veryroundbird.house / core
forked from tangled.org/core
this repo has no description
fork atom
core / nix / vm.nix
at push-nlvzxwtrmryl 2.3 kB view raw
1{ 2 nixpkgs, 3 system, 4 self, 5}: let 6 envVar = name: let 7 var = builtins.getEnv name; 8 in 9 if var == "" 10 then throw "\$${name} must be defined, see docs/hacking.md for more details" 11 else var; 12in 13 nixpkgs.lib.nixosSystem { 14 inherit system; 15 modules = [ 16 self.nixosModules.knot 17 self.nixosModules.spindle 18 ({ 19 config, 20 pkgs, 21 ... 22 }: { 23 nixos-shell = { 24 inheritPath = false; 25 mounts = { 26 mountHome = false; 27 mountNixProfile = false; 28 }; 29 }; 30 virtualisation = { 31 memorySize = 2048; 32 diskSize = 10 * 1024; 33 cores = 2; 34 forwardPorts = [ 35 # ssh 36 { 37 from = "host"; 38 host.port = 2222; 39 guest.port = 22; 40 } 41 # knot 42 { 43 from = "host"; 44 host.port = 6000; 45 guest.port = 6000; 46 } 47 # spindle 48 { 49 from = "host"; 50 host.port = 6555; 51 guest.port = 6555; 52 } 53 ]; 54 }; 55 services.getty.autologinUser = "root"; 56 environment.systemPackages = with pkgs; [curl vim git sqlite litecli]; 57 systemd.tmpfiles.rules = let 58 u = config.services.tangled-knot.gitUser; 59 g = config.services.tangled-knot.gitUser; 60 in [ 61 "d /var/lib/knot 0770 ${u} ${g} - -" # Create the directory first 62 "f+ /var/lib/knot/secret 0660 ${u} ${g} - KNOT_SERVER_SECRET=${envVar "TANGLED_VM_KNOT_SECRET"}" 63 ]; 64 services.tangled-knot = { 65 enable = true; 66 motd = "Welcome to the development knot!\n"; 67 server = { 68 secretFile = "/var/lib/knot/secret"; 69 hostname = "localhost:6000"; 70 listenAddr = "0.0.0.0:6000"; 71 }; 72 }; 73 services.tangled-spindle = { 74 enable = true; 75 server = { 76 owner = envVar "TANGLED_VM_SPINDLE_OWNER"; 77 hostname = "localhost:6555"; 78 listenAddr = "0.0.0.0:6555"; 79 dev = true; 80 secrets = { 81 provider = "sqlite"; 82 }; 83 }; 84 }; 85 }) 86 ]; 87 }