2023-11-15 12:06:59 +00:00
|
|
|
{
|
|
|
|
|
jefke = {
|
|
|
|
|
name = "jefke";
|
2023-12-17 15:22:22 +00:00
|
|
|
hostName = "jefke.hyp";
|
|
|
|
|
|
2023-12-29 12:46:12 +00:00
|
|
|
nixosModule.lab = {
|
2023-12-17 15:22:22 +00:00
|
|
|
terraformDatabase.enable = true;
|
2024-01-06 22:07:54 +00:00
|
|
|
|
2024-01-06 23:22:44 +00:00
|
|
|
storage = {
|
|
|
|
|
osDisk = "/dev/sda";
|
|
|
|
|
dataPartition = "/dev/nvme0n1p1";
|
2024-01-06 22:07:54 +00:00
|
|
|
};
|
2023-12-17 15:22:22 +00:00
|
|
|
|
|
|
|
|
ssh = {
|
|
|
|
|
useCertificates = true;
|
|
|
|
|
hostCert = builtins.readFile ./jefke_host_ed25519-cert.pub;
|
|
|
|
|
userCert = builtins.readFile ./jefke_user_ed25519-cert.pub;
|
2023-11-25 20:00:21 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
|
2023-11-29 16:21:18 +00:00
|
|
|
atlas = {
|
|
|
|
|
name = "atlas";
|
2023-12-17 15:22:22 +00:00
|
|
|
hostName = "atlas.hyp";
|
2023-11-25 20:00:21 +00:00
|
|
|
|
2024-01-08 22:17:37 +00:00
|
|
|
nixosModule = { config, ... }:
|
2024-01-14 14:20:32 +00:00
|
|
|
let inherit (config.lab.networking) dmzServicesIPv4 dmzServicesIPv6; in
|
2024-01-08 22:17:37 +00:00
|
|
|
{
|
|
|
|
|
lab = {
|
|
|
|
|
networking = {
|
2024-01-14 14:20:32 +00:00
|
|
|
# TODO: Ideally, we don't have to set this here.
|
|
|
|
|
staticDMZIPv4Address = "${dmzServicesIPv4}/24";
|
|
|
|
|
staticDMZIPv6Address = "${dmzServicesIPv6}/64";
|
2024-01-08 22:17:37 +00:00
|
|
|
dmzServices.enable = true;
|
|
|
|
|
};
|
2024-01-07 21:36:26 +00:00
|
|
|
|
2024-01-08 22:17:37 +00:00
|
|
|
storage = {
|
|
|
|
|
osDisk = "/dev/sda";
|
|
|
|
|
dataPartition = "/dev/nvme0n1p1";
|
|
|
|
|
};
|
2023-12-16 22:47:18 +00:00
|
|
|
|
2024-01-08 22:17:37 +00:00
|
|
|
ssh = {
|
|
|
|
|
useCertificates = true;
|
|
|
|
|
hostCert = builtins.readFile ./atlas_host_ed25519-cert.pub;
|
|
|
|
|
userCert = builtins.readFile ./atlas_user_ed25519-cert.pub;
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-11-29 16:21:18 +00:00
|
|
|
};
|
2023-11-15 12:06:59 +00:00
|
|
|
};
|
2023-12-17 15:22:22 +00:00
|
|
|
|
2023-12-25 18:22:22 +00:00
|
|
|
lewis = {
|
|
|
|
|
name = "lewis";
|
|
|
|
|
hostName = "lewis.hyp";
|
|
|
|
|
|
2024-01-17 20:28:15 +00:00
|
|
|
nixosModule = { pkgs, ... }: {
|
|
|
|
|
lab = {
|
|
|
|
|
dataHost.enable = true;
|
2023-12-25 18:22:22 +00:00
|
|
|
|
2024-01-17 20:28:15 +00:00
|
|
|
storage = {
|
|
|
|
|
osDisk = "/dev/sda";
|
|
|
|
|
dataPartition = "/dev/nvme0n1p1";
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
ssh = {
|
|
|
|
|
useCertificates = true;
|
|
|
|
|
hostCert = builtins.readFile ./lewis_host_ed25519-cert.pub;
|
|
|
|
|
userCert = builtins.readFile ./lewis_user_ed25519-cert.pub;
|
|
|
|
|
};
|
2023-12-25 18:22:22 +00:00
|
|
|
};
|
|
|
|
|
|
2024-01-17 20:28:15 +00:00
|
|
|
microvm.vms.my-microvm.config = {
|
|
|
|
|
services.openssh.enable = true;
|
|
|
|
|
networking.firewall.enable = false;
|
|
|
|
|
|
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = [
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOodpLr+FDRyKyHjucHizNLVFHZ5AQmE9GmxMnOsSoaw pimkunis@thinkpadpim"
|
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUZp4BCxf7uLa1QWonx/Crf8tYZ5MKIZ+EuaBa82LrV user@user-laptop"
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
programs.bash.interactiveShellInit = ''
|
|
|
|
|
echo "Hello world from inside a virtual machine!" | ${pkgs.lolcat}/bin/lolcat
|
|
|
|
|
'';
|
|
|
|
|
|
|
|
|
|
microvm = {
|
|
|
|
|
shares = [{
|
|
|
|
|
source = "/nix/store";
|
|
|
|
|
mountPoint = "/nix/.ro-store";
|
|
|
|
|
tag = "ro-store";
|
|
|
|
|
proto = "virtiofs";
|
|
|
|
|
}];
|
|
|
|
|
|
|
|
|
|
interfaces = [{
|
|
|
|
|
type = "tap";
|
|
|
|
|
id = "vm-my-microvm";
|
|
|
|
|
mac = "48:2D:63:E1:C5:39";
|
|
|
|
|
}];
|
|
|
|
|
};
|
2023-12-25 18:22:22 +00:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2023-11-15 12:06:59 +00:00
|
|
|
}
|
