freifunk: microvmize

flake.nix

@@ -314,6 +314,7 @@
 
         freifunk = nixosSystem' {
           modules = [
+            microvm.nixosModules.microvm
             ./hosts/containers/freifunk
             {
               nixpkgs.overlays = with secrets.overlays; [

hosts/containers/freifunk/default.nix

@@ -24,10 +24,33 @@ let
 in {
   imports = [
     "${modulesPath}/profiles/minimal.nix"
-    ../../../config/lxc-container.nix
-    ../../../config/shared.nix
   ];
 
+  microvm = {
+    mem = 512;
+    hypervisor = "cloud-hypervisor";
+
+    shares = [ {
+      source = "/nix/store";
+      mountPoint = "/nix/.ro-store";
+      tag = "store";
+      proto = "virtiofs";
+      socket = "store.socket";
+    } ] ++ map (dir: {
+      source = "/var/lib/microvms/${config.networking.hostName}/${dir}";
+      mountPoint = "/${dir}";
+      tag = dir;
+      proto = "virtiofs";
+      socket = "${dir}.socket";
+    }) [ "etc" "home" "var"];
+
+    interfaces = [ {
+      type = "tap";
+      id = "freifunk";
+      mac = "00:de:13:cb3:9a:7b";
+    } ];
+  };
+
   boot.tmpOnTmpfs = true;
   boot.postBootCommands = ''
     if [ ! -c /dev/net/tun ]; then

hosts/server10/microvms.nix

@@ -2,6 +2,7 @@
   microvm.autostart = [ "oparl" "leon" "nfsroot" ];
   c3d2.server.bridgePorts = {
     serv = [ "oparl" "leon" "nfsroot" ];
+    core = [ "freifunk" ];
   };
 
   nix = {