add persistence to gid/uid services of microvm and set vsock.cid

2026-04-25 17:38:42 +02:00
parent f7035e0daf
commit f50a5caee5
11 changed files with 322 additions and 318 deletions
--- a/hosts/nasbackup/default.nix
+++ b/hosts/nasbackup/default.nix
@@ -1,66 +1,48 @@
 #
-#  Specific system configuration settings for desktop
-#
-#  flake.nix
-#   ├─ ./hosts
-#   │   └─ ./laptop
-#   │        ├─ default.nix *
-#   │        └─ hardware-configuration.nix       
-#   └─ ./modules
-#       ├─ ./desktop
-#       │   └─ ./hyprland
-#       │       └─ hyprland.nix
-#       ├─ ./modules
-#       │   └─ ./programs
-#       │       └─ waybar.nix
-#       └─ ./hardware
-#           └─ default.nix
+#  Nasbak — NAS backup server configuration
 #

 { config, pkgs, user, ... }:

 {
-  imports =                                                         # For now, if applying to other system, swap files
-    [(import ./hardware-configuration.nix)] ++                      # Current system hardware config @ /etc/nixos/hardware-configuration.nix
-    #[(import ../../modules/wm/virtualisation/docker.nix)] ++   # Docker
-    (import ../../modules/services/nasbackup) ++                       # Server Services
-    (import ../../modules/hardware);                                # Hardware devices
+  imports = [
+    ./hardware-configuration.nix
+    ../../modules/server
+  ] ++ (import ../../modules/services/nasbackup);

-  boot = {                                  # Boot options
+  # ── Server module options ───────────────────────────────────────────────
+  # No virtualisation on the backup NAS
+
+  # ── Host-specific settings ──────────────────────────────────────────────
+  boot = {
    kernelPackages = pkgs.linuxPackages_latest;
-
-    loader = {                              # EFI Boot
-      systemd-boot.enable = true;
-      efi = {
-        canTouchEfiVariables = true;
-        efiSysMountPoint = "/boot";
-      };
-      timeout = 1;                          # Grub auto select time
+    loader = {
+      systemd-boot.enable      = true;
+      efi.canTouchEfiVariables = true;
+      efi.efiSysMountPoint     = "/boot";
+      timeout                  = 1;
    };
  };

  programs = {
-    zsh.enable = true;
    ssh.startAgent = false;
    gnupg.agent = {
-      enable = false;
+      enable           = false;
      enableSSHSupport = true;
-      pinentryPackage = pkgs.pinentry-curses;
+      pinentryPackage  = pkgs.pinentry-curses;
    };
  };

  services = {
    qemuGuest.enable = true;
-    avahi = {                               # Needed to find wireless printer
-      enable = true;
+    avahi = {
+      enable   = true;
      nssmdns4 = true;
-      publish = {                           # Needed for detecting the scanner
-        enable = true;
-        addresses = true;
+      publish  = {
+        enable       = true;
+        addresses    = true;
        userServices = true;
      };
    };
-
  };
-
 }