From 31225ff9cc892e41051dbd998056199f39ebf516 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@gmail.com>
Date: Fri, 17 Jun 2022 21:27:38 +0200
Subject: [PATCH] Migrate matemat into microvm

---
 flake.nix                            |  6 +--
 hosts/containers/matemat/default.nix | 76 ++++++++++++++++------------
 2 files changed, 47 insertions(+), 35 deletions(-)

diff --git a/flake.nix b/flake.nix
index c6f0a60f..b434767c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -194,7 +194,7 @@
             nix copy --to ssh://$1 ${self}
 
             set -x
-            ssh $1 -- nix build -vL --no-link ${
+            ssh $1 -- nix build -L --no-link ${
               pkgs.lib.concatMapStringsSep " " (name:
                 "${self}#nixosConfigurations.${name}.config.system.build.toplevel"
               ) (builtins.attrNames self.nixosConfigurations)
@@ -253,7 +253,7 @@
               cd /var/lib/microvms/${name}
               chown root:kvm .
               chmod 0775 .
-              nix build \
+              nix build -L \
                 -o current \
                 ${self}#nixosConfigurations.${name}.config.microvm.declaredRunner
               echo '${selfRef}' > flake
@@ -437,7 +437,7 @@
 
         matemat = nixosSystem' {
           modules = [
-            ./config/lxc-container.nix
+            self.nixosModules.microvm
             ./hosts/containers/matemat
             yammat.nixosModule
             secrets.nixosModules.admins
diff --git a/hosts/containers/matemat/default.nix b/hosts/containers/matemat/default.nix
index 779edb87..f3fe0d8e 100644
--- a/hosts/containers/matemat/default.nix
+++ b/hosts/containers/matemat/default.nix
@@ -1,42 +1,54 @@
 { zentralwerk, config, lib, pkgs, ... }:
+
 {
-  networking.hostName = "matemat";
-  networking.interfaces.eth0 = {
-    ipv4.addresses = [{
-      address = config.c3d2.hosts.matemat.ip4;
-      prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
-    }];
-    useDHCP = false;
+  c3d2 = {
+    autoUpdate = true;
+    deployment = {
+      server = "server10";
+      mounts = [ "etc" "home" "var"];
+      interfaces = [{
+        net = "serv";
+        mac = "FA:2B:1B:DC:85:72";
+      }];
+    };
   };
-  networking.defaultGateway = "172.20.73.1";
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
 
-  c3d2.autoUpdate = true;
+  networking = {
+    hostName = "matemat";
+    interfaces.ens3 = {
+      ipv4.addresses = [{
+        address = config.c3d2.hosts.matemat.ip4;
+        prefixLength = zentralwerk.lib.config.site.net.serv.subnet4Len;
+      }];
+      useDHCP = false;
+    };
+    defaultGateway = "172.20.73.1";
+    firewall.allowedTCPPorts = [ 80 443 ];
+  };
 
-  services.yammat.enable = true;
-  # unbreak gtk+3
-  environment.noXlibs = false;
-
-  services.nginx = {
-    enable = true;
-    recommendedProxySettings = true;
-    virtualHosts."matemat.hq.c3d2.de" = {
-      default = true;
-      forceSSL = true;
-      enableACME = true;
-      locations."/" = {
-        proxyPass = "http://localhost:3000";
-        extraConfig = ''
-          satisfy any;
-          auth_basic secured;
-          auth_basic_user_file ${pkgs.matemat-auth};
-          allow 2a00:8180:2c00:200::/56;
-          allow 172.22.99.0/24;
-          allow 172.20.72.0/21;
-          deny all;
-        '';
+  services = {
+    nginx = {
+      enable = true;
+      recommendedProxySettings = true;
+      virtualHosts."matemat.hq.c3d2.de" = {
+        default = true;
+        forceSSL = true;
+        enableACME = true;
+        locations."/" = {
+          proxyPass = "http://localhost:3000";
+          extraConfig = ''
+            satisfy any;
+            auth_basic secured;
+            auth_basic_user_file ${pkgs.matemat-auth};
+            allow 2a00:8180:2c00:200::/56;
+            allow 172.22.99.0/24;
+            allow 172.20.72.0/21;
+            deny all;
+          '';
+        };
       };
     };
+    yammat.enable = true;
   };
 
   programs.msmtp = {