diff --git a/outputs.nix b/outputs.nix index f431122..4e20afa 100644 --- a/outputs.nix +++ b/outputs.nix @@ -34,7 +34,6 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems }]); }; - boot.initrd.network.ssh.enable = pkgs.lib.mkForce false; boot.isContainer = pkgs.lib.mkForce false; users.users.root.password = ""; fileSystems."/".fsType = pkgs.lib.mkForce "tmpfs"; @@ -44,6 +43,16 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems ''; }; + vmDiskoOverwrites = { + boot.initrd = { + secrets = pkgs.lib.mkForce {}; + network.ssh.enable = pkgs.lib.mkForce false; + }; + + malobeo.disks.enable = pkgs.lib.mkForce false; + networking.hostId = "a3c3101f"; + }; + vmSopsOverwrites = host: { sops.defaultSopsFile = pkgs.lib.mkForce ./machines/${host}/dummy.yaml; @@ -60,10 +69,11 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems }]; }; - buildVM = host: networking: sopsDummy: (self.nixosConfigurations.${host}.extendModules { + buildVM = host: networking: sopsDummy: disableDisko: (self.nixosConfigurations.${host}.extendModules { modules = [ (vmMicroVMOverwrites { withNetworking = networking; }) (if sopsDummy then (vmSopsOverwrites host) else {}) + (if disableDisko then vmDiskoOverwrites else {}) ] ++ pkgs.lib.optionals (! self.nixosConfigurations.${host}.config ? microvm) [ microvm.nixosModules.microvm ]; @@ -125,10 +135,11 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems run-vm = pkgs.writeShellScriptBin "run-vm" '' usage() { - echo "Usage: run-vm [--networking] [--dummy-secrets]" + echo "Usage: run-vm [--networking] [--dummy-secrets] [--no-disko]" echo "ATTENTION: This script must be run from the flakes root directory" echo "--networking setup interfaces. requires root and hostbridge enabled on the host" echo "--dummy-secrets deploy dummy sops secrets" + echo "--no-disko disable disko and initrd secrets. needed for actual hosts like fanny" exit 1 } @@ -142,6 +153,7 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems # Optionale Argumente NETWORK=false DUMMY_SECRETS=false + NO_DISKO=false # check argws shift @@ -149,6 +161,7 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems case $1 in --networking) NETWORK=true ;; --dummy-secrets) DUMMY_SECRETS=true ;; + --no-disko) NO_DISKO=true ;; *) echo "Unknown argument: $1"; usage ;; esac shift @@ -156,8 +169,9 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems echo "starting host $HOSTNAME" echo "enable networking: $NETWORK" echo "deploy dummy secrets: $DUMMY_SECRETS" + echo "disable disko and initrd secrets: $NO_DISKO" - ${pkgs.nix}/bin/nix run --impure --expr "((builtins.getFlake \"$(pwd)\").vmBuilder.x86_64-linux \"$HOSTNAME\" $NETWORK $DUMMY_SECRETS)" + ${pkgs.nix}/bin/nix run --impure --expr "((builtins.getFlake \"$(pwd)\").vmBuilder.x86_64-linux \"$HOSTNAME\" $NETWORK $DUMMY_SECRETS $NO_DISKO)" ''; };