blob: 14bbc1de14f76dfac81571e862e1fc186158d503 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
{
config,
lib,
...
}:
with lib; let
cfg = config.nixfiles.modules.incus;
in {
options.nixfiles.modules.incus.enable = mkEnableOption "Incus";
config = mkIf cfg.enable {
ark.directories = ["/var/lib/incus"];
virtualisation.incus = {
enable = true;
preseed = mkDefault {
networks = [
{
name = "incusbr0";
type = "bridge";
config = {
"ipv4.address" = "10.0.30.1/24";
"ipv4.nat" = true;
"ipv6.address" = "fc30::1/64";
"ipv6.nat" = true;
};
}
];
storage_pools = [
{
name = "default";
driver = "dir";
config.source = "/var/lib/incus/storage-pools/default";
}
];
profiles = [
{
name = "default";
devices = {
eth0 = {
type = "nic";
name = "eth0";
network = "incusbr0";
};
root = {
type = "disk";
pool = "default";
size = "15GiB";
path = "/";
};
};
}
];
};
};
networking.firewall.trustedInterfaces = ["incusbr0"];
# FIXME https://nixpk.gs/pr-tracker.html?pr=295364
# systemd.services.incus.path = mkForce [
# config.boot.zfs.package
# "${config.boot.zfs.package}/lib/udev"
# ];
my.extraGroups = ["incus-admin"];
};
}
|