From d907b7b8f0aecee0f9eba12b09b929d720d07a8d Mon Sep 17 00:00:00 2001
From: Azat Bahawi <azat@bahawi.net>
Date: Tue, 20 Feb 2024 00:53:48 +0300
Subject: 2024-02-20

---
 modules/nixos/incus.nix | 62 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 modules/nixos/incus.nix

(limited to 'modules/nixos/incus.nix')

diff --git a/modules/nixos/incus.nix b/modules/nixos/incus.nix
new file mode 100644
index 0000000..ada113f
--- /dev/null
+++ b/modules/nixos/incus.nix
@@ -0,0 +1,62 @@
+{
+  config,
+  lib,
+  ...
+}:
+with lib; let
+  cfg = config.nixfiles.modules.incus;
+in {
+  options.nixfiles.modules.incus.enable = mkEnableOption "Incus";
+
+  config = mkIf cfg.enable {
+    ark.directories = ["/var/lib/incus"];
+
+    virtualisation.incus = {
+      enable = true;
+
+      preseed = mkDefault {
+        networks = [
+          {
+            name = "incusbr0";
+            type = "bridge";
+            config = {
+              "ipv4.address" = "10.0.30.1/24";
+              "ipv4.nat" = true;
+              "ipv6.address" = "fc30::1/64";
+              "ipv6.nat" = true;
+            };
+          }
+        ];
+        storage_pools = [
+          {
+            name = "default";
+            driver = "dir";
+            config.source = "/var/lib/incus/storage-pools/default";
+          }
+        ];
+        profiles = [
+          {
+            name = "default";
+            devices = {
+              eth0 = {
+                type = "nic";
+                name = "eth0";
+                network = "incusbr0";
+              };
+              root = {
+                type = "disk";
+                pool = "default";
+                size = "15GiB";
+                path = "/";
+              };
+            };
+          }
+        ];
+      };
+    };
+
+    networking.firewall.trustedInterfaces = ["incusbr0"];
+
+    my.extraGroups = ["incus-admin"];
+  };
+}
-- 
cgit v1.2.3