -105,7 +105,7 @@ in {
   };
 
   # State that should be kept forever, and backed up accordingly.
-  fileSystems."/persist".neededForBoot = true;
+  fileSystems."/persist".neededForBoot = lib.mkForce true;
   environment.persistence."/persist" = {
     hideMounts = true;
     files = [

modules/guests/default.nix

@@ -8,6 +8,7 @@
 } @ attrs: let
   inherit
     (lib)
+    attrNames
     attrValues
     attrsToList
     disko
@@ -22,6 +23,7 @@
     mkIf
     mkMerge
     mkOption
+    net
     types
     ;
 
@@ -156,10 +158,25 @@ in {
             description = "The system that this microvm should use";
           };
 
-          macvtapInterface = mkOption {
+          macvtap = mkOption {
             type = types.str;
             description = "The host interface to which the microvm should be attached via macvtap";
           };
+
+          baseMac = mkOption {
+            type = types.net.mac;
+            description = "The base mac address from which the guest's mac will be derived. Only the second and third byte are used, so for 02:XX:YY:ZZ:ZZ:ZZ, this specifies XX and YY, while Zs are generated automatically. Not used if the mac is set directly.";
+            default = "02:01:27:00:00:00";
+          };
+
+          mac = mkOption {
+            type = types.net.mac;
+            description = "The MAC address for the guest's macvtap interface";
+            default = let
+              base = "02:${lib.substring 3 5 submod.config.microvm.baseMac}:00:00:00";
+            in
+              (net.mac.assignMacs base 24 [] (attrNames config.guests)).${submod.config._module.args.name};
+          };
         };
 
         # Options for the container backend
@@ -175,7 +192,7 @@ in {
           description = "The main ethernet link name inside of the guest. For containers, this cannot be named similar to an existing interface on the host.";
           default =
             if submod.config.backend == "microvm"
-            then submod.config.microvm.macvtapInterface
+            then submod.config.microvm.macvtap
             else if submod.config.backend == "container"
             then "mv-${submod.config.container.macvlan}"
             else throw "Invalid backend";

modules/guests/microvm.nix

@@ -8,20 +8,16 @@ guestName: guestCfg: {
 }: let
   inherit
     (lib)
-    attrNames
+    flip
+    mapAttrsToList
     mkDefault
     mkForce
-    net
-    optional
     ;
-
-  mac = (net.mac.assignMacs "02:01:27:00:00:00" 24 [] (attrNames config.guests)).${guestName};
 in {
   specialArgs = {
     inherit (inputs.self) nodes;
     inherit (inputs.self.pkgs.${guestCfg.microvm.system}) lib;
-    inherit inputs;
+    inherit inputs minimal;
-    inherit minimal;
   };
   pkgs = inputs.self.pkgs.${guestCfg.microvm.system};
   inherit (guestCfg) autostart;
@@ -30,7 +26,7 @@ in {
 
     # TODO needed because of https://github.com/NixOS/nixpkgs/issues/102137
     environment.noXlibs = mkForce false;
-    lib.microvm.mac = mac;
+    lib.microvm.mac = guestCfg.microvm.mac;
 
     microvm = {
       hypervisor = mkDefault "qemu";
@@ -43,9 +39,9 @@ in {
         {
           type = "macvtap";
           id = "vm-${guestName}";
-          inherit mac;
+          inherit (guestCfg.microvm) mac;
           macvtap = {
-            link = guestCfg.microvm.macvtapInterface;
+            link = guestCfg.microvm.macvtap;
             mode = "bridge";
           };
         }
@@ -60,41 +56,22 @@ in {
             tag = "ro-store";
             proto = "virtiofs";
           }
-          {
+        ]
-            source = "/state/guests/${guestName}";
+        ++ flip mapAttrsToList guestCfg.zfs (
-            mountPoint = "/state";
+          _: zfsCfg: {
-            tag = "state";
+            source = zfsCfg.hostMountpoint;
+            mountPoint = zfsCfg.guestMountpoint;
+            tag = lib.replaceStrings ["/"] ["_"] zfsCfg.hostMountpoint;
             proto = "virtiofs";
           }
-        ]
+        );
-        # Mount persistent data from the host
-        ++ optional guestCfg.zfs.enable {
-          source = guestCfg.zfs.mountpoint;
-          mountPoint = "/persist";
-          tag = "persist";
-          proto = "virtiofs";
-        };
     };
 
-    # FIXME this should be changed in microvm.nix to mkDefault in order to not require mkForce here
-    fileSystems."/state".neededForBoot = mkForce true;
-    fileSystems."/persist".neededForBoot = mkForce true;
-
     # Add a writable store overlay, but since this is always ephemeral
     # disable any store optimization from nix.
     microvm.writableStoreOverlay = "/nix/.rw-store";
-    nix = {
-      settings.auto-optimise-store = mkForce false;
-      optimise.automatic = mkForce false;
-      gc.automatic = mkForce false;
-    };
 
-    networking.renameInterfacesByMac.${guestCfg.networking.mainLinkName} = mac;
+    networking.renameInterfacesByMac.${guestCfg.networking.mainLinkName} = guestCfg.microvm.mac;
-
+    systemd.network.networks."10-${guestCfg.networking.mainLinkName}".matchConfig.MACAddress = guestCfg.microvm.mac;
-    systemd.network.networks = {
-      "10-${guestCfg.networking.mainLinkName}" = {
-        matchConfig.MACAddress = mac;
-      };
-    };
   };
 }

nix/hosts.nix

@@ -54,13 +54,11 @@ inputs: let
   guestConfigs = flip concatMapAttrs self.nixosConfigurations (_: node:
     flip mapAttrs' (node.config.guests or {}) (
       guestName: guestDef:
-        nameValuePair guestDef.nodeName
+        nameValuePair guestDef.nodeName (
-        (
           if guestDef.backend == "microvm"
           then node.config.microvm.vms.${guestName}.config
-          else node.config.containers.${guestName}
+          else node.config.containers.${guestName}.nixosConfiguration
         )
-        .nixosConfiguration
     ));
 in {
   inherit