bryan/nixos
0
0
Fork 0
mirror of https://github.com/itme-brain/nixos.git synced 2026-03-23 16:29:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

virt changes including new NixVirt input

Browse source
This commit is contained in:
Bryan Ramos 2025-01-27 16:23:01 -05:00
parent 3e6621fa2a
commit 01730af9ee
Signed by: bryan
GPG key ID: 6ABDCD144D6643C8
14 changed files with 341 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

40
flake.lock generated
View file

@ -1,23 +1,23 @@
{
"nodes": {
"disko": {
"NixVirt": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
],
"nixpkgs-ovmf": "nixpkgs-ovmf"
},
"locked": {
"lastModified": 1733168902,
"narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
"owner": "nix-community",
"repo": "disko",
"rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
"type": "github"
"lastModified": 1712439808,
"narHash": "sha256-QoONoZPBpNTw5cia05QSvDlaxXo3moKAJQOw7c5hMXA=",
"rev": "9f1cdca730d92461075709e867c1e9ad93d58a8d",
"revCount": 284,
"type": "tarball",
"url": "https://api.flakehub.com/f/pinned/AshleyYakeley/NixVirt/0.5.0/018eb55e-7beb-75c5-919f-5b5b26136e06/source.tar.gz"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
"type": "tarball",
"url": "https://flakehub.com/f/AshleyYakeley/NixVirt/%2A.tar.gz"
}
},
"flake-compat": {
@ -135,6 +135,22 @@
"type": "github"
}
},
"nixpkgs-ovmf": {
"locked": {
"lastModified": 1708984720,
"narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1733759999,
@ -173,7 +189,7 @@
},
"root": {
"inputs": {
"disko": "disko",
"NixVirt": "NixVirt",
"home-manager": "home-manager",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs",

10
flake.nix
View file

@ -15,13 +15,13 @@
url = "github:nix-community/NixOS-WSL/2405.5.4";
inputs.nixpkgs.follows = "nixpkgs";
};
disko = {
url = "github:nix-community/disko";
NixVirt = {
url = "https://flakehub.com/f/AshleyYakeley/NixVirt/*.tar.gz";
inputs.nixpkgs.follows = "nixpkgs";
};
};
outputs = { self, nixpkgs, nur, home-manager, nixos-wsl, disko }:
outputs = { self, nixpkgs, nur, home-manager, nixos-wsl, NixVirt }:
let
system = "x86_64-linux";
pkgs = import nixpkgs {
@ -53,6 +53,8 @@
./src/system/machines/workstation
home-manager.nixosModules.home-manager
(import ./src/system/machines/workstation/modules/home-manager)
NixVirt.nixosModules.default
(import ./src/system/VMs)
];
};
@ -82,8 +84,6 @@
./src/system/machines/vm
home-manager.nixosModules.home-manager
(import ./src/system/machines/vm/modules/home-manager)
disko.nixosModules.disko
(import ./src/system/machines/vm/modules/disko)
];
};
};

8
justfile
View file

@ -27,6 +27,7 @@ out TYPE SYSTEM="desktop":
"nix")
if
[ "{{SYSTEM}}" = "desktop" ] || \
[ "{{SYSTEM}}" = "workstation" ] || \
[ "{{SYSTEM}}" = "server" ] || \
[ "{{SYSTEM}}" = "wsl" ] || \
[ "{{SYSTEM}}" = "vm" ] || \
@ -40,6 +41,7 @@ out TYPE SYSTEM="desktop":
Error: Unknown argument - '{{SYSTEM}}'
Use one of:
desktop
workstation
server
laptop
vm
@ -72,6 +74,7 @@ test TYPE SYSTEM="desktop":
"nix")
if
[ "{{SYSTEM}}" = "desktop" ] || \
[ "{{SYSTEM}}" = "workstation" ] || \
[ "{{SYSTEM}}" = "server" ] || \
[ "{{SYSTEM}}" = "wsl" ] || \
[ "{{SYSTEM}}" = "vm" ] || \
@ -85,6 +88,7 @@ test TYPE SYSTEM="desktop":
Error: Unknown argument - '{{SYSTEM}}'
Use one of:
desktop
workstation
server
laptop
vm
@ -117,6 +121,7 @@ build TYPE SYSTEM="desktop":
"nix")
if
[ "{{SYSTEM}}" = "desktop" ] || \
[ "{{SYSTEM}}" = "workstation" ] || \
[ "{{SYSTEM}}" = "server" ] || \
[ "{{SYSTEM}}" = "wsl" ] || \
[ "{{SYSTEM}}" = "vm" ] || \
@ -132,6 +137,7 @@ build TYPE SYSTEM="desktop":
Error: Unknown argument - '{{SYSTEM}}'
Use one of:
desktop
workstation
server
laptop
vm
@ -162,6 +168,7 @@ vm SYSTEM:
set -euo pipefail
if
[ "{{SYSTEM}}" = "desktop" ] || \
[ "{{SYSTEM}}" = "workstation" ] || \
[ "{{SYSTEM}}" = "server" ] || \
[ "{{SYSTEM}}" = "wsl" ] || \
[ "{{SYSTEM}}" = "vm" ] || \
@ -182,6 +189,7 @@ vm SYSTEM:
Error: Unknown argument - '{{SYSTEM}}'
Use one of:
desktop
workstation
server
laptop
vm

192
src/system/VMs/config/machines/Test_Bench1.xml Normal file
View file

@ -0,0 +1,192 @@
<domain type='kvm'>
<name>Test_Bench1</name>
<uuid>6dab32d2-aa81-469f-a0d7-dbe4a12c2337</uuid>
<description>
Rocky 9.2
Redhawk 9.2
SimWB 2024.2-0
</description>
<metadata>
<libosinfo:libosinfo xmlns:libosinfo="http://libosinfo.org/xmlns/libvirt/domain/1.0">
<libosinfo:os id="http://rockylinux.org/rocky/9"/>
</libosinfo:libosinfo>
</metadata>
<memory unit='KiB'>4194304</memory>
<currentMemory unit='KiB'>4194304</currentMemory>
<vcpu placement='static'>4</vcpu>
<os>
<type arch='x86_64' machine='pc-q35-9.1'>hvm</type>
<loader readonly='yes' type='pflash'>/run/libvirt/nix-ovmf/OVMF_CODE.fd</loader>
<nvram template='/run/libvirt/nix-ovmf/OVMF_VARS.fd'>/var/lib/libvirt/qemu/nvram/Test_Bench1_VARS.fd</nvram>
<bootmenu enable='yes'/>
</os>
<features>
<acpi/>
<apic/>
<vmport state='off'/>
</features>
<cpu mode='host-passthrough' check='none' migratable='on'/>
<clock offset='utc'>
<timer name='rtc' tickpolicy='catchup'/>
<timer name='pit' tickpolicy='delay'/>
<timer name='hpet' present='no'/>
</clock>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<pm>
<suspend-to-mem enabled='no'/>
<suspend-to-disk enabled='no'/>
</pm>
<devices>
<emulator>/run/libvirt/nix-emulators/qemu-system-x86_64</emulator>
<disk type='file' device='disk'>
<driver name='qemu' type='qcow2'/>
<source file='/var/lib/libvirt/images/rocky9.qcow2'/>
<target dev='vda' bus='virtio'/>
<boot order='2'/>
<address type='pci' domain='0x0000' bus='0x04' slot='0x00' function='0x0'/>
</disk>
<disk type='file' device='cdrom'>
<driver name='qemu' type='raw'/>
<target dev='sda' bus='sata'/>
<readonly/>
<boot order='1'/>
<address type='drive' controller='0' bus='0' target='0' unit='0'/>
</disk>
<controller type='usb' index='0' model='qemu-xhci' ports='15'>
<address type='pci' domain='0x0000' bus='0x02' slot='0x00' function='0x0'/>
</controller>
<controller type='pci' index='0' model='pcie-root'/>
<controller type='pci' index='1' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='1' port='0x10'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='2' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='2' port='0x11'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x1'/>
</controller>
<controller type='pci' index='3' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='3' port='0x12'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x2'/>
</controller>
<controller type='pci' index='4' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='4' port='0x13'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x3'/>
</controller>
<controller type='pci' index='5' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='5' port='0x14'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x4'/>
</controller>
<controller type='pci' index='6' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='6' port='0x15'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x5'/>
</controller>
<controller type='pci' index='7' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='7' port='0x16'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x6'/>
</controller>
<controller type='pci' index='8' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='8' port='0x17'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x7'/>
</controller>
<controller type='pci' index='9' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='9' port='0x18'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0' multifunction='on'/>
</controller>
<controller type='pci' index='10' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='10' port='0x19'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x1'/>
</controller>
<controller type='pci' index='11' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='11' port='0x1a'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x2'/>
</controller>
<controller type='pci' index='12' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='12' port='0x1b'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x3'/>
</controller>
<controller type='pci' index='13' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='13' port='0x1c'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x4'/>
</controller>
<controller type='pci' index='14' model='pcie-root-port'>
<model name='pcie-root-port'/>
<target chassis='14' port='0x1d'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x5'/>
</controller>
<controller type='sata' index='0'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1f' function='0x2'/>
</controller>
<controller type='virtio-serial' index='0'>
<address type='pci' domain='0x0000' bus='0x03' slot='0x00' function='0x0'/>
</controller>
<interface type='network'>
<mac address='52:54:00:b9:fb:c0'/>
<source network='default'/>
<model type='virtio'/>
<address type='pci' domain='0x0000' bus='0x01' slot='0x00' function='0x0'/>
</interface>
<serial type='pty'>
<target type='isa-serial' port='0'>
<model name='isa-serial'/>
</target>
</serial>
<console type='pty'>
<target type='serial' port='0'/>
</console>
<channel type='unix'>
<target type='virtio' name='org.qemu.guest_agent.0'/>
<address type='virtio-serial' controller='0' bus='0' port='1'/>
</channel>
<channel type='spicevmc'>
<target type='virtio' name='com.redhat.spice.0'/>
<address type='virtio-serial' controller='0' bus='0' port='2'/>
</channel>
<input type='tablet' bus='usb'>
<address type='usb' bus='0' port='1'/>
</input>
<input type='mouse' bus='ps2'/>
<input type='keyboard' bus='ps2'/>
<graphics type='spice' autoport='yes'>
<listen type='address'/>
<image compression='off'/>
</graphics>
<sound model='ich9'>
<address type='pci' domain='0x0000' bus='0x00' slot='0x1b' function='0x0'/>
</sound>
<audio id='1' type='spice'/>
<video>
<model type='virtio' heads='1' primary='yes'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x0'/>
</video>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='2'/>
</redirdev>
<redirdev bus='usb' type='spicevmc'>
<address type='usb' bus='0' port='3'/>
</redirdev>
<watchdog model='itco' action='reset'/>
<memballoon model='virtio'>
<address type='pci' domain='0x0000' bus='0x05' slot='0x00' function='0x0'/>
</memballoon>
<rng model='virtio'>
<backend model='random'>/dev/urandom</backend>
<address type='pci' domain='0x0000' bus='0x06' slot='0x00' function='0x0'/>
</rng>
</devices>
</domain>

17
src/system/VMs/config/networks/virbr0.xml Normal file
View file

@ -0,0 +1,17 @@
<network>
<name>default</name>
<uuid>14667e27-1e89-40fb-ba5a-381a6c79bd5f</uuid>
<forward mode='nat'>
<nat>
<port start='1024' end='65535'/>
</nat>
</forward>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:f4:a4:3d'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.2' end='192.168.122.254'/>
</dhcp>
</ip>
</network>

18
src/system/VMs/config/storage/pools/default.xml Normal file
View file

@ -0,0 +1,18 @@
<pool type='dir'>
<name>default</name>
<uuid>70edbae5-7ea6-4996-a457-bc1d450b6be4</uuid>
<capacity unit='bytes'>536608768000</capacity>
<allocation unit='bytes'>31873052672</allocation>
<available unit='bytes'>504735715328</available>
<source>
</source>
<target>
<path>/var/lib/libvirt/images</path>
<permissions>
<mode>0711</mode>
<owner>0</owner>
<group>0</group>
</permissions>
</target>
</pool>

28
src/system/VMs/config/storage/volumes/rocky9.xml Normal file
View file

@ -0,0 +1,28 @@
<volume type='file'>
<name>rocky9.qcow2</name>
<key>/var/lib/libvirt/images/rocky9.qcow2</key>
<capacity unit='bytes'>107374182400</capacity>
<allocation unit='bytes'>10468622336</allocation>
<physical unit='bytes'>107390828544</physical>
<target>
<path>/var/lib/libvirt/images/rocky9.qcow2</path>
<format type='qcow2'/>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>0</group>
</permissions>
<timestamps>
<atime>1738001245.563436511</atime>
<mtime>1738001224.380580475</mtime>
<ctime>1738001224.667578536</ctime>
<btime>0</btime>
</timestamps>
<compat>1.1</compat>
<clusterSize unit='B'>65536</clusterSize>
<features>
<lazy_refcounts/>
</features>
</target>
</volume>

35
src/system/VMs/default.nix Normal file
View file

@ -0,0 +1,35 @@
{ pkgs, lib, config, ... }:
{
virtualisation.libvirt = {
enable = true;
verbose = true;
connections."qemu:///system" = {
domains = [
{
definition = ./config/machines/Test_Bench1.xml;
}
];
pools = [
{
definition = ./config/storage/pools/default.xml;
active = true;
volumes = [
{
definition = ./config/storage/volumes/rocky9.xml;
}
];
}
];
networks = [
{
definition = ./config/networks/virbr0.xml;
active = true;
}
];
};
};
}

8
src/system/machines/workstation/hardware.nix
View file

@ -60,14 +60,6 @@
};
};
virtualisation.libvirtd = {
enable = true;
qemu = {
runAsRoot = true;
ovmf.enable = true;
};
};
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
}

5
src/system/machines/workstation/system.nix
View file

@ -1,5 +1,6 @@
{ pkgs, lib, config, ... }:
with lib;
{ system.stateVersion = "23.11";
users.users = {
@ -9,7 +10,7 @@
++ [ "video" "audio" "kvm" "libvirtd" "dialout" ];
openssh.authorizedKeys.keys = [
"${config.user.keys.ssh.primary}"
"${config.user.keys.ssh.ccur}"
"${config.user.keys.ssh.work}"
];
};
};
@ -98,6 +99,7 @@
"3.pool.ntp.org"
];
};
pipewire = {
enable = true;
audio.enable = true;
@ -109,6 +111,7 @@
alsa.enable = true;
alsa.support32Bit = true;
};
openssh = {
enable = true;
startWhenNeeded = false;

0
src/user/config/keys/ssh/ccur.pub.key → src/user/config/keys/ssh/work.pub.key
View file

3
src/user/modules/bash/config/prompt.nix
View file

@ -32,13 +32,12 @@ check_venv() {
js="js"
nix="nix"
${if gui.enable then ''
${optionalString gui.enable ''
if [ -n "$DISPLAY" ]; then
py=""
js="󰌞"
nix=""
fi
'' else ''
''}
python_icon="\[\033[01;33m\]$py\[\033[00m\]"

4
src/user/modules/security/modules/gpg/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, config, ... }:
{ pkgs, lib, config, osConfig, ... }:
with lib;
let
@ -18,10 +18,12 @@ in
text = "${config.user.keys.pgp.primary}";
trust = 5;
}
] ++ optionals (osConfig.networking.hostName == "desktop") [
{
text = "${config.user.keys.pgp.windows}";
trust = 5;
}
] ++ optionals (osConfig.networking.hostName == "workstation") [
{
text = "${config.user.keys.pgp.work}";
trust = 5;

3
src/user/modules/utils/modules/dev/default.nix
View file

@ -1,4 +1,4 @@
{ pkgs, lib, config, ... }:
{ pkgs, lib, config, osConfig, ... }:
with lib;
let
@ -16,6 +16,7 @@ in
qrencode
docker
] ++ optionals (osConfig.virtualisation.libvirt.enable) [
virt-manager
];