From 29e3213e4be859a1877a94155c531b381d32fe83 Mon Sep 17 00:00:00 2001 From: Ingolf Wagner Date: Sun, 11 Aug 2024 14:46:03 +0200 Subject: [PATCH] create virtualisation component. --- components/default.nix | 1 + components/mainUser.nix | 2 ++ components/virtualisation/default.nix | 15 +++++++++++++ components/virtualisation/docker.nix | 16 ++++++++++++++ components/virtualisation/podman.nix | 19 +++++++++++++++++ components/virtualisation/qemu.nix | 27 ++++++++++++++++++++++++ components/virtualisation/virtualbox.nix | 21 ++++++++++++++++++ machines/cherry/configuration.nix | 13 ++---------- machines/cherry/qemu.nix | 17 --------------- machines/chungus/configuration.nix | 1 - machines/cream/configuration.nix | 14 ++---------- machines/cream/qemu.nix | 17 --------------- machines/orbi/service-forgejo-runner.nix | 5 +---- machines/sternchen/configuration.nix | 8 ------- 14 files changed, 106 insertions(+), 70 deletions(-) create mode 100644 components/virtualisation/default.nix create mode 100644 components/virtualisation/docker.nix create mode 100644 components/virtualisation/podman.nix create mode 100644 components/virtualisation/qemu.nix create mode 100644 components/virtualisation/virtualbox.nix delete mode 100644 machines/cherry/qemu.nix delete mode 100644 machines/cream/qemu.nix diff --git a/components/default.nix b/components/default.nix index 4341dea..300a72d 100644 --- a/components/default.nix +++ b/components/default.nix @@ -10,6 +10,7 @@ ./nixos ./terminal ./timezone.nix + ./virtualisation ./yubikey.nix ]; diff --git a/components/mainUser.nix b/components/mainUser.nix index 116a542..d01bbf1 100644 --- a/components/mainUser.nix +++ b/components/mainUser.nix @@ -5,9 +5,11 @@ let cfg = config.components.mainUser; + # todo : use optionalList dockerGroup = if (config.virtualisation.docker.enable) then [ "docker" ] else [ ]; + # todo : use optionalList vboxGroup = if (config.virtualisation.virtualbox.host.enable) then [ "vboxusers" ] diff --git a/components/virtualisation/default.nix b/components/virtualisation/default.nix new file mode 100644 index 0000000..2857866 --- /dev/null +++ b/components/virtualisation/default.nix @@ -0,0 +1,15 @@ +{ config, lib, ... }: +{ + imports = [ + ./docker.nix + ./podman.nix + ./virtualbox.nix + ./qemu.nix + ]; + + options.components.virtualisation.enable = lib.mkOption { + type = lib.types.bool; + default = false; + }; + +} diff --git a/components/virtualisation/docker.nix b/components/virtualisation/docker.nix new file mode 100644 index 0000000..994ebd9 --- /dev/null +++ b/components/virtualisation/docker.nix @@ -0,0 +1,16 @@ +{ config, lib, pkgs, ... }: +with lib; +{ + + options.components.virtualisation.docker.enable = lib.mkOption { + type = lib.types.bool; + default = config.components.virtualisation.enable; + }; + + config = mkIf config.components.virtualisation.docker.enable { + + virtualisation.docker.enable = true; + + }; + +} diff --git a/components/virtualisation/podman.nix b/components/virtualisation/podman.nix new file mode 100644 index 0000000..eaf6d1b --- /dev/null +++ b/components/virtualisation/podman.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +with lib; +{ + + options.components.virtualisation.podman.enable = lib.mkOption { + type = lib.types.bool; + default = config.components.virtualisation.enable; + }; + + config = mkIf config.components.virtualisation.podman.enable { + + virtualisation.podman.enable = true; + + # make sure /var/lib/containers/storage is a zfs dataset + virtualisation.podman.extraPackages = [ pkgs.zfs ]; + + }; + +} diff --git a/components/virtualisation/qemu.nix b/components/virtualisation/qemu.nix new file mode 100644 index 0000000..c3ef4ad --- /dev/null +++ b/components/virtualisation/qemu.nix @@ -0,0 +1,27 @@ +{ config, lib, pkgs, ... }: +with lib; +{ + + options.components.virtualisation.qemu.enable = lib.mkOption { + type = lib.types.bool; + default = config.components.virtualisation.enable; + }; + + config = mkIf config.components.virtualisation.qemu.enable { + + virtualisation.libvirtd.enable = true; + #virtualisation.libvirtd.allowedBridges = ["virbr0"]; + virtualisation.libvirtd.onShutdown = "shutdown"; + + environment.systemPackages = [ + pkgs.qemu_kvm + #(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; }) + pkgs.quickemu + pkgs.virt-manager + ]; + + users.users.mainUser.extraGroups = [ "libvirtd" ]; + + }; + +} diff --git a/components/virtualisation/virtualbox.nix b/components/virtualisation/virtualbox.nix new file mode 100644 index 0000000..d8f3de3 --- /dev/null +++ b/components/virtualisation/virtualbox.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: +with lib; +{ + + options.components.virtualisation.virtualbox.enable = lib.mkOption { + type = lib.types.bool; + default = config.components.virtualisation.enable; + }; + + config = mkIf config.components.virtualisation.virtualbox.enable { + + virtualisation.virtualbox = { + host.enable = true; + guest.enable = true; + }; + + users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ]; + + }; + +} diff --git a/machines/cherry/configuration.nix b/machines/cherry/configuration.nix index 982cc32..02e709c 100644 --- a/machines/cherry/configuration.nix +++ b/machines/cherry/configuration.nix @@ -6,7 +6,6 @@ ./hardware-configuration ./syncthing.nix - ./qemu.nix ./network-tinc.nix ./network-tinc_retiolum.nix @@ -38,6 +37,8 @@ # (promptKey "pushover.api_key"); + components.virtualisation.enable = true; + components.gui.enable = true; components.mainUser.enable = true; components.media.enable = true; @@ -124,16 +125,6 @@ services.printing.enable = true; - virtualisation = { - docker.enable = true; - podman.enable = true; - virtualbox = { - host.enable = true; - guest.enable = true; - }; - }; - users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ]; - # for congress and streaming hardware.graphics.enable = true; diff --git a/machines/cherry/qemu.nix b/machines/cherry/qemu.nix deleted file mode 100644 index 6bc0c7b..0000000 --- a/machines/cherry/qemu.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - - virtualisation.libvirtd.enable = true; - #virtualisation.libvirtd.allowedBridges = ["virbr0"]; - virtualisation.libvirtd.onShutdown = "shutdown"; - - environment.systemPackages = [ - pkgs.qemu_kvm - #(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; }) - pkgs.quickemu - pkgs.virt-manager - ]; - - users.users.mainUser.extraGroups = [ "libvirtd" ]; - -} diff --git a/machines/chungus/configuration.nix b/machines/chungus/configuration.nix index 2d2e2c6..b43318f 100644 --- a/machines/chungus/configuration.nix +++ b/machines/chungus/configuration.nix @@ -66,7 +66,6 @@ services.printing.enable = false; - virtualisation.podman.extraPackages = [ pkgs.zfs ]; # make sure /var/lib/containers/storage is a zfs dataset networking.hostName = "chungus"; diff --git a/machines/cream/configuration.nix b/machines/cream/configuration.nix index 56b77d6..3b672b1 100644 --- a/machines/cream/configuration.nix +++ b/machines/cream/configuration.nix @@ -6,7 +6,6 @@ ./hardware-configuration.nix ./syncthing.nix - ./qemu.nix ./network-tinc.nix ./network-tinc_retiolum.nix @@ -22,6 +21,8 @@ boot.loader.efi.canTouchEfiVariables = true; boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!) + components.virtualisation.enable = true; + components.gui.enable = true; components.gui.xorg.enable = true; components.gui.wayland.enable = false; @@ -111,17 +112,6 @@ services.printing.enable = true; - virtualisation = { - docker.enable = true; - podman.enable = true; - virtualbox = { - host.enable = true; - guest.enable = true; - }; - }; - users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ]; - - samba-share = { enable = false; folders = { diff --git a/machines/cream/qemu.nix b/machines/cream/qemu.nix deleted file mode 100644 index 6bc0c7b..0000000 --- a/machines/cream/qemu.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - - virtualisation.libvirtd.enable = true; - #virtualisation.libvirtd.allowedBridges = ["virbr0"]; - virtualisation.libvirtd.onShutdown = "shutdown"; - - environment.systemPackages = [ - pkgs.qemu_kvm - #(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; }) - pkgs.quickemu - pkgs.virt-manager - ]; - - users.users.mainUser.extraGroups = [ "libvirtd" ]; - -} diff --git a/machines/orbi/service-forgejo-runner.nix b/machines/orbi/service-forgejo-runner.nix index 0325aa2..a0c177f 100644 --- a/machines/orbi/service-forgejo-runner.nix +++ b/machines/orbi/service-forgejo-runner.nix @@ -3,10 +3,7 @@ let inherit (utils) escapeSystemdPath; in { - virtualisation = { - # docker.enable = true; - podman.enable = true; - }; + virtualisation.podman.enable = true; #nix.settings.trusted-users = [ "root" "gitea-runner"]; nix.settings.allowed-users = [ "*" "gitea-runner" ]; diff --git a/machines/sternchen/configuration.nix b/machines/sternchen/configuration.nix index 2537585..3b31f9f 100644 --- a/machines/sternchen/configuration.nix +++ b/machines/sternchen/configuration.nix @@ -84,13 +84,5 @@ }; }; - virtualisation = { - docker.enable = false; - virtualbox = { - host.enable = false; - guest.enable = false; - }; - }; - }