X-Git-Url: https://git.immae.eu/?p=perso%2FImmae%2FConfig%2FNix.git;a=blobdiff_plain;f=systems%2Fzoldene%2Fvirtualisation.nix;fp=systems%2Fzoldene%2Fvirtualisation.nix;h=d2212fed19864c16ed3b584870f0140fb582cd05;hp=0000000000000000000000000000000000000000;hb=d3a40bd942537c35e3eb6cf9282798d704720290;hpb=ce983e8b05d17adbf6b8228b990e5a512835ca56

diff --git a/systems/zoldene/virtualisation.nix b/systems/zoldene/virtualisation.nix
new file mode 100644
index 0000000..d2212fe
--- /dev/null
+++ b/systems/zoldene/virtualisation.nix
@@ -0,0 +1,46 @@
+{ pkgs-no-overlay, ... }:
+{
+  boot.kernelModules = [ "nf_nat_ftp" ];
+
+  ### Enable Docker
+  virtualisation.docker.enable = true;
+  disko.devices.zpool.zfast.datasets."root/persist/var/lib/docker" =
+    { type = "zfs_fs"; mountpoint = "/persist/zfast/var/lib/docker"; options.mountpoint = "legacy"; };
+
+  ### Enable LXC
+  disko.devices.zpool.zfast.datasets."root/persist/var/lib/lxc" =
+    { type = "zfs_fs"; mountpoint = "/persist/zfast/var/lib/lxc"; options.mountpoint = "legacy"; };
+  virtualisation.lxc = {
+    enable = true;
+    lxcfs.enable = true;
+  };
+
+  ### Enable libvirtd
+  virtualisation.libvirtd = {
+    enable = true;
+    qemu.package = pkgs-no-overlay.qemu;
+  };
+
+  ### Persistence for LXC / Docker
+  environment.persistence."/persist/zfast".directories = [
+    {
+      directory = "/var/lib/lxc";
+      user = "root";
+      group = "root";
+      mode = "0755";
+    }
+    {
+      directory = "/var/lib/docker";
+      user = "root";
+      group = "root";
+      mode = "0750";
+    }
+  ];
+
+  # ip forwarding is needed for NAT'ing to work in containers/VMs.
+  boot.kernel.sysctl = {
+    "net.ipv4.conf.all.forwarding" = true;
+    "net.ipv4.conf.default.forwarding" = true;
+  };
+}
+