commit 33f859e18c7f3c91e613cb66579cd68c58e247ee Author: L-Nafaryus Date: Sun Dec 1 23:09:19 2024 +0500 initial commit diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..353cb13 --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +/result +*.qcow2 +vdisk* + diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..9a06f64 --- /dev/null +++ b/flake.lock @@ -0,0 +1,27 @@ +{ + "nodes": { + "nixpkgs": { + "locked": { + "lastModified": 1732521221, + "narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..151d0a9 --- /dev/null +++ b/flake.nix @@ -0,0 +1,136 @@ +{ + description = "Derivation lit"; + + nixConfig = { + extra-substituters = [ + "https://cache.elnafo.ru" + "https://bonfire.cachix.org" + ]; + extra-trusted-public-keys = [ + "cache.elnafo.ru:j3VD+Hn+is2Qk3lPXDSdPwHJQSatizk7V82iJ2RP1yo=" + "bonfire.cachix.org-1:mzAGBy/Crdf8NhKail5ciK7ZrGRbPJJobW6TwFb7WYM=" + ]; + }; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + }; + + outputs = { + self, + nixpkgs, + ... + } @ inputs: let + lib = inputs.nixpkgs.lib; + forAllSystems = nixpkgs.lib.genAttrs ["x86_64-linux"]; + nixpkgsFor = forAllSystems (system: import nixpkgs {inherit system;}); + pkgs = nixpkgs.legacyPackages.x86_64-linux; + + systemConfig = { + modules = with inputs; [ + ({ + modulesPath, + config, + ... + }: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + (modulesPath + "/virtualisation/qemu-vm.nix") + ]; + + system.stateVersion = "25.05"; + + services.openssh = { + enable = true; + startWhenNeeded = true; + settings.PasswordAuthentication = false; + settings.KbdInteractiveAuthentication = false; + settings.X11Forwarding = true; + }; + + environment.systemPackages = [pkgs.networkmanagerapplet]; + + boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"]; + boot.initrd.kernelModules = []; + boot.kernelModules = ["kvm-amd"]; + boot.extraModulePackages = []; + + boot.kernelParams = [ + "console=tty1" + "console=ttyS0,115200" + ]; + boot.loader.grub.enable = lib.mkForce true; + boot.loader.grub.device = "/dev/vda"; + + fileSystems."/" = { + device = "/dev/vda1"; + fsType = "ext4"; + }; + + networking = { + networkmanager = { + enable = true; + enableStrongSwan = true; + packages = with pkgs; [ + networkmanager-l2tp + ]; + }; + hostName = "nixos"; + extraHosts = ''192.168.130.211 gitlab''; + }; + networking.firewall.enable = false; + + boot.tmp.cleanOnBoot = true; + nix.settings.auto-optimise-store = true; + + services.journald.extraConfig = '' + SystemMaxUse=100M + MaxFileSec=7day + ''; + + services.resolved = { + enable = true; + dnssec = "false"; + }; + + users.users.l-nafaryus = { + isNormalUser = true; + shell = pkgs.fish; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG1YGp8AI48hJUSQBZpuKLpbj2+3Q09vq64NxFr0N1MS" + ]; + }; + programs.fish.enable = true; + + users.users.root.openssh.authorizedKeys.keys = + config.users.users.l-nafaryus.openssh.authorizedKeys.keys; + + virtualisation.qemu.options = [ + "-net user,hostfwd=tcp::10022-:22" + "-nographic" + ]; + }) + ]; + }; + in { + nixosConfigurations = { + nixtt = lib.nixosSystem (systemConfig // {system = "x86_64-linux";}); + }; + + devShells = { + x86_64-linux.default = pkgs.mkShellNoCC { + buildInputs = [ + pkgs.qemu + pkgs.nixos-generators + ]; + }; + }; + + packages.x86_64-linux.nixtt = pkgs.writeScriptBin "run-nixtt" '' + #!${pkgs.runtimeShell} + + ${self.nixosConfigurations.nixtt.config.system.build.vm}/bin/run-nixos-vm + + ''; + }; +}