From d948438ae120d279c57e907e852fe83b8e0cc01b Mon Sep 17 00:00:00 2001 From: Daniel Barlow Date: Wed, 15 Feb 2023 21:21:52 +0000 Subject: [PATCH] extract borderVm config into separate file --- bordervm-configuration.nix | 69 +++++++++++++++++++++++++++++++++++ default.nix | 75 +++----------------------------------- 2 files changed, 75 insertions(+), 69 deletions(-) create mode 100644 bordervm-configuration.nix diff --git a/bordervm-configuration.nix b/bordervm-configuration.nix new file mode 100644 index 0000000..bbaa325 --- /dev/null +++ b/bordervm-configuration.nix @@ -0,0 +1,69 @@ +{ config, pkgs, ... }: +{ + imports = [ + + ]; + boot.kernelParams = [ + "loglevel=9" + ]; + systemd.services.pppoe = + let conf = pkgs.writeText "kpppoed.toml" + '' + interface_name = "eth0" + services = [ "myservice" ] + lns_ipaddr = "90.155.53.19" + ac_name = "kpppoed-1.0" + ''; + in { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.go-l2tp}/bin/kpppoed -config ${conf}"; + }; + }; + systemd.services.tufted = { + wantedBy = [ "multi-user.target" ]; + serviceConfig = { + ExecStart = "${pkgs.tufted}/bin/tufted /home/liminix/liminix"; + }; + }; + systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; + + virtualisation = { + qemu = { + networkingOptions = []; + options = [ + "-device vfio-pci,host=01:00.0" + "-nographic" + "-serial mon:stdio" + ]; + }; + sharedDirectories = { + liminix = { + source = builtins.toString ./.; + target = "/home/liminix/liminix"; + }; + }; + }; + environment.systemPackages = with pkgs; [ + tcpdump + wireshark + socat + tufted + iptables + ]; + security.sudo.wheelNeedsPassword = false; + networking = { + hostName = "border"; + firewall = { enable = false; }; + interfaces.eth1 = { + useDHCP = false; + ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}]; + }; + }; + users.users.liminix = { + isNormalUser = true; + uid = 1000; + extraGroups = [ "wheel"]; + }; + services.getty.autologinUser = "liminix"; +} diff --git a/default.nix b/default.nix index b764950..bae2479 100644 --- a/default.nix +++ b/default.nix @@ -20,75 +20,12 @@ let ./modules/outputs.nix ] pkgs; - borderVm = ((import ) { - configuration = - { config, ... }: - { - imports = [ - - ]; - boot.kernelParams = [ - "loglevel=9" - ]; - systemd.services.pppoe = - let conf = pkgs.writeText "kpppoed.toml" - '' - interface_name = "eth0" - services = [ "myservice" ] - lns_ipaddr = "90.155.53.19" - ac_name = "kpppoed-1.0" - ''; - in { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.pkgsBuildBuild.go-l2tp}/bin/kpppoed -config ${conf}"; - }; - }; - systemd.services.tufted = { - wantedBy = [ "multi-user.target" ]; - serviceConfig = { - ExecStart = "${pkgs.pkgsBuildBuild.tufted}/bin/tufted /home/liminix/liminix"; - }; - }; - virtualisation = { - qemu = { - networkingOptions = []; - options = [ - "-device vfio-pci,host=01:00.0" - "-nographic" - "-serial mon:stdio" - ]; - }; - sharedDirectories = { - liminix = { - source = builtins.toString ./.; - target = "/home/liminix/liminix"; - }; - }; - }; - environment.systemPackages = with pkgs.pkgsBuildBuild; [ - tcpdump - wireshark - socat - tufted - iptables - ]; - security.sudo.wheelNeedsPassword = false; - networking = { - hostName = "border"; - firewall = { enable = false; }; - interfaces.eth1 = { - useDHCP = false; - ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}]; - }; - }; - users.users.liminix = { - isNormalUser = true; - uid = 1000; - extraGroups = [ "wheel"]; - }; - services.getty.autologinUser = "liminix"; - }; + borderVm = ((import ) { + system = builtins.currentSystem; + modules = [ + ({ ... } : { nixpkgs.overlays = [ overlay ]; }) + (import ./bordervm-configuration.nix) + ]; }).config.system; in { outputs = config.outputs // {