resolve incus merge conflict

2024-09-01 16:43:08 -05:00 · 2024-09-01 16:43:08 -05:00 · 1e29882c46
commit 1e29882c46
parent 81847253a0
1 changed files with 79 additions and 21 deletions
--- a/nixos/modules/nixos/system/incus/default.nix
+++ b/nixos/modules/nixos/system/incus/default.nix
@ -1,31 +1,89 @@
-{ config, pkgs, ... }:
+{ config, pkgs, lib, ... }:
+let
+  cfg = config.mySystem.system.incus;
+  user = "jahanson";
+in
 {
-  sops.secrets.secret-domain-0 = {
-    sopsFile = ./secret.sops.yaml;
+  # sops.secrets.secret-domain-0 = {
+  #   sopsFile = ./secret.sops.yaml;
+  # };
+  options.mySystem.system.incus = {
+    enable = lib.mkEnableOption "incus";
  };

-  users.users.jahanson.extraGroups = [ "incus-admin" ];
+  config = lib.mkIf cfg.enable {

-  virtualisation.incus = {
-    enable = true;
-    ui.enable = true;
-  };
+    virtualisation.incus = {
+      enable = true;
+      ui.enable = true;

+      preseed = {
+        config = {
+          "core.https_address" = "10.1.1.15:8445"; # Need quotes around key
+        };
+        networks = [
+          {
+            config = {
+              "ipv4.address" = "auto"; # Need quotes around key
+              "ipv6.address" = "auto"; # Need quotes around key
+            };
+            description = "";
+            name = "incusbr0";
+            type = "";
+            project = "default";
+          }
+        ];
+        storage_pools = [
+          {
+            config = {
+              source = "eru/incus";
+            };
+            description = "";
+            name = "default";
+            driver = "zfs";
+          }
+        ];
+        profiles = [
+          {
+            config = { };
+            description = "";
+            devices = {
+              eth0 = {
+                name = "eth0";
+                network = "incusbr0";
+                type = "nic";
+              };
+              root = {
+                path = "/";
+                pool = "default";
+                type = "disk";
+              };
+            };
+            name = "default";
+          }
+        ];
+        projects = [ ];
+        cluster = null;
+      };
+    };

-  # systemd.services.incus-preseed.postStart = "${oidcSetup}";
+    users.users.${user}.extraGroups = [ "incus-admin" ];

-  networking = {
-    nftables.enable = true;
-    firewall = {
-      allowedTCPPorts = [
-        8443
-        53
-        67
-      ];
-      allowedUDPPorts = [
-        53
-        67
-      ];
+    # systemd.services.incus-preseed.postStart = "${oidcSetup}";
+
+    networking = {
+      nftables.enable = true;
+      firewall = {
+        allowedTCPPorts = [
+          8445
+          53
+          67
+        ];
+        allowedUDPPorts = [
+          53
+          67
+        ];
+      };
    };
  };
 }