Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add hypervisor

Browse Source
This commit is contained in:
Dominik Polakovics Polakovics
2023-12-01 19:25:01 +01:00
parent aed7c73032
commit 5acea13591
5 changed files with 209 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
hosts/fw.cloonar.com/configuration.nix
View File

@@ -23,17 +23,18 @@
./modules/omada.nix ./modules/omada.nix
# git # git
./modules/gitea.nix # ./modules/gitea.nix
# ./modules/drone/server.nix # ./modules/drone/server.nix
# ./modules/drone/runner.nix # ./modules/drone/runner.nix
./modules/fwmetrics.nix ./modules/fwmetrics.nix
./modules/hypervisor
# home assistant # home assistant
./modules/home-assistant.nix # ./modules/home-assistant.nix
./modules/mopidy.nix # ./modules/mopidy.nix
./modules/mosquitto.nix # ./modules/mosquitto.nix
./modules/snapserver.nix # ./modules/snapserver.nix
./modules/deconz # ./modules/deconz
./hardware-configuration.nix ./hardware-configuration.nix
]; ];

12
hosts/fw.cloonar.com/modules/hypervisor/baseline-qemu.nix Normal file
View File

@@ -0,0 +1,12 @@
{
imports = [ ./baseline.nix ];
fileSystems."/".device = "/dev/disk/by-label/nixos";
boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "virtio_balloon" "virtio_blk" "virtio_pci" "virtio_ring" ];
boot.loader = {
grub = {
version = 2;
device = "/dev/vda";
};
timeout = 0;
};
}

11
hosts/fw.cloonar.com/modules/hypervisor/baseline.nix Normal file
View File

@@ -0,0 +1,11 @@
{
time.timeZone = "Europe/Vienna";
networking.hostName = "vm";
services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDN/2SAFm50kraB1fepAizox/QRXxB7WbqVbH+5OPalDT47VIJGNKOKhixQoqhABHxEoLxdf/C83wxlCVlPV9poLfDgVkA3Lyt5r3tSFQ6QjjOJAgchWamMsxxyGBedhKvhiEzcr/Lxytnoz3kjDG8fqQJwEpdqMmJoMUfyL2Rqp16u+FQ7d5aJtwO8EUqovhMaNO7rggjPpV/uMOg+tBxxmscliN7DLuP4EMTA/FwXVzcFNbOx3K9BdpMRAaSJt4SWcJO2cS2KHA5n/H+PQI7nz5KN3Yr/upJN5fROhi/SHvK39QOx12Pv7FCuWlc+oR68vLaoCKYhnkl3DnCfc7A7"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRQuPqH5fdX3KEw7DXzWEdO3AlUn1oSmtJtHB71ICoH Generated By Termius"
];
system.stateVersion = "22.05";
}

81
hosts/fw.cloonar.com/modules/hypervisor/default.nix Normal file
View File

@@ -0,0 +1,81 @@
{ pkgs, ... }:
let
hostNix = "server";
guests = {
git = {
memory = 16;
mac = "ed:22:4a:96:c3:01";
diskSize = 128;
};
};
in
{
boot.kernelModules = [ "kvm-amd" "kvm-intel" ];
virtualisation.libvirtd.enable = true;
systemd.services = lib.mapAttrs' (name: guest: lib.nameValuePair "libvirtd-guest-${name}" {
after = [ "libvirtd.service" ];
requires = [ "libvirtd.service" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
};
script =
let
xml = pkgs.writeText "libvirt-guest-${name}.xml"
''
<domain type="kvm">
<name>${name}</name>
<uuid>UUID</uuid>
<os>
<type>hvm</type>
</os>
<memory unit="GiB">${guest.memory}</memory>
<devices>
<disk type="volume">
<source volume="guest-${name}"/>
<target dev="vda" bus="virtio"/>
</disk>
<graphics type="spice" autoport="yes"/>
<input type="keyboard" bus="usb"/>
<interface type="direct">
<source dev="${hostNic}" mode="bridge"/>
<mac address="${guest.mac}"/>
<model type="virtio"/>
</interface>
</devices>
<features>
<acpi/>
</features>
</domain>
'';
in
''
if ! ${pkgs.libvirt}/bin/virsh vol-key 'guest-${name}' --pool guests &> /dev/null; then
${pkgs.libvirt}/bin/virsh vol-create-as guests 'guest-${name}' '${guest.diskSize}GiB'
${pkgs.qemu}/bin/qemu-img convert /etc/virt/base-images/baseline.qcow2 '/dev/${hostName}/guest-${name}'
fi
uuid="$(${pkgs.libvirt}/bin/virsh domuuid '${name}' || true)"
${pkgs.libvirt}/bin/virsh define <(sed "s/UUID/$uuid/" '${xml}')
${pkgs.libvirt}/bin/virsh start '${name}'
'';
preStop =
''
${pkgs.libvirt}/bin/virsh shutdown '${name}'
let "timeout = $(date +%s) + 10"
while [ "$(${pkgs.libvirt}/bin/virsh list --name | grep --count '^${name}$')" -gt 0 ]; do
if [ "$(date +%s)" -ge "$timeout" ]; then
# Meh, we warned it...
${pkgs.libvirt}/bin/virsh destroy '${name}'
else
# The machine is still running, let's give it some time to shut down
sleep 0.5
fi
done
'';
}) guests;
environment.etc."virt/base-images/baseline.qcow2".source = "${import ./image.nix args}/baseline.qcow2";
}

98
hosts/fw.cloonar.com/modules/hypervisor/image.nix Normal file
View File

@@ -0,0 +1,98 @@
{ pkgs ? import <nixpkgs> {}, system ? builtins.currentSystem, ... }:
let
config = (import <nixpkgs/nixos/lib/eval-config.nix> {
inherit system;
modules = [ {
imports = [ ./baseline-qemu.nix ];
# We want our template image to be as small as possible, but the deployed image should be able to be
# of any size. Hence we resize on the first boot.
systemd.services.resize-main-fs = {
wantedBy = [ "multi-user.target" ];
serviceConfig.Type = "oneshot";
script =
''
# Resize main partition to fill whole disk
echo ", +" | ${pkgs.utillinux}/bin/sfdisk /dev/vda --no-reread -N 1
${pkgs.parted}/bin/partprobe
# Resize filesystem
${pkgs.e2fsprogs}/bin/resize2fs /dev/vda1
'';
};
} ];
}).config;
in pkgs.vmTools.runInLinuxVM (
pkgs.runCommand "nixos-sun-baseline-image"
{
memSize = 768;
preVM =
''
mkdir $out
diskImage=image.qcow2
${pkgs.vmTools.qemu}/bin/qemu-img create -f qcow2 $diskImage 1G
mv closure xchg/
'';
postVM =
''
echo compressing VM image...
${pkgs.vmTools.qemu}/bin/qemu-img convert -c $diskImage -O qcow2 $out/baseline.qcow2
'';
buildInputs = [ pkgs.utillinux pkgs.perl pkgs.parted pkgs.e2fsprogs ];
exportReferencesGraph =
[ "closure" config.system.build.toplevel ];
}
''
# Create the partition
parted /dev/vda mklabel msdos
parted /dev/vda -- mkpart primary ext4 1M -1s
. /sys/class/block/vda1/uevent
mknod /dev/vda1 b $MAJOR $MINOR
# Format the partition
mkfs.ext4 -L nixos /dev/vda1
mkdir /mnt
mount /dev/vda1 /mnt
for dir in dev proc sys; do
mkdir /mnt/$dir
mount --bind /$dir /mnt/$dir
done
storePaths=$(perl ${pkgs.pathsFromGraph} /tmp/xchg/closure)
echo filling Nix store...
mkdir -p /mnt/nix/store
set -f
cp -prd $storePaths /mnt/nix/store
# The permissions will be set up incorrectly if the host machine is not running NixOS
chown -R 0:30000 /mnt/nix/store
mkdir -p /mnt/etc/nix
echo 'build-users-group = ' > /mnt/etc/nix/nix.conf
# at least since nix-2.3.16 we need a root user in the chroot
# or else `nix-store --load-db` will fail with "cannot figure out user name"
chroot /mnt ${pkgs.shadow}/bin/useradd -u 0 root
# Register the paths in the Nix database.
printRegistration=1 perl ${pkgs.pathsFromGraph} /tmp/xchg/closure | \
chroot /mnt ${config.nix.package.out}/bin/nix-store --load-db
# Create the system profile to allow nixos-rebuild to work.
chroot /mnt ${config.nix.package.out}/bin/nix-env \
-p /nix/var/nix/profiles/system --set ${config.system.build.toplevel}
# `nixos-rebuild' requires an /etc/NIXOS.
mkdir -p /mnt/etc/nixos
touch /mnt/etc/NIXOS
# `switch-to-configuration' requires a /bin/sh
mkdir -p /mnt/bin
ln -s ${config.system.build.binsh}/bin/sh /mnt/bin/sh
# Generate the GRUB menu.
chroot /mnt ${config.system.build.toplevel}/bin/switch-to-configuration boot
umount /mnt/{proc,dev,sys}
umount /mnt
''
)