dan
/
liminix
1
0
Fork 5
Code Issues 3 Pull Requests 2 Projects Releases Wiki Activity

extract borderVm config into separate file

module-based-network
Daniel Barlow 2023-02-15 21:21:52 +00:00
parent a98b266445
commit d948438ae1
2 changed files with 75 additions and 69 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
bordervm-configuration.nix Normal file
View File

@ -0,0 +1,69 @@
{ config, pkgs, ... }:
{
imports = [
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
];
boot.kernelParams = [
"loglevel=9"
];
systemd.services.pppoe =
let conf = pkgs.writeText "kpppoed.toml"
''
interface_name = "eth0"
services = [ "myservice" ]
lns_ipaddr = "90.155.53.19"
ac_name = "kpppoed-1.0"
'';
in {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.go-l2tp}/bin/kpppoed -config ${conf}";
};
};
systemd.services.tufted = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.tufted}/bin/tufted /home/liminix/liminix";
};
};
systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
virtualisation = {
qemu = {
networkingOptions = [];
options = [
"-device vfio-pci,host=01:00.0"
"-nographic"
"-serial mon:stdio"
];
};
sharedDirectories = {
liminix = {
source = builtins.toString ./.;
target = "/home/liminix/liminix";
};
};
};
environment.systemPackages = with pkgs; [
tcpdump
wireshark
socat
tufted
iptables
];
security.sudo.wheelNeedsPassword = false;
networking = {
hostName = "border";
firewall = { enable = false; };
interfaces.eth1 = {
useDHCP = false;
ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}];
};
};
users.users.liminix = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel"];
};
services.getty.autologinUser = "liminix";
}

75
default.nix
View File

@ -20,75 +20,12 @@ let
./modules/outputs.nix
] pkgs;
borderVm = ((import <nixpkgs/nixos>) {
configuration =
{ config, ... }:
{
imports = [
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
];
boot.kernelParams = [
"loglevel=9"
];
systemd.services.pppoe =
let conf = pkgs.writeText "kpppoed.toml"
''
interface_name = "eth0"
services = [ "myservice" ]
lns_ipaddr = "90.155.53.19"
ac_name = "kpppoed-1.0"
'';
in {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.pkgsBuildBuild.go-l2tp}/bin/kpppoed -config ${conf}";
};
};
systemd.services.tufted = {
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.pkgsBuildBuild.tufted}/bin/tufted /home/liminix/liminix";
};
};
virtualisation = {
qemu = {
networkingOptions = [];
options = [
"-device vfio-pci,host=01:00.0"
"-nographic"
"-serial mon:stdio"
];
};
sharedDirectories = {
liminix = {
source = builtins.toString ./.;
target = "/home/liminix/liminix";
};
};
};
environment.systemPackages = with pkgs.pkgsBuildBuild; [
tcpdump
wireshark
socat
tufted
iptables
];
security.sudo.wheelNeedsPassword = false;
networking = {
hostName = "border";
firewall = { enable = false; };
interfaces.eth1 = {
useDHCP = false;
ipv4.addresses = [ { address = "10.0.0.1"; prefixLength = 24;}];
};
};
users.users.liminix = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel"];
};
services.getty.autologinUser = "liminix";
};
borderVm = ((import <nixpkgs/nixos/lib/eval-config.nix>) {
system = builtins.currentSystem;
modules = [
({ ... } : { nixpkgs.overlays = [ overlay ]; })
(import ./bordervm-configuration.nix)
];
}).config.system;
in {
outputs = config.outputs // {