From f34d53946292c61d777cb7ef730b6b33bac19669 Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Sun, 28 Mar 2021 12:26:11 +0000 Subject: [PATCH] bvm-nixosmgmt: condense down and abstract out --- ops/nixos/bvm-nixosmgmt/default.nix | 47 ++------------------ ops/nixos/lib/bvm.nix | 69 +++++++++++++++++++++++++++++ 2 files changed, 72 insertions(+), 44 deletions(-) create mode 100644 ops/nixos/lib/bvm.nix diff --git a/ops/nixos/bvm-nixosmgmt/default.nix b/ops/nixos/bvm-nixosmgmt/default.nix index 35367f22be..8429fed219 100644 --- a/ops/nixos/bvm-nixosmgmt/default.nix +++ b/ops/nixos/bvm-nixosmgmt/default.nix @@ -2,58 +2,17 @@ # # SPDX-License-Identifier: Apache-2.0 -{ depot, lib, pkgs, rebuilder, config, ... }: -let - inherit (depot.ops) secrets; -in { +{ ... }: +{ imports = [ - ../../../third_party/nixpkgs/nixos/modules/profiles/qemu-guest.nix - ../lib/low-space.nix + ../lib/bvm.nix ]; - boot.initrd.availableKernelModules = [ - "uhci_hcd" - "ehci_pci" - "ahci" - "virtio_pci" - "sr_mod" - "virtio_blk" - ]; - - powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; - - fileSystems = { - "/" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/vda2"; - fsType = "vfat"; - }; - }; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - nix.maxJobs = lib.mkDefault 2; - # Networking! networking = { hostName = "bvm-nixosmgmt"; - domain = "as205479.net"; hostId = "49b0fbc7"; - nameservers = [ - "8.8.8.8" - "8.8.4.4" - ]; - useDHCP = false; - defaultGateway = { - address = "10.100.0.1"; - interface = "enp1s0"; - }; interfaces.enp1s0 = { ipv4.addresses = [{ address = "10.100.0.200"; prefixLength = 23; }]; }; diff --git a/ops/nixos/lib/bvm.nix b/ops/nixos/lib/bvm.nix new file mode 100644 index 0000000000..822c1a244b --- /dev/null +++ b/ops/nixos/lib/bvm.nix @@ -0,0 +1,69 @@ +# SPDX-FileCopyrightText: 2020 Luke Granger-Brown +# +# SPDX-License-Identifier: Apache-2.0 + +{ lib, ... }: +{ + imports = [ + ../../../third_party/nixpkgs/nixos/modules/profiles/qemu-guest.nix + ../lib/low-space.nix + ]; + + config = { + boot.initrd.availableKernelModules = [ + "uhci_hcd" + "ehci_pci" + "ahci" + "virtio_pci" + "sr_mod" + "virtio_blk" + ]; + + boot.kernelParams = [ + "console=tty1" + "console=ttyS0,115200" # <-- /dev/console + + "mitigations=off" + ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; + + fileSystems = { + "/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/vda2"; + fsType = "vfat"; + }; + }; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + nix.maxJobs = lib.mkDefault 2; + + # Networking! + networking = { + domain = "blade.as205479.net"; + nameservers = ["8.8.8.8" "8.8.4.4"]; + search = mkBefore [ + "blade.as205479.net" + ]; + + useDHCP = false; + defaultGateway = { + address = "10.100.0.1"; + interface = "enp1s0"; + }; + + firewall.allowedUDPPorts = [ + 41641 # Tailscale + ]; + }; + + services.qemuGuest.enable = true; + }; +}