[fanny] more ram and cores for vmVariantWithDisko

(untested because virtiofs mounts currently dont work)

.gitignore

@@ -6,3 +6,4 @@ result
 .direnv/
 book/
 fanny-efi-vars.fd
+nix-store-overlay.img

machines/fanny/configuration.nix

@@ -20,6 +20,13 @@ in
       inputs.self.nixosModules.malobeo.metrics
     ];
 
+    virtualisation.vmVariantWithDisko = {
+      virtualisation = {
+        memorySize =  4096; 
+        cores = 3;
+      };
+    };
+
   malobeo.metrics = {
     enable = true;
     enablePromtail = true;
@@ -56,6 +63,11 @@ in
     };
   };
 
+  systemd.tmpfiles.rules = [ 
+    "L /var/lib/microvms/data - - - - /data/microvms"
+    "d /data/microvms 0755 root root" #not needed for real host?
+    ];
+
   malobeo.initssh = {
     enable = true;
     authorizedKeys = sshKeys.admins;
@@ -69,8 +81,7 @@ in
   };
 
   services.malobeo.microvm.enableHostBridge = true;
-  services.malobeo.microvm.deployHosts = [ "overwatch" "infradocs" "durruti" ];
-  services.malobeo.microvm.client.nextcloud.enable = true;
+  services.malobeo.microvm.deployHosts = [ "overwatch" "infradocs" "nextcloud" "durruti" ];
 
   networking = {
     nat = {

machines/modules/disko/default.nix

@@ -102,7 +102,7 @@ in
                     mountOptions = [ "umask=0077" ];
                   };
                 };
-                encryptedSwap = {
+                encryptedSwap = lib.mkIf cfg.encryption {
                   size = cfg.root.swap;
                   content =  {
                     type = "swap";
@@ -252,6 +252,10 @@ in
               type = "zfs_fs";
               mountpoint = "/data";
             };
+            "encrypted/data/microvm" = {
+              type = "zfs_fs";
+              mountpoint = "/data/microvm";
+            };
             reserved = {
               # for cow delete if pool is full
               options = {

machines/modules/host_builder.nix

@@ -70,6 +70,13 @@ rec {
             proto = "virtiofs";
             socket = "var.socket";
           }
+          {
+            source = "/var/lib/microvms/data/${hostName}";
+            mountPoint = "/data";
+            tag = "data";
+            proto = "virtiofs";
+            socket = "microdata.socket";
+          }
         ];
 
         interfaces = [

machines/modules/malobeo/microvm_client.nix

@@ -1,28 +0,0 @@
-{config, lib, pkgs, ...}:
-let
-  cfg = config.services.malobeo.microvm.client;
-in
-{
-  options.services.malobeo.microvm.client = {
-    nextcloud = {
-      enable = lib.mkEnableOption "enable the nextcloud microvm wrapper";
-      datadir = lib.mkOption {
-        type = lib.types.string;
-        default = "/data/services/nextcloud/";
-        description = "set a custom datadir";
-      };
-    };
-  };
-
-  config = lib.mkMerge [
-    (lib.mkIf cfg.nextcloud.enable { #add check for run-vm?
-      services.malobeo.microvm.deployHosts = ["nextcloud"];
-      microvm.vms.nextcloud.config.microvm.shares = lib.mkAfter [{
-        source = cfg.datadir;
-        mountPoint = "/datadir";
-        tag = "nc-datadir";
-        proto = "virtiofs";
-      }];
-    })
-  ];
-}

machines/nextcloud/configuration.nix

@@ -37,7 +37,7 @@ with lib;
     hostName = "cloud.malobeo.org";
     config.adminpassFile = config.sops.secrets.nextcloudAdminPass.path;
     #https = true; #disable for testing
-    datadir = "/datadir";
+    datadir = "/data/services/nextcloud/";
     database.createLocally = true;
     config.dbtype = "pgsql";
     configureRedis = true;

outputs.nix

@@ -108,7 +108,7 @@ in (utils.lib.eachSystem (builtins.filter filter_system utils.lib.defaultSystems
 
     nixosModules.malobeo = {
       host.imports = [ ./machines/durruti/host_config.nix ];
-      microvm.imports = [ ./machines/modules/malobeo/microvm_host.nix ./machines/modules/malobeo/microvm_client.nix];
+      microvm.imports = [ ./machines/modules/malobeo/microvm_host.nix ];
       vpn.imports = [ ./machines/modules/malobeo/wireguard.nix ];
       initssh.imports = [ ./machines/modules/malobeo/initssh.nix ];
       metrics.imports = [ ./machines/modules/malobeo/metrics.nix ];