64 lines
1.1 KiB
Nix
64 lines
1.1 KiB
Nix
|
{
|
||
|
config,
|
||
|
pkgs,
|
||
|
...
|
||
|
}: {
|
||
|
networking.firewall.allowedTCPPorts = [4222];
|
||
|
|
||
|
containers."libvirt-container" = {
|
||
|
autoStart = true;
|
||
|
|
||
|
bindMounts."/dev/kvm" = {
|
||
|
hostPath = "/dev/kvm";
|
||
|
isReadOnly = false;
|
||
|
};
|
||
|
|
||
|
allowedDevices = [
|
||
|
{
|
||
|
node = "/dev/kvm";
|
||
|
modifier = "rw";
|
||
|
}
|
||
|
{
|
||
|
node = "/dev/net/tun";
|
||
|
modifier = "rw";
|
||
|
}
|
||
|
{
|
||
|
node = "/dev/vnet*";
|
||
|
modifier = "rw";
|
||
|
}
|
||
|
];
|
||
|
|
||
|
forwardPorts = [
|
||
|
{
|
||
|
hostPort = 4222;
|
||
|
}
|
||
|
];
|
||
|
|
||
|
enableTun = true;
|
||
|
|
||
|
#extraFlags = [ "-U" ];
|
||
|
|
||
|
config = {
|
||
|
config,
|
||
|
pkgs,
|
||
|
...
|
||
|
}: {
|
||
|
networking.firewall.enable = false;
|
||
|
|
||
|
virtualisation.libvirtd.enable = true;
|
||
|
security.polkit.enable = true;
|
||
|
|
||
|
services.openssh = {
|
||
|
enable = true;
|
||
|
ports = [4222];
|
||
|
};
|
||
|
|
||
|
users.users.root = {
|
||
|
openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAqkqMYgncrnczcW/0PY+Z+FmNXXpgw6D9JWTTwiainy hensoko@hensoko-tp-work"];
|
||
|
};
|
||
|
|
||
|
system.stateVersion = "22.11";
|
||
|
};
|
||
|
};
|
||
|
}
|