allow configuring whether a node uses QEMU

allow configuring network interface (#413 )
Reviewed-on: Fediversity/Fediversity#413 Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Kiara Grouwstra <kiara@procolix.eu> Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>
2025-07-01 11:10:57 +02:00 · 2025-06-30 19:23:51 +02:00
3 changed files with 141 additions and 93 deletions
--- a/infra/common/nixos/hardware.nix
+++ b/infra/common/nixos/hardware.nix
@ -1,27 +1,47 @@
-{ modulesPath, ... }:
+{ config, lib, ... }:
 let
  inherit (lib) mkIf mkMerge;
 in
 {
  _class = "nixos";
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  config = mkMerge [
-
+    {
-  boot = {
+      boot.loader = {
    loader = {
        systemd-boot.enable = true;
        efi.canTouchEfiVariables = true;
      };
    }
-    initrd = {
+    (mkIf config.fediversityVm.isQemuVm {
      boot.initrd = {
        availableKernelModules = [
          "ata_piix"
          "uhci_hcd"
        "virtio_pci"
        "virtio_scsi"
          "sd_mod"
          "sr_mod"
          # from `/profiles/qemu-guest.nix`
          "virtio_net"
          "virtio_pci"
          "virtio_mmio"
          "virtio_blk"
          "virtio_scsi"
          "9p"
          "9pnet_virtio"
        ];
        kernelModules = [
          "dm-snapshot"
          # from `/profiles/qemu-guest.nix`
          "virtio_balloon"
          "virtio_console"
          "virtio_rng"
          "virtio_gpu"
        ];
      kernelModules = [ "dm-snapshot" ];
    };
      };
      disko.devices.disk.main = {
@ -61,4 +81,6 @@
          };
        };
      };
    })
  ];
 }
--- a/infra/common/nixos/networking.nix
+++ b/infra/common/nixos/networking.nix
@ -1,7 +1,7 @@
 { config, lib, ... }:
 let
-  inherit (lib) mkDefault;
+  inherit (lib) mkDefault mkIf mkMerge;
 in
 {
@ -13,41 +13,14 @@ in
      settings.PasswordAuthentication = false;
    };
-    networking = {
+    networking = mkMerge [
      {
        hostName = config.fediversityVm.name;
        domain = config.fediversityVm.domain;
        ## REVIEW: Do we actually need that, considering that we have static IPs?
        useDHCP = mkDefault true;
      interfaces = {
        eth0 = {
          ipv4 = {
            addresses = [
              {
                inherit (config.fediversityVm.ipv4) address prefixLength;
              }
            ];
          };
          ipv6 = {
            addresses = [
              {
                inherit (config.fediversityVm.ipv6) address prefixLength;
              }
            ];
          };
        };
      };
      defaultGateway = {
        address = config.fediversityVm.ipv4.gateway;
        interface = "eth0";
      };
      defaultGateway6 = {
        address = config.fediversityVm.ipv6.gateway;
        interface = "eth0";
      };
        nameservers = [
          "95.215.185.6"
          "95.215.185.7"
@ -60,6 +33,29 @@ in
          enable = true;
          rulesetFile = ./nftables-ruleset.nft;
        };
      }
      ## IPv4
      (mkIf config.fediversityVm.ipv4.enable {
        interfaces.${config.fediversityVm.ipv4.interface}.ipv4.addresses = [
          { inherit (config.fediversityVm.ipv4) address prefixLength; }
        ];
        defaultGateway = {
          address = config.fediversityVm.ipv4.gateway;
          interface = config.fediversityVm.ipv4.interface;
        };
      })
      ## IPv6
      (mkIf config.fediversityVm.ipv6.enable {
        interfaces.${config.fediversityVm.ipv6.interface}.ipv6.addresses = [
          { inherit (config.fediversityVm.ipv6) address prefixLength; }
        ];
        defaultGateway6 = {
          address = config.fediversityVm.ipv6.gateway;
          interface = config.fediversityVm.ipv6.interface;
        };
      })
    ];
  };
 }
--- a/infra/common/options.nix
+++ b/infra/common/options.nix
@ -91,6 +91,17 @@ in
    };
    ipv4 = {
      enable = mkOption {
        default = true;
      };
      interface = mkOption {
        description = ''
          The interface that carries the machine's IPv4 network.
        '';
        default = "eth0";
      };
      address = mkOption {
        description = ''
          The IP address of the machine, version 4. It will be injected as a
@ -116,6 +127,17 @@ in
    };
    ipv6 = {
      enable = mkOption {
        default = true;
      };
      interface = mkOption {
        description = ''
          The interface that carries the machine's IPv6 network.
        '';
        default = "eth0";
      };
      address = mkOption {
        description = ''
          The IP address of the machine, version 6. It will be injected as a
@ -155,5 +177,13 @@ in
        this for testing machines, as it is a security hole for so many reasons.
      '';
    };
    isQemuVm = mkOption {
      description = ''
        Whether the machine is a QEMU VM. This will import all the necessary
        things.
      '';
      default = true;
    };
  };
 }
Author	SHA1	Message	Date
Kiara Grouwstra	54623a589b	allow configuring whether a node uses QEMU	2025-07-01 11:10:57 +02:00
Kiara Grouwstra	0c23115cff	allow configuring network interface (#413 ) Reviewed-on: Fediversity/Fediversity#413 Reviewed-by: Valentin Gagarin <valentin.gagarin@tweag.io> Co-authored-by: Kiara Grouwstra <kiara@procolix.eu> Co-committed-by: Kiara Grouwstra <kiara@procolix.eu>	2025-06-30 19:23:51 +02:00