bvm-nixosmgmt: condense down and abstract out

This commit is contained in:
Luke Granger-Brown 2021-03-28 12:26:11 +00:00
parent c1f450eb33
commit f34d539462
2 changed files with 72 additions and 44 deletions

View file

@ -2,58 +2,17 @@
# #
# SPDX-License-Identifier: Apache-2.0 # SPDX-License-Identifier: Apache-2.0
{ depot, lib, pkgs, rebuilder, config, ... }: { ... }:
let {
inherit (depot.ops) secrets;
in {
imports = [ imports = [
../../../third_party/nixpkgs/nixos/modules/profiles/qemu-guest.nix ../lib/bvm.nix
../lib/low-space.nix
]; ];
boot.initrd.availableKernelModules = [
"uhci_hcd"
"ehci_pci"
"ahci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
fileSystems = {
"/" = {
device = "/dev/vda1";
fsType = "ext4";
};
"/boot" = {
device = "/dev/vda2";
fsType = "vfat";
};
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
nix.maxJobs = lib.mkDefault 2;
# Networking! # Networking!
networking = { networking = {
hostName = "bvm-nixosmgmt"; hostName = "bvm-nixosmgmt";
domain = "as205479.net";
hostId = "49b0fbc7"; hostId = "49b0fbc7";
nameservers = [
"8.8.8.8"
"8.8.4.4"
];
useDHCP = false;
defaultGateway = {
address = "10.100.0.1";
interface = "enp1s0";
};
interfaces.enp1s0 = { interfaces.enp1s0 = {
ipv4.addresses = [{ address = "10.100.0.200"; prefixLength = 23; }]; ipv4.addresses = [{ address = "10.100.0.200"; prefixLength = 23; }];
}; };

69
ops/nixos/lib/bvm.nix Normal file
View file

@ -0,0 +1,69 @@
# SPDX-FileCopyrightText: 2020 Luke Granger-Brown <depot@lukegb.com>
#
# SPDX-License-Identifier: Apache-2.0
{ lib, ... }:
{
imports = [
../../../third_party/nixpkgs/nixos/modules/profiles/qemu-guest.nix
../lib/low-space.nix
];
config = {
boot.initrd.availableKernelModules = [
"uhci_hcd"
"ehci_pci"
"ahci"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.kernelParams = [
"console=tty1"
"console=ttyS0,115200" # <-- /dev/console
"mitigations=off"
];
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
fileSystems = {
"/" = {
device = "/dev/vda1";
fsType = "ext4";
};
"/boot" = {
device = "/dev/vda2";
fsType = "vfat";
};
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
nix.maxJobs = lib.mkDefault 2;
# Networking!
networking = {
domain = "blade.as205479.net";
nameservers = ["8.8.8.8" "8.8.4.4"];
search = mkBefore [
"blade.as205479.net"
];
useDHCP = false;
defaultGateway = {
address = "10.100.0.1";
interface = "enp1s0";
};
firewall.allowedUDPPorts = [
41641 # Tailscale
];
};
services.qemuGuest.enable = true;
};
}