lukegb/depot
1
0
Fork 0
Code Issues 1 Pull requests Projects Packages Activity Actions 1
depot/third_party/nixpkgs/nixos/modules/virtualisation/azure-common.nix
Luke Granger-Brown f92e137cfb
Some checks failed
/ combine-systems (push) Blocked by required conditions
Details
/ build (x86_64-linux) (push) Failing after 11m44s
Details
/ build (aarch64-linux) (push) Failing after 11m50s
Details
/ build (push) Failing after 16m42s
Details
Merge commit '1e2ed035f4bebc9adad02b365508ad96f7df87c1' into HEAD
2025-03-02 02:23:32 +00:00

88 lines
2.7 KiB
Nix
Raw Permalink Blame History

{
config,
lib,
pkgs,
...
}:
let
cfg = config.virtualisation.azure;
mlxDrivers = [
"mlx4_en"
"mlx4_core"
"mlx5_core"
];
in
{
options.virtualisation.azure = {
acceleratedNetworking = lib.mkOption {
default = false;
description = "Whether the machine's network interface has enabled accelerated networking.";
};
};
config = {
services.waagent.enable = true;
# Enable cloud-init by default for waagent.
# Otherwise waagent would try manage networking using ifupdown,
# which is currently not availeble in nixpkgs.
services.cloud-init.enable = true;
services.cloud-init.network.enable = true;
systemd.services.cloud-config.serviceConfig.Restart = "on-failure";
# cloud-init.network.enable also enables systemd-networkd
networking.useNetworkd = true;
# Ensure kernel outputs to ttyS0 (Azure Serial Console),
# and reboot machine upon fatal boot issues
boot.kernelParams = [
"console=ttyS0"
"earlyprintk=ttyS0"
"rootdelay=300"
"panic=1"
"boot.panic_on_fail"
];
# Load Hyper-V kernel modules
boot.initrd.kernelModules = [
"hv_vmbus"
"hv_netvsc"
"hv_utils"
"hv_storvsc"
];
# Accelerated networking, configured following:
# https://learn.microsoft.com/en-us/azure/virtual-network/accelerated-networking-overview
boot.initrd.availableKernelModules = lib.optionals cfg.acceleratedNetworking mlxDrivers;
systemd.network.networks."99-azure-unmanaged-devices.network" = lib.mkIf cfg.acceleratedNetworking {
matchConfig.Driver = mlxDrivers;
linkConfig.Unmanaged = "yes";
};
networking.networkmanager.unmanaged = lib.mkIf cfg.acceleratedNetworking (
builtins.map (drv: "driver:${drv}") mlxDrivers
);
# Allow root logins only using the SSH key that the user specified
# at instance creation time, ping client connections to avoid timeouts
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "prohibit-password";
services.openssh.settings.ClientAliveInterval = 180;
# Force getting the hostname from Azure
networking.hostName = lib.mkDefault "";
# Always include cryptsetup so that NixOps can use it.
# sg_scan is needed to finalize disk removal on older kernels
environment.systemPackages = [
pkgs.cryptsetup
pkgs.sg3_utils
];
networking.usePredictableInterfaceNames = false;
services.udev.extraRules = lib.concatMapStrings (i: ''
ENV{DEVTYPE}=="disk", KERNEL!="sda" SUBSYSTEM=="block", SUBSYSTEMS=="scsi", KERNELS=="?:0:0:${toString i}", ATTR{removable}=="0", SYMLINK+="disk/by-lun/${toString i}"
'') (lib.range 1 15);
};
}
Reference in a new issue View git blame Copy permalink