Migrate matemat into microvm

2022-06-17 21:27:38 +02:00 · 2022-06-17 21:27:38 +02:00 · 31225ff9cc
parent 8f6e6e767a
commit 31225ff9cc
2 changed files with 47 additions and 35 deletions
--- a/flake.nix
+++ b/flake.nix
@ -194,7 +194,7 @@
            nix copy --to ssh://$1 ${self}

            set -x
-            ssh $1 -- nix build -vL --no-link ${
+            ssh $1 -- nix build -L --no-link ${
              pkgs.lib.concatMapStringsSep " " (name:
                "${self}#nixosConfigurations.${name}.config.system.build.toplevel"
              ) (builtins.attrNames self.nixosConfigurations)
@ -253,7 +253,7 @@
              cd /var/lib/microvms/${name}
              chown root:kvm .
              chmod 0775 .
-              nix build \
+              nix build -L \
                -o current \
                ${self}#nixosConfigurations.${name}.config.microvm.declaredRunner
              echo '${selfRef}' > flake
@ -437,7 +437,7 @@

        matemat = nixosSystem' {
          modules = [
-            ./config/lxc-container.nix
+            self.nixosModules.microvm
            ./hosts/containers/matemat
            yammat.nixosModule
            secrets.nixosModules.admins
--- a/hosts/containers/matemat/default.nix
+++ b/hosts/containers/matemat/default.nix
@ -1,42 +1,54 @@
 { zentralwerk, config, lib, pkgs, ... }:
+
 {
-  networking.hostName = "matemat";
-  networking.interfaces.eth0 = {
-    ipv4.addresses = [{
-      address = config.c3d2.hosts.matemat.ip4;
-      prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
-    }];
-    useDHCP = false;
+  c3d2 = {
+    autoUpdate = true;
+    deployment = {
+      server = "server10";
+      mounts = [ "etc" "home" "var"];
+      interfaces = [{
+        net = "serv";
+        mac = "FA:2B:1B:DC:85:72";
+      }];
+    };
  };
-  networking.defaultGateway = "172.20.73.1";
-  networking.firewall.allowedTCPPorts = [ 80 443 ];

-  c3d2.autoUpdate = true;
+  networking = {
+    hostName = "matemat";
+    interfaces.ens3 = {
+      ipv4.addresses = [{
+        address = config.c3d2.hosts.matemat.ip4;
+        prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
+      }];
+      useDHCP = false;
+    };
+    defaultGateway = "172.20.73.1";
+    firewall.allowedTCPPorts = [ 80 443 ];
+  };

-  services.yammat.enable = true;
-  # unbreak gtk+3
-  environment.noXlibs = false;
-
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    virtualHosts."matemat.hq.c3d2.de" = {
-      default = true;
-      forceSSL = true;
-      enableACME = true;
-      locations."/" = {
-        proxyPass = "http://localhost:3000";
-        extraConfig = ''
-          satisfy any;
-          auth_basic secured;
-          auth_basic_user_file ${pkgs.matemat-auth};
-          allow 2a00:8180:2c00:200::/56;
-          allow 172.22.99.0/24;
-          allow 172.20.72.0/21;
-          deny all;
-        '';
+  services = {
+    nginx = {
+      enable = true;
+      recommendedProxySettings = true;
+      virtualHosts."matemat.hq.c3d2.de" = {
+        default = true;
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = {
+          proxyPass = "http://localhost:3000";
+          extraConfig = ''
+            satisfy any;
+            auth_basic secured;
+            auth_basic_user_file ${pkgs.matemat-auth};
+            allow 2a00:8180:2c00:200::/56;
+            allow 172.22.99.0/24;
+            allow 172.20.72.0/21;
+            deny all;
+          '';
+        };
      };
    };
+    yammat.enable = true;
  };

  programs.msmtp = {