diff options
| author | Devin Finlinson <devin.finlinson@pm.me> | 2025-07-18 15:11:35 -0600 |
|---|---|---|
| committer | Devin Finlinson <devin.finlinson@pm.me> | 2025-07-18 15:11:35 -0600 |
| commit | 7bae750ce6dda37b900271e398fef2fe9d2d0022 (patch) | |
| tree | e1d2ca859ec60cf994bd286a6f0af01096d3d417 | |
| parent | 89e3c75643bfcf6c53685030120d2c74151a62e4 (diff) | |
testing binary cache and messing with vm networking
| -rw-r--r-- | machines/doretta/default.nix | 66 | ||||
| -rw-r--r-- | modules/nixos/binary-cache.nix | 18 |
2 files changed, 53 insertions, 31 deletions
diff --git a/machines/doretta/default.nix b/machines/doretta/default.nix index 2290868..dc3d4aa 100644 --- a/machines/doretta/default.nix +++ b/machines/doretta/default.nix @@ -8,7 +8,9 @@ imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - ./website.nix + + # ./website.nix + ../../modules/nixos/binary-cache.nix ../../modules/nixos/nix-common.nix ../../modules/nixos/environment.nix @@ -16,6 +18,8 @@ ../../modules/nixos/system-packages.nix # microvm.host + ../../modules/nixos/minecraft-server.nix + ../../modules/users/defin.nix ../../modules/users/git.nix ../../modules/users/root.nix @@ -54,35 +58,35 @@ # mac = "02:00:00:00:00:01"; # }]; }; - systemd.network = { - enable = true; - - netdevs."10-microvm" = { - netdevConfig = { - Name = "microvm"; - Kind = "bridge"; - }; - }; - networks = { - "10-microvm" = { - matchConfig.Name = "microvm"; - networkConfig = { - DHCPServer = true; - # IPv6SendRA = true; - }; - addresses = [ { - Address = "10.0.0.1/24"; # } { - # Address = "fd12:3456:789a::1/64"; - } ]; - # ipv6Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }]; - # ipv6PREF64Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }]; - }; - "11-microvm" = { - matchConfig.Name = "vm-*"; - # Attach to the bridge that was configured above - networkConfig.Bridge = "microvm"; - }; - }; + # systemd.network = { + # enable = true; + + # netdevs."10-microvm" = { + # netdevConfig = { + # Name = "microvm"; + # Kind = "bridge"; + # }; + # }; + # networks = { + # "10-microvm" = { + # matchConfig.Name = "microvm"; + # networkConfig = { + # DHCPServer = true; + # # IPv6SendRA = true; + # }; + # addresses = [ { + # Address = "10.0.0.1/24"; # } { + # # Address = "fd12:3456:789a::1/64"; + # } ]; + # # ipv6Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }]; + # # ipv6PREF64Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }]; + # }; + # "11-microvm" = { + # matchConfig.Name = "vm-*"; + # # Attach to the bridge that was configured above + # networkConfig.Bridge = "microvm"; + # }; + # }; # "20-lan" = { # matchConfig.Type = "ether"; @@ -117,7 +121,7 @@ # Kind = "bridge"; # }; # }; - }; + # }; # Set your time zone. time.timeZone = "US/Mountain"; diff --git a/modules/nixos/binary-cache.nix b/modules/nixos/binary-cache.nix new file mode 100644 index 0000000..609a5dc --- /dev/null +++ b/modules/nixos/binary-cache.nix @@ -0,0 +1,18 @@ +{config, ... }: { + services.nix-serve = { + enable = true; + secretKeyFile = "/var/secrets/cache-private-key.pem"; + }; + + services.nginx = { + enable = true; + recommendedProxySettings = true; + virtualHosts.cache = { + locations."/".proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}"; + }; + }; + + networking.firewall.allowedTCPPorts = [ + config.services.nginx.defaultHTTPListenPort + ]; +} |