From 6967f79e83d553d2423b9e01d7a5cf541dec0779 Mon Sep 17 00:00:00 2001 From: yomaq Date: Sun, 7 Apr 2024 21:15:17 -0500 Subject: [PATCH] nixos server test on teal --- hosts/teal/nixoscontainer.nix | 101 ++++++++++++++++++++ modules/hosts/suites/basics/default.nix | 3 - modules/hosts/suites/foundation/default.nix | 1 + 3 files changed, 102 insertions(+), 3 deletions(-) create mode 100644 hosts/teal/nixoscontainer.nix diff --git a/hosts/teal/nixoscontainer.nix b/hosts/teal/nixoscontainer.nix new file mode 100644 index 00000000..996d4209 --- /dev/null +++ b/hosts/teal/nixoscontainer.nix @@ -0,0 +1,101 @@ +{ config, lib, pkgs, inputs, modulesPath, ... }: +let + + NAME = "test"; + + inherit (config.networking) hostName; + inherit (config.yomaq.impermanence) backup; + inherit (config.yomaq.impermanence) dontBackup; + inherit (config.yomaq.tailscale) tailnetName; + inherit (config.system) stateVersion; +in +{ + config = { + + systemd.tmpfiles.rules = [ + "d ${dontBackup}/nixos-containers/${NAME}/tailscale" + "d ${dontBackup}/nixos-containers/${NAME}/data 0755 admin" + "d ${dontBackup}/nixos-containers/${NAME}/userdata 0755 admin" + "d ${dontBackup}/nixos-containers/${NAME}/extensions 0755 admin" + "d ${dontBackup}/nixos-containers/${NAME}/admin 0755 admin" + ]; + + + yomaq.homepage.groups.services.services = [{ + "Code Server" = { + icon = "si-visualstudiocode"; + href = "${NAME}.${tailnetName}.ts.net"; + }; + }]; + + + + containers."${NAME}" = { + autoStart = true; + privateNetwork = true; + hostBridge = "br0"; # Specify the bridge name + specialArgs = { inherit inputs; }; + bindMounts = { + "/etc/ssh/${hostName}" = { + hostPath = "/etc/ssh/${hostName}"; + isReadOnly = true; + }; + "/var/lib/tailscale/" = { + hostPath = "${dontBackup}/nixos-containers/${NAME}/tailscale"; + isReadOnly = false; + }; + "${dontBackup}/nixos-containers/${NAME}/data" = { + hostPath = "${dontBackup}/nixos-containers/${NAME}/data"; + isReadOnly = false; + }; + "${dontBackup}/nixos-containers/${NAME}/userdata" = { + hostPath = "${dontBackup}/nixos-containers/${NAME}/userdata"; + isReadOnly = false; + }; + "${dontBackup}/nixos-containers/${NAME}/extensions" = { + hostPath = "${dontBackup}/nixos-containers/${NAME}/extensions"; + isReadOnly = false; + }; + "/home/admin" = { + hostPath = "${dontBackup}/nixos-containers/${NAME}/admin"; + isReadOnly = false; + }; + }; + enableTun = true; + ephemeral = true; + config = { + imports = [ + inputs.self.nixosModules.yomaq + (inputs.self + /users/admin) + ]; + system.stateVersion = stateVersion; + age.identityPaths = ["/etc/ssh/${hostName}"]; + networking.useHostResolvConf = lib.mkForce false; + yomaq = { + suites = { + foundation.enable = true; + }; + tailscale = { + enable = true; + extraUpFlags = ["--ssh=true" "--reset=true"]; + }; + }; + + environment.persistence."${dontBackup}" = { + users.admin = lib.mkForce {}; + }; + + services.openvscode-server = { + enable = true; + user = "admin"; + host = "127.0.0.1"; + withoutConnectionToken = true; + telemetryLevel = "off"; + serverDataDir = "${dontBackup}/nixos-containers/${NAME}/data"; + userDataDir = "${dontBackup}/nixos-containers/${NAME}/userdata"; + extensionsDir = "${dontBackup}/nixos-containers/${NAME}/extensions"; + }; + }; + }; + }; +} \ No newline at end of file diff --git a/modules/hosts/suites/basics/default.nix b/modules/hosts/suites/basics/default.nix index 084f5031..3b6cac30 100644 --- a/modules/hosts/suites/basics/default.nix +++ b/modules/hosts/suites/basics/default.nix @@ -17,9 +17,6 @@ in }; config = mkIf cfg.enable { - yomaq = { - zsh.enable =true; - }; nixpkgs.overlays = [ inputs.agenix.overlays.default ]; environment.systemPackages = with pkgs; [ vim diff --git a/modules/hosts/suites/foundation/default.nix b/modules/hosts/suites/foundation/default.nix index 09fa76c1..4f422f2d 100644 --- a/modules/hosts/suites/foundation/default.nix +++ b/modules/hosts/suites/foundation/default.nix @@ -16,6 +16,7 @@ in config = mkIf cfg.enable { yomaq = { + zsh.enable =true; agenix.enable = true; nixSettings.enable = true; tailscale.enable = true;