From 62c92821b425030b9ff342a6c43b62d3f5ac64d9 Mon Sep 17 00:00:00 2001 From: kalipso Date: Wed, 28 Jan 2026 15:27:21 +0100 Subject: [PATCH] [microvm] put vms on local network --- machines/hosts.nix | 79 +++++++++++------------ machines/modules/host_builder.nix | 15 ++--- machines/modules/malobeo/microvm_host.nix | 60 +++++++++++------ 3 files changed, 85 insertions(+), 69 deletions(-) diff --git a/machines/hosts.nix b/machines/hosts.nix index 0f51c2d..fe78508 100644 --- a/machines/hosts.nix +++ b/machines/hosts.nix @@ -1,5 +1,22 @@ { ... }: +let + createMaloNet = hostId: mac: { + local = true; + address = "192.168.1.${hostId}"; + gateway = "192.168.1.1"; + nameservers = [ "192.168.1.17" "1.1.1.1" ]; #setting ns1 as nameserver + mac = mac; + }; + + createOffsiteNet = address: mac: { + local = false; + address = address; + gateway = "10.0.10.1"; + nameservers = [ "1.1.1.1" ]; + mac = mac; + }; +in { #TODO: fix local 192.168.1.0/24 addresses they are just palceholders! malobeo = { @@ -19,7 +36,7 @@ address = "192.168.1.12"; }; }; - + fanny = { type = "host"; network = { @@ -27,12 +44,7 @@ address = "192.168.1.13"; }; }; - - ns1 = { - type = "host"; - network.local = false; - }; - + lucia = { type = "rpi"; network = { @@ -40,60 +52,45 @@ address = "192.168.1.15"; }; }; - + durruti = { type = "microvm"; - network = { - local = true; - address = "10.0.0.5"; - mac = "52:DA:0D:F9:EF:F9"; - }; + network = createMaloNet "5" "52:DA:0D:F9:EF:F9"; }; - + vpn = { type = "microvm"; - network.local = false; + network = createOffsiteNet "10.0.0.10" "52:DA:0D:F9:EF:E6"; }; - + infradocs = { type = "microvm"; - network = { - local = true; - address = "10.0.0.11"; - mac = "D0:E5:CA:F0:D7:E7"; - }; + network = createMaloNet "11" "52:DA:0D:F9:EF:E7"; }; - + uptimekuma = { type = "microvm"; - network.local = false; + network = createOffsiteNet "10.0.0.12" "52:DA:0D:F9:EF:E8"; }; - + nextcloud = { type = "microvm"; - network = { - local = true; - address = "10.0.0.13"; - mac = "D0:E5:CA:F0:D7:E9"; - }; + network = createMaloNet "13" "52:DA:0D:F9:EF:E9"; }; - + overwatch = { type = "microvm"; - network = { - local = true; - address = "10.0.0.14"; - mac = "D0:E5:CA:F0:D7:E0"; - }; + network = createMaloNet "14" "52:DA:0D:F9:EF:E0"; }; - + zineshop = { type = "microvm"; - network = { - local = true; - address = "10.0.0.15"; - mac = "D0:E5:CA:F0:D7:F1"; - }; + network = createMaloNet "15" "52:DA:0D:F9:EF:F1"; + }; + + ns1 = { + type = "microvm"; + network = createMaloNet "17" "52:DA:0D:F9:EF:F3"; }; }; }; diff --git a/machines/modules/host_builder.nix b/machines/modules/host_builder.nix index 14fac78..beb3a0f 100644 --- a/machines/modules/host_builder.nix +++ b/machines/modules/host_builder.nix @@ -43,7 +43,7 @@ rec { ]; defaultModules = baseModules; - makeMicroVM = hostName: ipv4Addr: macAddr: modules: [ + makeMicroVM = hostName: network: modules: [ { microvm = { hypervisor = "cloud-hypervisor"; @@ -83,7 +83,7 @@ rec { { type = "tap"; id = "vm-${hostName}"; - mac = "${macAddr}"; + mac = "${network.mac}"; } ]; }; @@ -93,9 +93,9 @@ rec { systemd.network.networks."20-lan" = { matchConfig.Type = "ether"; networkConfig = { - Address = [ "${ipv4Addr}/24" ]; - Gateway = "10.0.0.1"; - DNS = ["1.1.1.1"]; + Address = [ "${network.address}/24" ]; + Gateway = "${network.gateway}"; + DNS = network.nameservers; DHCP = "no"; }; }; @@ -210,8 +210,7 @@ rec { specialArgs.self = self; config = { imports = (makeMicroVM "${name}" - "${hosts.malobeo.hosts.${name}.network.address}" - "${hosts.malobeo.hosts.${name}.network.mac}" [ + hosts.malobeo.hosts.${name}.network [ ../${name}/configuration.nix (vmMicroVMOverwrites name { withNetworking = true; @@ -250,7 +249,7 @@ rec { modules = (if (settings.type != "microvm") then defaultModules ++ [ ../${host}/configuration.nix ] else - makeMicroVM "${host}" "${settings.network.address}" "${settings.network.mac}" [ + makeMicroVM "${host}" settings.network [ inputs.microvm.nixosModules.microvm ../${host}/configuration.nix ]); diff --git a/machines/modules/malobeo/microvm_host.nix b/machines/modules/malobeo/microvm_host.nix index b11881a..745e18b 100644 --- a/machines/modules/malobeo/microvm_host.nix +++ b/machines/modules/malobeo/microvm_host.nix @@ -14,6 +14,26 @@ in description = lib.mdDoc "Setup bridge device for microvms."; }; + interface = mkOption { + default = "eno1"; + type = types.str; + }; + + gateway = mkOption { + default = "10.0.0.1"; + type = types.str; + }; + + address = mkOption { + default = "10.0.0.1/24"; + type = types.str; + }; + + dns = mkOption { + default = [ "1.1.1.1" ]; + type = types.listOf types.str; + }; + enableHostBridgeUnstable = mkOption { default = false; type = types.bool; @@ -47,29 +67,29 @@ in systemd.network = mkIf (cfg.enableHostBridge || cfg.enableHostBridgeUnstable) { enable = true; - # create a bride device that all the microvms will be connected to - netdevs."10-microvm".netdevConfig = { - Kind = "bridge"; - Name = "microvm"; - }; - - networks."10-microvm" = { - matchConfig.Name = "microvm"; + networks."10-lan" = { + matchConfig.Name = [ "${cfg.interface}" "vm-*"]; networkConfig = { - DHCPServer = true; - IPv6SendRA = true; + Bridge = "malobeo0"; }; - addresses = if cfg.enableHostBridgeUnstable then [ - { Address = "10.0.0.1/24"; } - ] else [ - { Address = "10.0.0.1/24"; } - ]; }; - - # connect the vms to the bridge - networks."11-microvm" = { - matchConfig.Name = "vm-*"; - networkConfig.Bridge = "microvm"; + + netdevs."malobeo0" = { + netdevConfig = { + Name = "malobeo0"; + Kind = "bridge"; + }; + }; + + networks."10-lan-bridge" = { + matchConfig.Name = "malobeo0"; + networkConfig = { + Address = [ "${cfg.address}" ]; + Gateway = "${cfg.gateway}"; + DNS = cfg.dns; + IPv6AcceptRA = true; + }; + linkConfig.RequiredForOnline = "routable"; }; };