Cloonar/nixos
2
0
Fork 0
Code Issues 9 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Provision + onboard the dev QEMU VM (ADR-0018, PR2) #161

New issue
Closed
opened 2026-06-14 14:52:40 +02:00 by dominik.polakovics · 2 comments
dominik.polakovics commented 2026-06-14 14:52:40 +02:00
Owner
Copy link

ADR: https://git.cloonar.com/Cloonar/nixos/src/branch/main/docs/adr/0018-dev-self-managed-qemu-vm.md
Depends on #160 (the dev VM shell from PR1 must exist first).

Operational + cross-machine provisioning of the new dev VM (ADR-0018). Not a worktree→PR change: it runs nixos-infect on a console, onboards a fresh host identity across machines, and validates runtime behaviour.

  • Console into the .97.16 Ubuntu VM, run the README nixos-infect flow (local VM, not Hetzner — bring up static net; serial console is the safety net).
  • Author hosts/dev/ (port from hosts/fw/vms/dev/): development module, lab with KillMode=process, forgejo-mcp, users, sops, GC, bento, no borg, hardware-configuration.nix from infect.
  • Onboard: new age key → .sops.yaml &dev, new pubkey → fleet.nix, ./scripts/update-secrets-keys (secrets → hosts/dev/secrets.yaml).
  • Drop dev from scripts/pre-commit's skip rule so hosts/dev/ dry-builds as its own host.
  • Deploy; confirm bento converges. Validate: spawn a test Claude session; forgejo-mcp reachable from web (.97.5:8090); a switch doesn't drop the session; a reboot boots a guest-built kernel.

Split from #159.

ADR: https://git.cloonar.com/Cloonar/nixos/src/branch/main/docs/adr/0018-dev-self-managed-qemu-vm.md Depends on #160 (the dev VM shell from PR1 must exist first). Operational + cross-machine provisioning of the new dev VM (ADR-0018). Not a worktree→PR change: it runs nixos-infect on a console, onboards a fresh host identity across machines, and validates runtime behaviour. - [x] Console into the `.97.16` Ubuntu VM, run the README `nixos-infect` flow (local VM, not Hetzner — bring up static net; serial console is the safety net). - [ ] Author `hosts/dev/` (port from `hosts/fw/vms/dev/`): development module, `lab` with `KillMode=process`, forgejo-mcp, users, sops, GC, bento, **no borg**, `hardware-configuration.nix` from infect. - [ ] Onboard: new age key → `.sops.yaml &dev`, new pubkey → `fleet.nix`, `./scripts/update-secrets-keys` (secrets → `hosts/dev/secrets.yaml`). - [ ] Drop `dev` from `scripts/pre-commit`'s skip rule so `hosts/dev/` dry-builds as its own host. - [ ] Deploy; confirm bento converges. Validate: spawn a test Claude session; forgejo-mcp reachable from web (`.97.5` → `:8090`); a `switch` doesn't drop the session; a reboot boots a guest-built kernel. Split from #159.
dominik.polakovics commented 2026-06-14 16:16:27 +02:00
Author
Owner
Copy link

This was generated by AI while landing a PR.

Follow-up surfaced while landing #163 (PR1): the new utils/modules/qemu-vm.nix <name>-vm service has no restartIfChanged = false, so an fw nixos-rebuild switch that touches the unit power-cycles the guest. The live dev microVM sets this flag precisely to keep Claude sessions alive across fw rebuilds (ADR-0018). Harmless for the idle temp VM PR1 shipped, but it must land before the dev VM carries sessions:

  • Add restartIfChanged = false to the qemu-vm.nix <name>-vm service (default for all cloonar.vms) so an fw rebuild never power-cycles a guest — config changes then apply on the next manual restart, matching the microVM's behaviour.
> *This was generated by AI while landing a PR.* Follow-up surfaced while landing #163 (PR1): the new `utils/modules/qemu-vm.nix` `<name>-vm` service has **no `restartIfChanged = false`**, so an `fw` `nixos-rebuild switch` that touches the unit power-cycles the guest. The live `dev` microVM sets this flag precisely to keep Claude sessions alive across fw rebuilds (ADR-0018). Harmless for the idle temp VM PR1 shipped, but it must land before the dev VM carries sessions: - [ ] Add `restartIfChanged = false` to the `qemu-vm.nix` `<name>-vm` service (default for all `cloonar.vms`) so an fw rebuild never power-cycles a guest — config changes then apply on the next manual restart, matching the microVM's behaviour.
dominik.polakovics commented 2026-06-15 13:52:26 +02:00
Author
Owner
Copy link

PR2 complete: dev QEMU VM provisioned (clean NixOS image, #167) + onboarded (c61d453); lab verified. Cutover to .97.15 + microVM retirement landed in #168 (PR3).

PR2 complete: dev QEMU VM provisioned (clean NixOS image, #167) + onboarded (c61d453); lab verified. Cutover to .97.15 + microVM retirement landed in #168 (PR3).
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
chore/epicenter-vm-disk-128g
fix/lab-pin-opus-4-8
feat/diag-on-internal-vms
feat/dev-lab
feat/fw-cpu-priorities-and-nix-shell
No results found.
Labels
Clear labels   
bug

   
enhancement

   
in-progress

   
needs-info

   
needs-triage

   
p0

   
ready-for-agent

   
ready-for-human

   
wontfix
No labels
bug
enhancement
in-progress
needs-info
needs-triage
p0
ready-for-agent
ready-for-human
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks
#162 Swap dev to .97.15 + retire the microvm (ADR-0018, PR3)
Cloonar/nixos
Reference
Cloonar/nixos#161
No description provided.