diff --git a/flake.nix b/flake.nix index a8c44d1..5f420ca 100644 --- a/flake.nix +++ b/flake.nix @@ -60,6 +60,17 @@ (import ./src/system/machines/wsl/home.nix) ]; }; + + vm = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + ./src/system/machines/vm + home-manager.nixosModules.home-manager + (import ./src/system/machines/vm/modules/home-manager) + disko.nixosModules.disko + (import ./src/system/machines/vm/modules/disko) + ]; + }; }; homeConfigurations."work" = home-manager.lib.homeManagerConfiguration { diff --git a/src/system/machines/vm/default.nix b/src/system/machines/vm/default.nix new file mode 100644 index 0000000..5237d0c --- /dev/null +++ b/src/system/machines/vm/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ../../../user/configs + ./hardware.nix + ./system.nix + ]; +} diff --git a/src/system/machines/vm/hardware.nix b/src/system/machines/vm/hardware.nix new file mode 100644 index 0000000..21af8df --- /dev/null +++ b/src/system/machines/vm/hardware.nix @@ -0,0 +1,26 @@ +{ config, lib, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/79093c66-1283-44d4-b03c-f87956bbada1"; + fsType = "ext4"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/0509-1D1F"; + fsType = "vfat"; + }; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/src/system/machines/vm/modules/default.nix b/src/system/machines/vm/modules/default.nix new file mode 100644 index 0000000..1649694 --- /dev/null +++ b/src/system/machines/vm/modules/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./home + ]; +} diff --git a/src/system/machines/vm/modules/disko/default.nix b/src/system/machines/vm/modules/disko/default.nix new file mode 100644 index 0000000..28d6258 --- /dev/null +++ b/src/system/machines/vm/modules/disko/default.nix @@ -0,0 +1,65 @@ +{ disks ? [ "/dev/vda" ], ... }: + +{ + disko.devices = { + disk = { + one = { + type = "disk"; + device = builtins.elemAt disks 0; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + name = "boot"; + start = "0"; + end = "200M"; + fs-type = "fat32"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + } + { + name = "root"; + start = "200M"; + end = "100%FREE"; + content = { + type = "lvm_pv"; + vg = "vm"; + }; + } + ]; + }; + }; + }; + + lvm_vg = { + vm = { + type = "lvm_vg"; + lvs = { + aaa = { + size = "1M"; + }; + zzz = { + size = "1M"; + }; + root = { + size = "100%"; + content = { + name = "nixos"; + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + }; + }; + }; + }; +} diff --git a/src/system/machines/vm/modules/home-manager/default.nix b/src/system/machines/vm/modules/home-manager/default.nix new file mode 100644 index 0000000..af07b32 --- /dev/null +++ b/src/system/machines/vm/modules/home-manager/default.nix @@ -0,0 +1,35 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + programs.bash.shellAliases = { + nixup = "sudo nixos-rebuild switch --flake /etc/nixos/.#vm"; + }; + + home.stateVersion = "23.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + + security = { + gpg.enable = true; + }; + + utils = { + enable = true; + vim.enable = true; + }; + }; + }; + }; +} diff --git a/src/system/machines/vm/system.nix b/src/system/machines/vm/system.nix new file mode 100644 index 0000000..bfa26fb --- /dev/null +++ b/src/system/machines/vm/system.nix @@ -0,0 +1,102 @@ +{ pkgs, lib, config, ... }: + +{ system.stateVersion = "23.11"; + + imports = [ ../../modules ]; + + modules = { + system = { + bitcoin.enable = true; + }; + }; + + users.users = { + ${config.user.name} = { + isNormalUser = true; + extraGroups = config.user.groups; + openssh.authorizedKeys.keys = [ "${config.user.sshKeys.key1}" ]; + }; + }; + + nix = { + channel.enable = false; + package = pkgs.nixFlakes; + extraOptions = "experimental-features = nix-command flakes"; + settings = { + auto-optimise-store = true; + trusted-users = [ "${config.user.name}" ]; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + boot.loader = { + timeout = null; + grub = { + enable = true; + useOSProber = true; + devices = [ "nodev" ]; + efiSupport = true; + configurationLimit = 3; + splashImage = null; + }; + + efi = { + canTouchEfiVariables = true; + }; + }; + + fonts.packages = with pkgs; [ + terminus_font + terminus-nerdfont + ]; + + security.sudo = { + wheelNeedsPassword = false; + execWheelOnly = true; + }; + + time = { + timeZone = "America/New_York"; + hardwareClockInLocalTime = false; + }; + + services.timesyncd = lib.mkDefault { + enable = true; + servers = [ + "0.pool.ntp.org" + "1.pool.ntp.org" + "2.pool.ntp.org" + "3.pool.ntp.org" + ]; + }; + + i18n.defaultLocale = "en_US.UTF-8"; + + console = { + font = "Lat2-Terminus16"; + useXkbConfig = true; + }; + + networking = { + hostName = "server"; + useDHCP = lib.mkDefault true; + networkmanager.enable = true; + firewall = { + enable = true; + allowedTCPPorts = [ 22 80 443 ]; + }; + }; + + services.openssh = { + enable = true; + startWhenNeeded = true; + settings = { + X11Forwarding = false; + PasswordAuthentication = true; + }; + }; +}