palo/nixos-config
palo/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

create virtualisation component.

Browse source
This commit is contained in:
Ingolf Wagner 2024-08-11 14:46:03 +02:00
parent 7e1e13e897
commit 29e3213e4b
No known key found for this signature in database
GPG key ID: 76BF5F1928B9618B
14 changed files with 106 additions and 70 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
components/default.nix
View file

@ -10,6 +10,7 @@
./nixos ./nixos
./terminal ./terminal
./timezone.nix ./timezone.nix
./virtualisation
./yubikey.nix ./yubikey.nix
]; ];

2
components/mainUser.nix
View file

@ -5,9 +5,11 @@ let
cfg = config.components.mainUser; cfg = config.components.mainUser;
# todo : use optionalList
dockerGroup = dockerGroup =
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ]; if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
# todo : use optionalList
vboxGroup = vboxGroup =
if (config.virtualisation.virtualbox.host.enable) then if (config.virtualisation.virtualbox.host.enable) then
[ "vboxusers" ] [ "vboxusers" ]

15
components/virtualisation/default.nix Normal file
View file

@ -0,0 +1,15 @@
{ config, lib, ... }:
{
imports = [
./docker.nix
./podman.nix
./virtualbox.nix
./qemu.nix
];
options.components.virtualisation.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
}

16
components/virtualisation/docker.nix Normal file
View file

@ -0,0 +1,16 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.components.virtualisation.docker.enable = lib.mkOption {
type = lib.types.bool;
default = config.components.virtualisation.enable;
};
config = mkIf config.components.virtualisation.docker.enable {
virtualisation.docker.enable = true;
};
}

19
components/virtualisation/podman.nix Normal file
View file

@ -0,0 +1,19 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.components.virtualisation.podman.enable = lib.mkOption {
type = lib.types.bool;
default = config.components.virtualisation.enable;
};
config = mkIf config.components.virtualisation.podman.enable {
virtualisation.podman.enable = true;
# make sure /var/lib/containers/storage is a zfs dataset
virtualisation.podman.extraPackages = [ pkgs.zfs ];
};
}

27
components/virtualisation/qemu.nix Normal file
View file

@ -0,0 +1,27 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.components.virtualisation.qemu.enable = lib.mkOption {
type = lib.types.bool;
default = config.components.virtualisation.enable;
};
config = mkIf config.components.virtualisation.qemu.enable {
virtualisation.libvirtd.enable = true;
#virtualisation.libvirtd.allowedBridges = ["virbr0"];
virtualisation.libvirtd.onShutdown = "shutdown";
environment.systemPackages = [
pkgs.qemu_kvm
#(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; })
pkgs.quickemu
pkgs.virt-manager
];
users.users.mainUser.extraGroups = [ "libvirtd" ];
};
}

21
components/virtualisation/virtualbox.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, lib, pkgs, ... }:
with lib;
{
options.components.virtualisation.virtualbox.enable = lib.mkOption {
type = lib.types.bool;
default = config.components.virtualisation.enable;
};
config = mkIf config.components.virtualisation.virtualbox.enable {
virtualisation.virtualbox = {
host.enable = true;
guest.enable = true;
};
users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ];
};
}

13
machines/cherry/configuration.nix
View file

@ -6,7 +6,6 @@
./hardware-configuration ./hardware-configuration
./syncthing.nix ./syncthing.nix
./qemu.nix
./network-tinc.nix ./network-tinc.nix
./network-tinc_retiolum.nix ./network-tinc_retiolum.nix
@ -38,6 +37,8 @@
# (promptKey "pushover.api_key"); # (promptKey "pushover.api_key");
components.virtualisation.enable = true;
components.gui.enable = true; components.gui.enable = true;
components.mainUser.enable = true; components.mainUser.enable = true;
components.media.enable = true; components.media.enable = true;
@ -124,16 +125,6 @@
services.printing.enable = true; services.printing.enable = true;
virtualisation = {
docker.enable = true;
podman.enable = true;
virtualbox = {
host.enable = true;
guest.enable = true;
};
};
users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ];
# for congress and streaming # for congress and streaming
hardware.graphics.enable = true; hardware.graphics.enable = true;

17
machines/cherry/qemu.nix
View file

@ -1,17 +0,0 @@
{ config, lib, pkgs, ... }:
{
virtualisation.libvirtd.enable = true;
#virtualisation.libvirtd.allowedBridges = ["virbr0"];
virtualisation.libvirtd.onShutdown = "shutdown";
environment.systemPackages = [
pkgs.qemu_kvm
#(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; })
pkgs.quickemu
pkgs.virt-manager
];
users.users.mainUser.extraGroups = [ "libvirtd" ];
}

1
machines/chungus/configuration.nix
View file

@ -66,7 +66,6 @@
services.printing.enable = false; services.printing.enable = false;
virtualisation.podman.extraPackages = [ pkgs.zfs ]; # make sure /var/lib/containers/storage is a zfs dataset
networking.hostName = "chungus"; networking.hostName = "chungus";

14
machines/cream/configuration.nix
View file

@ -6,7 +6,6 @@
./hardware-configuration.nix ./hardware-configuration.nix
./syncthing.nix ./syncthing.nix
./qemu.nix
./network-tinc.nix ./network-tinc.nix
./network-tinc_retiolum.nix ./network-tinc_retiolum.nix
@ -22,6 +21,8 @@
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!) boot.tmp.useTmpfs = true; # make /tmp a tmpfs (performance!)
components.virtualisation.enable = true;
components.gui.enable = true; components.gui.enable = true;
components.gui.xorg.enable = true; components.gui.xorg.enable = true;
components.gui.wayland.enable = false; components.gui.wayland.enable = false;
@ -111,17 +112,6 @@
services.printing.enable = true; services.printing.enable = true;
virtualisation = {
docker.enable = true;
podman.enable = true;
virtualbox = {
host.enable = true;
guest.enable = true;
};
};
users.extraGroups.vboxusers.members = [ config.users.users.mainUser.name ];
samba-share = { samba-share = {
enable = false; enable = false;
folders = { folders = {

17
machines/cream/qemu.nix
View file

@ -1,17 +0,0 @@
{ config, lib, pkgs, ... }:
{
virtualisation.libvirtd.enable = true;
#virtualisation.libvirtd.allowedBridges = ["virbr0"];
virtualisation.libvirtd.onShutdown = "shutdown";
environment.systemPackages = [
pkgs.qemu_kvm
#(pkgs.quickemu.override { qemu_full = pkgs.qemu_kvm; })
pkgs.quickemu
pkgs.virt-manager
];
users.users.mainUser.extraGroups = [ "libvirtd" ];
}

5
machines/orbi/service-forgejo-runner.nix
View file

@ -3,10 +3,7 @@ let inherit (utils) escapeSystemdPath;
in in
{ {
virtualisation = { virtualisation.podman.enable = true;
# docker.enable = true;
podman.enable = true;
};
#nix.settings.trusted-users = [ "root" "gitea-runner"]; #nix.settings.trusted-users = [ "root" "gitea-runner"];
nix.settings.allowed-users = [ "*" "gitea-runner" ]; nix.settings.allowed-users = [ "*" "gitea-runner" ];

8
machines/sternchen/configuration.nix
View file

@ -84,13 +84,5 @@
}; };
}; };
virtualisation = {
docker.enable = false;
virtualbox = {
host.enable = false;
guest.enable = false;
};
};
} }