Added libvirt-qemu module.

2024-07-13 09:27:44 -05:00 · 2024-07-13 09:27:44 -05:00 · 6fe7b1e982
commit 6fe7b1e982
parent 86aded238d
4 changed files with 82 additions and 4 deletions
--- a/flake.lock
+++ b/flake.lock
@ -374,6 +374,22 @@
        "type": "github"
      }
    },
+    "nixpkgs-ovmf": {
+      "locked": {
+        "lastModified": 1708984720,
+        "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
    "nixpkgs-stable": {
      "locked": {
        "lastModified": 1720282526,
@ -406,6 +422,28 @@
        "type": "github"
      }
    },
+    "nixvirt-git": {
+      "inputs": {
+        "nixpkgs": [
+          "nixpkgs"
+        ],
+        "nixpkgs-ovmf": "nixpkgs-ovmf"
+      },
+      "locked": {
+        "lastModified": 1712439808,
+        "narHash": "sha256-QoONoZPBpNTw5cia05QSvDlaxXo3moKAJQOw7c5hMXA=",
+        "owner": "AshleyYakeley",
+        "repo": "NixVirt",
+        "rev": "9f1cdca730d92461075709e867c1e9ad93d58a8d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "AshleyYakeley",
+        "ref": "v0.5.0",
+        "repo": "NixVirt",
+        "type": "github"
+      }
+    },
    "nur": {
      "locked": {
        "lastModified": 1720478695,
@ -517,6 +555,7 @@
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs",
        "nixpkgs-unstable": "nixpkgs-unstable",
+        "nixvirt-git": "nixvirt-git",
        "nur": "nur",
        "sops-nix": "sops-nix",
        "talhelper": "talhelper"
--- a/flake.nix
+++ b/flake.nix
@ -23,7 +23,7 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

-    # home-manager - unstable
+    # home-manager - Manage user configuration with nix
    # https://github.com/nix-community/home-manager
    home-manager = {
      url = "github:nix-community/home-manager/release-24.05";
@ -64,10 +64,20 @@
      inputs.nixpkgs.follows = "nixpkgs";
    };

+    # Lix- Substitution of the Nix package manager, focused on correctness, usability, and growth – and committed to doing right by its community.
+    # https://git.lix.systems/lix-project/lix
    lix-module = {
      url = "https://git.lix.systems/lix-project/nixos-module/archive/2.90.0.tar.gz";
      inputs.nixpkgs.follows = "nixpkgs";
    };
+
+    # NixVirt for qemu & libvirt
+    # https://github.com/AshleyYakeley/NixVirt
+    nixvirt-git = {
+      url = "github:AshleyYakeley/NixVirt/v0.5.0";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
  };

  outputs =
@ -98,7 +108,7 @@
          inherit inputs;
          # Import overlays for building nixosconfig with them.
          overlays = import ./nixos/overlays { inherit inputs; };
-          # generate a base nixos configuration with the specified overlays, hardware modules, and any extraModules applied
+          # generate a base nixos configuration with the specified overlays, hardware modules, and any AerModules applied
          mkNixosConfig =
            { hostname
            , system ? "x86_64-linux"
@ -229,13 +239,13 @@
          "gandalf" = mkNixosConfig {
            # X9DRi-LN4+/X9DR3-LN4+ - Intel(R) Xeon(R) CPU E5-2650 v2
            # NAS
-            hostname = "telperion";
+            hostname = "gandalf";
            system = "x86_64-linux";
            hardwareModules = [
+              lix-module.nixosModules.default
              ./nixos/profiles/hw-supermicro.nix
              disko.nixosModules.disko
              (import ./nixos/profiles/disko-nixos.nix { disks = [ "/dev/sda/dev/disk/by-id/ata-Seagate_IronWolfPro_ZA240NX10001-2ZH100_7TF002RA" ]; })
-              lix-module.nixosModules.default
            ];
            profileModules = [
              ./nixos/profiles/role-server.nix
--- a/nixos/modules/nixos/services/default.nix
+++ b/nixos/modules/nixos/services/default.nix
@ -4,6 +4,7 @@
    ./cockpit
    ./forgejo
    ./haproxy
+    ./libvirt-qemu
    ./nginx
    ./onepassword-connect
    ./podman
--- a/nixos/modules/nixos/services/libvirt-qemu/default.nix
+++ b/nixos/modules/nixos/services/libvirt-qemu/default.nix
@ -0,0 +1,28 @@
+{ lib, config, pkgs, inputs, ... }:
+with lib;
+let
+  cfg = config.mySystem.services.libvirt-qemu;
+in
+{
+  imports = [ inputs.nixvirt-git.nixosModules.default ];
+  options.mySystem.services.libvirt-qemu = {
+    enable = mkEnableOption "libvirt-qemu";
+  };
+
+  config = mkIf cfg.enable {
+    networking.firewall = {
+      allowedTCPPorts = [ 16509 16514 ];
+    };
+
+    # Enable bind with domain configuration
+    virtualisation.libvirt.enable = true;
+    virtualisation.libvirtd = {
+      enable = true;
+      qemu = {
+        package = pkgs.qemu_kvm;
+        ovmf.enable = true;
+        ovmf.packages = [ pkgs.OVMFFull.fd ];
+      };
+    };
+  };
+}