lxd module

2024-06-29 14:40:10 +01:00 · 2024-06-29 14:40:10 +01:00 · 291a86f71b
parent 822a710ff5
commit 291a86f71b
6 changed files with 101 additions and 9 deletions
--- a/hosts/common/optional/lxd.nix
+++ b/hosts/common/optional/lxd.nix
@ -1,7 +0,0 @@
 {
  virtualisation.lxc = {
    enable = true;
    lxcfs.enable = true;
  };
 }
--- a/hosts/common/optional/lxd/default.nix
+++ b/hosts/common/optional/lxd/default.nix
@ -0,0 +1,18 @@
 {
  imports = [
    ./lxd-preseed.nix
    ./lxd-networking.nix
  ];
  virtualisation = {
    lxd = {
      enable = true;
      recommendedSysctlSettings = true;
    };
    lxc = {
      lxcfs.enable = true;
    };
  };
 }
--- a/hosts/common/optional/lxd/lxd-networking.nix
+++ b/hosts/common/optional/lxd/lxd-networking.nix
@ -0,0 +1,21 @@
 { ... }:
 let
  lxd_profiles = {
    "default" = (import ./profiles/default.nix);
  };
 in
 {
  boot = {
    kernelModules = [ "nf_nat_ftp" ];
    kernel.sysctl = {
      "net.ipv4.conf.all.forwarding" = true;
      "net.ipv4.conf.default.forwarding" = true;
    };
  };
  # allow static ipv4 for containers
  networking.firewall.extraCommands = ''
    iptables -a input -i ${lxd_profiles.default.network.name} -m comment --comment "lxd rule for ${lxd_profiles.default.network.name}" -j accept
  '';
 }
--- a/hosts/common/optional/lxd/lxd-preseed.nix
+++ b/hosts/common/optional/lxd/lxd-preseed.nix
@ -0,0 +1,26 @@
 { ... }:
 let
  lxd_profiles = {
    "default" = (import ./profiles/default.nix);
  };
 in
 {
  virtualisation = {
    lxd = {
      preseed =  {
        networks = [
          lxd_profiles.default.network
        ];
        profiles = [
          lxd_profiles.default.profile
        ];
        storage_pools = [
          lxd_profiles.default.storage_pool
        ];  
      };
    };
  };
 }
--- a/hosts/common/optional/lxd/profiles/default.nix
+++ b/hosts/common/optional/lxd/profiles/default.nix
@ -0,0 +1,35 @@
 {
  network = {
    name = "lxdBrDefault";
    type = "bridge";
    config = {
      "ipv4.address" = "10.100.1.1/8";
      "ipv4.nat" = "true";
    };
  };
  storage_pool = {
    name = "test";
    driver = "zfs";
    config.source = "zspeed/test";
  };
  profile = {
    name = "default";
    devices = {
      "eth0" = {
        name = "eth0";
        nictype = "bridged";
        parent = "lxdBrDefault";
        type = "nic";
      };
      "root" = {
        path = "/";
        pool = "default";
        size = "8GiB";
        type = "disk";
      };
    };
  };
 }
--- a/hosts/nebula/default.nix
+++ b/hosts/nebula/default.nix
@ -23,8 +23,7 @@ in
      # Import optional options
      ../common/optional/openssh.nix
-      ../common/optional/lxd.nix
+      ../common/optional/lxd
    ];