DuN0z/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add: forbann VM

Browse source
This commit is contained in:
DuN0z 2025-10-04 12:35:54 +02:00
parent fd9f5e202c
commit b3fb1d7fa8
3 changed files with 85 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
flake.nix
View file

@ -32,7 +32,6 @@
in in
{ {
# --- Host NixOS (x86_64) ---
nixosConfigurations = { nixosConfigurations = {
pennsardin = nixpkgs-unstable.lib.nixosSystem { pennsardin = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
@ -56,6 +55,14 @@
home-manager-stable.nixosModules.home-manager home-manager-stable.nixosModules.home-manager
]; ];
}; };
forbann = nixpkgs-stable.lib.nixosSystem {
system = "x86_64-linux";
modules = [
./hosts/forbann/configuration.nix
"${nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix"
];
};
}; };
# --- DevShell (x86_64 uniquement) --- # --- DevShell (x86_64 uniquement) ---

67
hosts/forbann/configuration.nix Normal file
View file

@ -0,0 +1,67 @@
{ config, pkgs, ...}:
{
boot.loader.grub = {
enable = true ;
device = "/dev/vda";
};
fileSystems."/" = {
device = "/dev/vda1" ;
fsType = "ext4" ;
};
fileSystems."/srv" = {
device = "shared0" ;
fsType = "9p" ;
options = [ "trans=virtio" "version=9p2000.L" "rw" ];
neededForBoot = false ;
noCheck = true ;
};
systemd.services.mountShared = {
description = "Mount 9p shared folder" ;
after = [ "local-fs.target" "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot" ;
ExecStart = "${pkgs.util-linux}/bin/mount -t 9p -o trans=virtio,version=9p2000.L shared0 /srv";
RemainAfterExit = true ;
};
};
boot.kernelPackages = pkgs.linuxPackages ;
boot.initrd.supportedFilesystems = [ "ext4" ];
networking = {
useDHCP = true;
useNetworkd = true ;
hostName = "forbann" ;
};
systemd.network = {
enable = true ;
networks."10-eth0" = {
matchConfig.Name = "eth0";
networkConfig = {
Address = "192.168.1.10/24";
Gateway = "192.168.0.254" ;
DNS = "192.168.0.254" ;
};
};
};
services.openssh.enable = true ;
services.rtorrent = {
enable = true ;
dataDir = "/home/vmuser/torrents" ;
};
users.users.vmuser = {
isNormalUser = true ;
extraGroups = [ "wheel" ];
password = "changeme" ;
};
system.stateVersion = "25.05" ;
}

10
modules/common/qemu.nix
View file

@ -5,6 +5,7 @@
}: { }: {
boot.kernelModules = lib.mkAfter ["tun"]; boot.kernelModules = lib.mkAfter ["tun"];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
qemu
qemu_kvm qemu_kvm
virtiofsd virtiofsd
]; ];
@ -12,6 +13,7 @@
services = { services = {
udev.extraRules = '' udev.extraRules = ''
SUBSYSTEM=="vfio", GROUP="kvm", MODE="0660" SUBSYSTEM=="vfio", GROUP="kvm", MODE="0660"
KERNEL=="tun", GROUP="kvm", MODE="0660"
''; '';
spice-vdagentd.enable = true; spice-vdagentd.enable = true;
resolved.enable = true; resolved.enable = true;
@ -32,6 +34,14 @@
environment.etc."qemu/bridge.conf".text = '' environment.etc."qemu/bridge.conf".text = ''
allow br0 allow br0
''; '';
security.wrappers.qemu-bridge-helper = lib.mkForce {
source = "${pkgs.qemu}/libexec/qemu-bridge-helper";
owner = "root";
group = "kvm";
setuid = true ;
permissions = "u+rwx,g+rx,o+rx";
};
} }
# vim: set ts=2 sw=2 sts=2 et : # vim: set ts=2 sw=2 sts=2 et :