initial commit

This commit is contained in:
L-Nafaryus 2024-12-01 23:09:19 +05:00
commit 33f859e18c
Signed by: L-Nafaryus
GPG Key ID: 553C97999B363D38
3 changed files with 167 additions and 0 deletions

4
.gitignore vendored Normal file
View File

@ -0,0 +1,4 @@
/result
*.qcow2
vdisk*

27
flake.lock generated Normal file
View File

@ -0,0 +1,27 @@
{
"nodes": {
"nixpkgs": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}

136
flake.nix Normal file
View File

@ -0,0 +1,136 @@
{
description = "Derivation lit";
nixConfig = {
extra-substituters = [
"https://cache.elnafo.ru"
"https://bonfire.cachix.org"
];
extra-trusted-public-keys = [
"cache.elnafo.ru:j3VD+Hn+is2Qk3lPXDSdPwHJQSatizk7V82iJ2RP1yo="
"bonfire.cachix.org-1:mzAGBy/Crdf8NhKail5ciK7ZrGRbPJJobW6TwFb7WYM="
];
};
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
};
outputs = {
self,
nixpkgs,
...
} @ inputs: let
lib = inputs.nixpkgs.lib;
forAllSystems = nixpkgs.lib.genAttrs ["x86_64-linux"];
nixpkgsFor = forAllSystems (system: import nixpkgs {inherit system;});
pkgs = nixpkgs.legacyPackages.x86_64-linux;
systemConfig = {
modules = with inputs; [
({
modulesPath,
config,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
(modulesPath + "/virtualisation/qemu-vm.nix")
];
system.stateVersion = "25.05";
services.openssh = {
enable = true;
startWhenNeeded = true;
settings.PasswordAuthentication = false;
settings.KbdInteractiveAuthentication = false;
settings.X11Forwarding = true;
};
environment.systemPackages = [pkgs.networkmanagerapplet];
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.kernelParams = [
"console=tty1"
"console=ttyS0,115200"
];
boot.loader.grub.enable = lib.mkForce true;
boot.loader.grub.device = "/dev/vda";
fileSystems."/" = {
device = "/dev/vda1";
fsType = "ext4";
};
networking = {
networkmanager = {
enable = true;
enableStrongSwan = true;
packages = with pkgs; [
networkmanager-l2tp
];
};
hostName = "nixos";
extraHosts = ''192.168.130.211 gitlab'';
};
networking.firewall.enable = false;
boot.tmp.cleanOnBoot = true;
nix.settings.auto-optimise-store = true;
services.journald.extraConfig = ''
SystemMaxUse=100M
MaxFileSec=7day
'';
services.resolved = {
enable = true;
dnssec = "false";
};
users.users.l-nafaryus = {
isNormalUser = true;
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS"
];
};
programs.fish.enable = true;
users.users.root.openssh.authorizedKeys.keys =
config.users.users.l-nafaryus.openssh.authorizedKeys.keys;
virtualisation.qemu.options = [
"-net user,hostfwd=tcp::10022-:22"
"-nographic"
];
})
];
};
in {
nixosConfigurations = {
nixtt = lib.nixosSystem (systemConfig // {system = "x86_64-linux";});
};
devShells = {
x86_64-linux.default = pkgs.mkShellNoCC {
buildInputs = [
pkgs.qemu
pkgs.nixos-generators
];
};
};
packages.x86_64-linux.nixtt = pkgs.writeScriptBin "run-nixtt" ''
#!${pkgs.runtimeShell}
${self.nixosConfigurations.nixtt.config.system.build.vm}/bin/run-nixos-vm
'';
};
}