{ jefke = { name = "jefke"; hostName = "jefke.hyp"; nixosModule.lab = { terraformDatabase.enable = true; storage = { osDisk = "/dev/sda"; dataPartition = "/dev/nvme0n1p1"; }; ssh = { useCertificates = true; hostCert = builtins.readFile ./jefke_host_ed25519-cert.pub; userCert = builtins.readFile ./jefke_user_ed25519-cert.pub; }; }; }; atlas = { name = "atlas"; hostName = "atlas.hyp"; nixosModule = { config, ... }: let inherit (config.lab.networking) dmzServicesIPv4 dmzServicesIPv6; in { lab = { networking = { # TODO: Ideally, we don't have to set this here. staticDMZIPv4Address = "${dmzServicesIPv4}/24"; staticDMZIPv6Address = "${dmzServicesIPv6}/64"; dmzServices.enable = true; }; storage = { osDisk = "/dev/sda"; dataPartition = "/dev/nvme0n1p1"; }; ssh = { useCertificates = true; hostCert = builtins.readFile ./atlas_host_ed25519-cert.pub; userCert = builtins.readFile ./atlas_user_ed25519-cert.pub; }; }; }; }; lewis = { name = "lewis"; hostName = "lewis.hyp"; nixosModule = { pkgs, ... }: { lab = { dataHost.enable = true; storage = { osDisk = "/dev/sda"; dataPartition = "/dev/nvme0n1p1"; }; ssh = { useCertificates = true; hostCert = builtins.readFile ./lewis_host_ed25519-cert.pub; userCert = builtins.readFile ./lewis_user_ed25519-cert.pub; }; }; microvm.vms.my-microvm.config = { services.openssh.enable = true; networking.firewall.enable = false; users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOodpLr+FDRyKyHjucHizNLVFHZ5AQmE9GmxMnOsSoaw pimkunis@thinkpadpim" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINUZp4BCxf7uLa1QWonx/Crf8tYZ5MKIZ+EuaBa82LrV user@user-laptop" ]; programs.bash.interactiveShellInit = '' echo "Hello world from inside a virtual machine!" | ${pkgs.lolcat}/bin/lolcat ''; microvm = { shares = [{ source = "/nix/store"; mountPoint = "/nix/.ro-store"; tag = "ro-store"; proto = "virtiofs"; }]; interfaces = [{ type = "tap"; id = "vm-my-microvm"; mac = "48:2D:63:E1:C5:39"; }]; }; }; }; }; }