add persistence to gid/uid services of microvm and set vsock.cid
This commit is contained in:
@@ -16,7 +16,9 @@
|
||||
{ lib, inputs, nixpkgs, nixpkgs-unstable, nixos-hardware, home-manager, home-manager-unstable, agenix, jovian-nixos, microvm, impermanence, lanzaboote, ... }:
|
||||
|
||||
let
|
||||
user = "kabbone";
|
||||
# Default user — desktop hosts share this; server hosts may override per-host
|
||||
# by passing a different `user` value in their own specialArgs block.
|
||||
defaultUser = "kabbone";
|
||||
location = builtins.getEnv "HOME" + "/.setup";
|
||||
|
||||
system = "x86_64-linux";
|
||||
@@ -42,8 +44,9 @@ let
|
||||
|
||||
# Helper: returns [hm-module, config-attrset] for the modules list.
|
||||
# hm - the home-manager flake input to use (stable or unstable)
|
||||
# user - the username whose home-manager config to build
|
||||
# hmImports - list of home.nix paths for this host
|
||||
mkHM = hm: hmImports: [
|
||||
mkHM = hm: user: hmImports: [
|
||||
hm.nixosModules.home-manager
|
||||
{
|
||||
home-manager.useGlobalPkgs = true;
|
||||
@@ -57,7 +60,7 @@ in
|
||||
{
|
||||
hades = lib.nixosSystem { # Desktop profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix microvm nixpkgs lanzaboote; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix microvm nixpkgs lanzaboote; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
@@ -68,12 +71,12 @@ in
|
||||
nixos-hardware.nixosModules.common-cpu-amd
|
||||
nixos-hardware.nixosModules.common-gpu-amd
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home.nix ./desktop/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home.nix ./desktop/home.nix ]);
|
||||
};
|
||||
|
||||
lifebook = lib.nixosSystem { # Laptop profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix lanzaboote; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix lanzaboote; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
@@ -81,93 +84,93 @@ in
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-cpu-intel
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home.nix ./lifebook/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home.nix ./lifebook/home.nix ]);
|
||||
};
|
||||
|
||||
steamdeck = nixpkgs-unstable.lib.nixosSystem { # steamdeck profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix jovian-nixos lanzaboote; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix jovian-nixos lanzaboote; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
jovian-nixos.nixosModules.default
|
||||
lanzaboote.nixosModules.lanzaboote
|
||||
./steamdeck
|
||||
./configuration_common.nix
|
||||
] ++ (mkHM home-manager-unstable [ ./home.nix ./steamdeck/home.nix ]);
|
||||
] ++ (mkHM home-manager-unstable defaultUser [ ./home.nix ./steamdeck/home.nix ]);
|
||||
};
|
||||
|
||||
kabtop = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
./kabtop
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-cpu-amd
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./kabtop/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kabtop/home.nix ]);
|
||||
};
|
||||
|
||||
nasbak = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
./nasbackup
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-cpu-intel
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./nasbackup/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./nasbackup/home.nix ]);
|
||||
};
|
||||
|
||||
jupiter = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
./jupiter
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-cpu-intel
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./jupiter/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./jupiter/home.nix ]);
|
||||
};
|
||||
|
||||
kabtopci = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
./kabtopci
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./kabtopci/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kabtopci/home.nix ]);
|
||||
};
|
||||
|
||||
kubemaster-1 = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
./kubemaster-1
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-cpu-intel
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./kubemaster-1/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./kubemaster-1/home.nix ]);
|
||||
};
|
||||
|
||||
dmz = lib.nixosSystem { # Server profile
|
||||
inherit system;
|
||||
specialArgs = { inherit inputs user location nixos-hardware agenix impermanence; };
|
||||
specialArgs = { inherit inputs location nixos-hardware agenix impermanence; user = defaultUser; };
|
||||
modules = [
|
||||
agenix.nixosModules.default
|
||||
microvm.nixosModules.host
|
||||
./dmz
|
||||
./configuration_server.nix
|
||||
./configuration_common.nix
|
||||
nixos-hardware.nixosModules.common-pc-ssd
|
||||
] ++ (mkHM home-manager [ ./home_server.nix ./dmz/home.nix ]);
|
||||
] ++ (mkHM home-manager defaultUser [ ./home_server.nix ./dmz/home.nix ]);
|
||||
};
|
||||
|
||||
# vm = lib.nixosSystem { # VM profile
|
||||
|
||||
Reference in New Issue
Block a user