haven't found a working vm config for networking yet

author: Devin Finlinson <devin.finlinson@pm.me> 2025-05-02 02:50:58 -0600
committer: Devin Finlinson <devin.finlinson@pm.me> 2025-05-02 02:50:58 -0600
commit: 0f658f6facd9bf09d27d9ade3c088adf2d169c00 (patch)
tree: 5debf093adacb8d3779c4ad596ca0f9da393c0e1
parent: 4e40bb00e633ba914edb5981aee227765bb8cbcd (diff)
2 files changed, 87 insertions, 34 deletions
diff --git a/machines/doretta/default.nix b/machines/doretta/default.nix
index 057777e..f504f18 100644
--- a/machines/doretta/default.nix
+++ b/machines/doretta/default.nix
@@ -34,44 +34,88 @@
   };
   programs.virt-manager.enable = true;
 
-  microvm.vms = {
-    foolcreek = {
-      config = {
-        microvm.shares = [{
-          source = "/nix/store";
-          mountPoint = "/nix/.ro-store";
-          tag = "ro-store";
-          proto = "virtiofs";
-        }];
+  microvm = {
+    vms = {
+      foolcreek = {
+        config = {
+          microvm.shares = [{
+            source = "/nix/store";
+            mountPoint = "/nix/.ro-store";
+            tag = "ro-store";
+            proto = "virtiofs";
+          }];
+        };
       };
     };
+    # interfaces = [{
+    #   type = "tap";
+    #   id = "vm-foolcreek";
+    #   mac = "02:00:00:00:00:01";
+    # }];
   };
   systemd.network = {
     enable = true;
-    networks = {
-      "10-lan" = {
-        matchConfig.Name = ["eno1" "vm-*"];
-        networkConfig = {
-          Bridge = "br0";
-        };
-      };
-      "10-lan-bridge" = {
-        matchConfig.Name = "br0";
-        networkConfig = {
-          Address = ["10.1.11.100/24"];
-          Gateway = ["10.1.11.254"];
-          DNS = ["8.8.8.8"];
-          # IPv6AcceptRA = true;
-        };
-        linkConfig.RequiredForOnline = "routable";
-      };
-    };
-    netdevs."vr0" = {
+
+    netdevs."10-microvm" = {
       netdevConfig = {
-        Name = "br0";
+        Name = "microvm";
         Kind = "bridge";
       };
     };
+    networks = {
+    "10-microvm" = {
+      matchConfig.Name = "microvm";
+      networkConfig = {
+        DHCPServer = true;
+        # IPv6SendRA = true;
+      };
+      addresses = [ {
+        Address = "10.0.0.1/24"; # } {
+        # Address = "fd12:3456:789a::1/64";
+      } ];
+      # ipv6Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }];
+      # ipv6PREF64Prefixes = [{ Prefix = "fd12:3456:789a::/64"; }];
+    };
+    "11-microvm" = {
+      matchConfig.Name = "vm-*";
+      # Attach to the bridge that was configured above
+      networkConfig.Bridge = "microvm";
+    };
+  };
+
+    #   "20-lan" = {
+    #     matchConfig.Type = "ether";
+    #     networkConfig = {
+    #       Address = ["10.1.11.101/24" "2001:db8::b/64"];
+    #       Gateway = "10.1.11.254";
+    #       DNS = ["8.8.8.8"];
+    #       IPv6AcceptRA = true;
+    #       DHCP = "no";
+    #     };
+    #   };
+    #   "10-lan" = {
+    #     matchConfig.Name = ["eno1" "vm-*"];
+    #     networkConfig = {
+    #       Bridge = "br0";
+    #     };
+    #   };
+    #   "10-lan-bridge" = {
+    #     matchConfig.Name = "br0";
+    #     networkConfig = {
+    #       Address = ["10.1.11.100/24" "2001:db8::a/64"];
+    #       Gateway = ["10.1.11.254"];
+    #       DNS = ["8.8.8.8"];
+    #       IPv6AcceptRA = true;
+    #     };
+    #     linkConfig.RequiredForOnline = "routable";
+    #   };
+    # };
+    # netdevs."br0" = {
+    #   netdevConfig = {
+    #     Name = "br0";
+    #     Kind = "bridge";
+    #   };
+    # };
   };
 
   # Set your time zone.
@@ -118,7 +162,7 @@
   };
 
   # Open ports in the firewall.
-  # networking.firewall.allowedTCPPorts = [ ... ];
+  networking.firewall.allowedTCPPorts = [ 67 8080 2222 ];
   # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
   # networking.firewall.enable = false;
diff --git a/machines/vm/foolcreek/default.nix b/machines/vm/foolcreek/default.nix
index d0754ee..0b0fa7c 100644
--- a/machines/vm/foolcreek/default.nix
+++ b/machines/vm/foolcreek/default.nix
@@ -26,9 +26,18 @@
   #   };
   # };
   microvm = {
+    forwardPorts = [ # forward local port 2222-> 22, to ssh into the VM
+      { from = "host"; host.port = 2222; guest.port = 22; }
+
+      # forward local port 80 -> 10.1.11.100:80 in the VLAN
+      { from = "guest"; host.port = 8080; guest.port = 80; # website
+        # guest.address = "10.1.11.101"; guest.port = 80;
+        # host.address = "127.0.0.1"; host.port = 80;
+      }
+    ];
     interfaces = [{
-      type = "user";
-      id = "foolcreek";
+      type = "tap";
+      id = "vm-foolcreek";
       mac = "02:00:00:00:00:01";
     }];
   };
@@ -38,10 +47,10 @@
     networks."20-lan" = {
       matchConfig.Type = "ether";
       networkConfig = {
-        Address = ["10.1.11.101"];
+        Address = ["10.1.11.101/24" "2001:db8::b/64"];
         Gateway = "10.1.11.254";
         DNS = ["8.8.8.8"];
-        # IPv6AcceptRA = true;
+        IPv6AcceptRA = true;
         DHCP = "no";
       };
     };
author	Devin Finlinson <devin.finlinson@pm.me>	2025-05-02 02:50:58 -0600
committer	Devin Finlinson <devin.finlinson@pm.me>	2025-05-02 02:50:58 -0600
commit	0f658f6facd9bf09d27d9ade3c088adf2d169c00 (patch)
tree	5debf093adacb8d3779c4ad596ca0f9da393c0e1
parent	4e40bb00e633ba914edb5981aee227765bb8cbcd (diff)