First attempt at making declarative VMs

[perso/Immae/Config/Nix.git] / modules / private / system / dilion.nix

diff --git a/modules/private/system/dilion.nix b/modules/private/system/dilion.nix
index be8269e27f619fbaaf616adc52d07ef12da4061c..a59d60797dc79b7f173e1a7a6573105a021f34cc 100644 (file)
--- a/modules/private/system/dilion.nix
+++ b/modules/private/system/dilion.nix
@@ -76,12 +76,24 @@
   };
 
   myServices.ssh.modules = [ config.myServices.ssh.predefinedModules.regular ];
-  imports = builtins.attrValues (import ../..);
+  imports = builtins.attrValues (import ../..) ++ [ ./dilion/vms.nix ];
 
   system.nssModules = [ pkgs.libvirt ];
   system.nssDatabases.hosts = lib.mkForce [ "files" "libvirt_guest" "mymachines" "dns" "myhostname" ];
   programs.zsh.enable = true;
 
+  users.users.libvirt = {
+    hashedPassword = "!";
+    shell = pkgs.bashInteractive;
+    isSystemUser = true;
+    group = "libvirtd";
+    packages = [ pkgs.netcat-openbsd ];
+    openssh.authorizedKeys.keyFiles = [
+      "${privateFiles}/buildbot_ssh_key.pub"
+    ];
+    openssh.authorizedKeys.keys = [ config.myEnv.sshd.rootKeys.ismael_flony ];
+  };
+
   users.users.backup = {
     hashedPassword = "!";
     isSystemUser = true;
@@ -118,7 +130,7 @@
     after = [ "network.target" ];
 
     serviceConfig = {
-      ExecStart = "${pkgs.socat}/bin/socat TCP-LISTEN:8022,fork TCP:nixops-99a7e1ba-54dc-11ea-a965-10bf487fe63b-caldance:22";
+      ExecStart = "${pkgs.socat}/bin/socat TCP-LISTEN:8022,fork TCP:caldance:22";
     };
   };
 
@@ -170,7 +182,7 @@
     recommendedGzipSettings = true;
     recommendedProxySettings = true;
     upstreams = {
-      caldance.servers."nixops-99a7e1ba-54dc-11ea-a965-10bf487fe63b-caldance:3031" = {};
+      caldance.servers."caldance:3031" = {};
     };
     virtualHosts = {
       "dev.immae.eu" = {