incus preseed #41

Merged
jahanson merged 1 commit from incus-preseed into main 2024-09-04 16:37:55 -05:00
5 changed files with 113 additions and 66 deletions

View file

@ -0,0 +1,49 @@
{ ... }:
{
config = {
"core.https_address" = "10.1.1.15:8445"; # Need quotes around key
};
networks = [
{
config = {
"ipv4.address" = "auto"; # Need quotes around key
"ipv6.address" = "auto"; # Need quotes around key
};
description = "";
name = "incusbr0";
type = "";
project = "default";
}
];
storage_pools = [
{
config = {
source = "eru/incus";
};
description = "";
name = "default";
driver = "zfs";
}
];
profiles = [
{
config = { };
description = "";
devices = {
eth0 = {
name = "eth0";
network = "incusbr0";
type = "nic";
};
root = {
path = "/";
pool = "default";
type = "disk";
};
};
name = "default";
}
];
projects = [ ];
cluster = null;
}

View file

@ -67,13 +67,6 @@ in
"enp130s0f0".useDHCP = true; "enp130s0f0".useDHCP = true;
"enp130s0f1".useDHCP = true; "enp130s0f1".useDHCP = true;
}; };
# For VMs
# bridges = {
# "br0" = {
# interfaces = [ "enp130s0f1" ];
# };
# };
}; };
swapDevices = [ ]; swapDevices = [ ];
@ -109,6 +102,8 @@ in
# Incus # Incus
incus = { incus = {
enable = true; enable = true;
preseed = import ./config/incus-preseed.nix { };
webuiport = 8445;
}; };
# ZFS # ZFS
zfs.enable = true; zfs.enable = true;
@ -127,15 +122,6 @@ in
local.noWarning = true; local.noWarning = true;
remote.noWarning = true; remote.noWarning = true;
}; };
# Borg
# My only borg backup was for the Unifi controller. I've since installed a UDM SE.
# borgbackup = {
# enable = true;
# paths = [ "/eru/containers/volumes/unifi/" ];
# exclude = [ ];
# repo = "ssh://t3zvn0dd@t3zvn0dd.repo.borgbase.com/./repo";
# repoKeyPath = config.sops.secrets."borg/repository/passphrase".path;
# };
}; };
services = { services = {
podman.enable = true; podman.enable = true;

View file

@ -0,0 +1,49 @@
{ ... }:
{
config = {
"core.https_address" = "10.1.1.61:8443"; # Need quotes around key
};
networks = [
{
config = {
"ipv4.address" = "auto"; # Need quotes around key
"ipv6.address" = "auto"; # Need quotes around key
};
description = "";
name = "incusbr0";
type = "";
project = "default";
}
];
storage_pools = [
{
config = {
source = "nahar/incus";
};
description = "";
name = "default";
driver = "zfs";
}
];
profiles = [
{
config = { };
description = "";
devices = {
eth0 = {
name = "eth0";
network = "incusbr0";
type = "nic";
};
root = {
path = "/";
pool = "default";
type = "disk";
};
};
name = "default";
}
];
projects = [ ];
cluster = null;
}

View file

@ -95,6 +95,7 @@ in
# Incus # Incus
incus = { incus = {
enable = true; enable = true;
preseed = import ./config/incus-preseed.nix { };
}; };
# ZFS # ZFS

View file

@ -9,62 +9,24 @@ in
# }; # };
options.mySystem.system.incus = { options.mySystem.system.incus = {
enable = lib.mkEnableOption "incus"; enable = lib.mkEnableOption "incus";
preseed = lib.mkOption {
type = lib.types.unspecified;
default = "";
description = "Incus preseed configuration. Generate with `incus admin init`.";
};
webuiport = lib.mkOption {
type = lib.types.int;
default = 8443;
description = "Port for the Incus Web UI";
};
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
virtualisation.incus = { virtualisation.incus = {
inherit (cfg) preseed;
enable = true; enable = true;
ui.enable = true; ui.enable = true;
preseed = {
config = {
"core.https_address" = "10.1.1.15:8445"; # Need quotes around key
};
networks = [
{
config = {
"ipv4.address" = "auto"; # Need quotes around key
"ipv6.address" = "auto"; # Need quotes around key
};
description = "";
name = "incusbr0";
type = "";
project = "default";
}
];
storage_pools = [
{
config = {
source = "eru/incus";
};
description = "";
name = "default";
driver = "zfs";
}
];
profiles = [
{
config = { };
description = "";
devices = {
eth0 = {
name = "eth0";
network = "incusbr0";
type = "nic";
};
root = {
path = "/";
pool = "default";
type = "disk";
};
};
name = "default";
}
];
projects = [ ];
cluster = null;
};
}; };
users.users.${user}.extraGroups = [ "incus-admin" ]; users.users.${user}.extraGroups = [ "incus-admin" ];
@ -75,7 +37,7 @@ in
# nftables.enable = true; # nftables.enable = true;
firewall = { firewall = {
allowedTCPPorts = [ allowedTCPPorts = [
8445 cfg.webuiport
53 53
67 67
]; ];