nix/vm.nix at push-zvkrywwskknq · veryroundbird.house/core

veryroundbird.house / core
this repo has no description
core / nix / vm.nix
at push-zvkrywwskknq 1.7 kB view raw
 1{
 2  nixpkgs,
 3  self,
 4}:
 5nixpkgs.lib.nixosSystem {
 6  system = "x86_64-linux";
 7  modules = [
 8    self.nixosModules.knot
 9    self.nixosModules.spindle
10    ({
11      config,
12      pkgs,
13      ...
14    }: {
15      virtualisation = {
16        memorySize = 2048;
17        diskSize = 10 * 1024;
18        cores = 2;
19        forwardPorts = [
20          # ssh
21          {
22            from = "host";
23            host.port = 2222;
24            guest.port = 22;
25          }
26          # knot
27          {
28            from = "host";
29            host.port = 6000;
30            guest.port = 6000;
31          }
32          # spindle
33          {
34            from = "host";
35            host.port = 6555;
36            guest.port = 6555;
37          }
38        ];
39      };
40      services.getty.autologinUser = "root";
41      environment.systemPackages = with pkgs; [curl vim git];
42      systemd.tmpfiles.rules = let
43        u = config.services.tangled-knot.gitUser;
44        g = config.services.tangled-knot.gitUser;
45      in [
46        "d /var/lib/knot 0770 ${u} ${g} - -" # Create the directory first
47        "f+ /var/lib/knot/secret 0660 ${u} ${g} - KNOT_SERVER_SECRET=168c426fa6d9829fcbe85c96bdf144e800fb9737d6ca87f21acc543b1aa3e440"
48      ];
49      services.tangled-knot = {
50        enable = true;
51        server = {
52          secretFile = "/var/lib/knot/secret";
53          hostname = "localhost:6000";
54          listenAddr = "0.0.0.0:6000";
55        };
56      };
57      services.tangled-spindle = {
58        enable = true;
59        server = {
60          owner = "did:plc:qfpnj4og54vl56wngdriaxug";
61          hostname = "localhost:6555";
62          listenAddr = "0.0.0.0:6555";
63          dev = true;
64        };
65      };
66    })
67  ];
68}