From 36ec5f5837eadef5b9fe586b984130c2679c0938 Mon Sep 17 00:00:00 2001 From: kalipso Date: Sat, 18 Jan 2025 20:27:57 +0100 Subject: [PATCH] [sops] test sharing hostkey with vm --- outputs.nix | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/outputs.nix b/outputs.nix index 41e2be7..ba0dd47 100644 --- a/outputs.nix +++ b/outputs.nix @@ -101,6 +101,51 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems }).config.microvm.declaredRunner; }) { } + (builtins.attrNames self.nixosConfigurations) // + + builtins.foldl' + (result: host: + let + inherit (self.nixosConfigurations.${host}) config; + in + result // { + # boot any machine in a microvm + "${host}-vm-withssh" = (self.nixosConfigurations.${host}.extendModules { + modules = [{ + microvm = { + mem = pkgs.lib.mkForce 4096; + hypervisor = pkgs.lib.mkForce "qemu"; + socket = pkgs.lib.mkForce null; + shares = pkgs.lib.mkForce [ + { + tag = "ro-store"; + source = "/nix/store"; + mountPoint = "/nix/.ro-store"; + } + { + source = "/etc/ssh"; + mountPoint = "/etc/ssh"; + tag = "etcssh"; + } + ]; + }; + boot.isContainer = pkgs.lib.mkForce false; + users.users.root.password = ""; + fileSystems."/".fsType = pkgs.lib.mkForce "tmpfs"; + fileSystems."/etc/ssh" = { + depends = [ "/etc" ]; + neededForBoot = true; + }; + services.getty.helpLine = '' + Log in as "root" with an empty password. + Use "reboot" to shut qemu down. + ''; + }] ++ pkgs.lib.optionals (! config ? microvm) [ + microvm.nixosModules.microvm + ]; + }).config.microvm.declaredRunner; + }) + { } (builtins.attrNames self.nixosConfigurations); apps = {