{ pkgs, lib, config, hypervisorConfig, ... }: { imports = [ ./docker_swarm.nix ]; options.lab.vm = { # TODO: make global. baseMACAddress = lib.mkOption { default = "BA:DB:EE:F0:00:00"; type = lib.types.str; description = '' Base MAC address for VMs in the DMZ. ''; }; id = lib.mkOption { type = lib.types.int; description = '' Unique identifier of this VM from wich the MAC address is derived. ''; }; shares = lib.mkOption { default = [ ]; description = '' Directories mounted on the VM using VirtioFS. ''; type = lib.types.listOf (lib.types.submodule ({ config, ... }: { options = { name = lib.mkOption { type = lib.types.str; description = '' The name of the directory share. ''; }; mountPoint = lib.mkOption { type = lib.types.str; description = '' The mount point of the directory share inside the virtual machine. ''; }; }; })); }; }; config = { system.stateVersion = hypervisorConfig.system.stateVersion; lab.vm.shares = [{ name = "host_keys"; mountPoint = "/etc/ssh/host_keys"; }]; services.openssh = let hostKeyPath = "/etc/ssh/host_keys/ssh_host_ed25519_key"; in { hostKeys = [{ path = hostKeyPath; type = "ed25519"; }]; extraConfig = '' HostKey ${hostKeyPath} ''; }; microvm = { # TODO: make this dependent on the host CPU vcpu = 4; shares = [{ source = "/nix/store"; mountPoint = "/nix/.ro-store"; tag = "ro-store"; proto = "virtiofs"; }] ++ map (share: { source = "/var/lib/microvms/${config.networking.hostName}/shares/${share.name}"; mountPoint = share.mountPoint; tag = share.name; proto = "virtiofs"; }) config.lab.vm.shares; interfaces = [{ type = "tap"; id = "vm-${config.networking.hostName}"; mac = pkgs.lib.net.mac.add config.lab.vm.id config.lab.vm.baseMACAddress; }]; }; }; }