basic vmware gen

2025-03-31 20:37:44 -04:00 · 2025-03-31 20:37:44 -04:00 · 712d10cef3
commit 712d10cef3
parent dccbb234f2
6 changed files with 22 additions and 371 deletions
--- a/README.md
+++ b/README.md
@ -1,17 +1,24 @@
 # Description
 This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager).
 It takes heavy inspiration from [khaneliman/khanelinix](https://github.com/khaneliman/khanelinix).
-## Home Manager
+### NixOS
-Utilizing [Home Manager](https://nix-community.github.io/home-manager/). Check out the [README.md](./home-manager/README.md).
+```bash
-## NixOS
+```
 ### NixOS Generators
 ```bash
-nix build .#packages.x86_64-linux.rke2-image
+nix build .#vmwareConfigurations.rke2-node
 ```
 ### Home Manager
 ```bash
 home-manager switch --flake .#evanreichard@MBP-Personal
 ```
 ### NixOS Hosts
--- a/flake.nix
+++ b/flake.nix
@ -52,130 +52,5 @@
          sops-nix.nixosModules.sops
        ];
      };
      outputs-builder = channels: {
        # Define packages using nixos-generators
        packages.x86_64-linux = {
          # VMware image
          vmware-image = inputs.nixos-generators.nixosGenerate {
            system = "x86_64-linux";
            format = "vmware";
            modules = [
              # Your VMware configuration
              ./hosts/vmware-image.nix
            ];
          };
          # Keep your other images
          rke2-image = inputs.nixos-generators.nixosGenerate {
            system = "x86_64-linux";
            format = "vmware";
            modules = [
              ./hosts/rke2-image.nix
            ];
          };
          usb-image = inputs.nixos-generators.nixosGenerate {
            system = "x86_64-linux";
            format = "raw-efi";
            modules = [
              ./hosts/usb-image.nix
            ];
          };
        };
      };
    };
 }
 # outputs = { self, nixpkgs, disko, nixos-generators, apple-silicon }:
 #   let
 #     mkSystem = { systemConfig ? { }, moduleConfig }: nixpkgs.lib.nixosSystem {
 #       system = "x86_64-linux";
 #       modules = [
 #         disko.nixosModules.disko
 #         ./lib/disk-config.nix
 #         ./lib/common-system.nix
 #         systemConfig
 #         ({ ... }: moduleConfig)
 #       ];
 #     };
 #   in
 #   {
 #     # NixOS Generators
 #     packages.x86_64-linux = {
 #       # RKE2
 #       rke2-image = nixos-generators.nixosGenerate {
 #         system = "x86_64-linux";
 #         format = "vmware";
 #         modules = [
 #           ./hosts/rke2-image.nix
 #         ];
 #       };
 #       usb-image = nixos-generators.nixosGenerate {
 #         system = "x86_64-linux";
 #         format = "raw-efi";
 #         modules = [
 #           ./hosts/usb-image.nix
 #         ];
 #       };
 #     };
 #     # NixOS Configurations
 #     nixosConfigurations = {
 #       # MBP NixOS Asahi
 #       mpb-asahi = nixpkgs.lib.nixosSystem {
 #         system = "aarch64-linux";
 #         modules = [
 #           apple-silicon.nixosModules.default
 #           ./hosts/mbp-asahi.nix
 #         ];
 #       };
 #       # Office Server (LLaMA / ADS-B)
 #       lin-va-office = mkSystem {
 #         systemConfig = ./hosts/office-server.nix;
 #         moduleConfig = {
 #           hostName = "lin-va-office";
 #           mainDiskID = "/dev/disk/by-id/ata-MTFDDAK512MBF-1AN1ZABHA_161212233628";
 #           network = {
 #             interface = "enp5s0";
 #             address = "10.0.50.120";
 #             defaultGateway = "10.0.50.254";
 #             nameservers = [ "10.0.50.254" ];
 #           };
 #         };
 #       };
 #       # Utility Room Desktop
 #       lin-va-utility = mkSystem {
 #         systemConfig = ./hosts/utility-desktop.nix;
 #         moduleConfig = {
 #           hostName = "lin-va-utility";
 #           mainDiskID = "/dev/disk/by-id/nvme-eui.0026b768429d3eb5";
 #           network = {
 #             interface = "eno1";
 #             address = "10.0.20.50";
 #             defaultGateway = "10.0.20.254";
 #             nameservers = [ "10.0.20.254" ];
 #           };
 #         };
 #       };
 #       # Nix Builder
 #       lin-va-nix-builder = mkSystem {
 #         systemConfig = ./hosts/builder.nix;
 #         moduleConfig = {
 #           hostName = "lin-va-nix-builder";
 #           mainDiskID = "/dev/xvda";
 #           enableXenGuest = true;
 #           network = {
 #             interface = "enX0";
 #             address = "10.0.50.130";
 #             defaultGateway = "10.0.50.254";
 #             nameservers = [ "10.0.50.254" ];
 #           };
 #         };
 #       };
 #     };
 #   };
--- a/modules/nixos/hardware/asahi/default.nix
+++ b/modules/nixos/hardware/asahi/default.nix
@ -1,6 +1,6 @@
 { config, lib, inputs, namespace, ... }:
 let
-  inherit (lib) mkIf types;
+  inherit (lib) types optionalAttrs;
  inherit (lib.${namespace}) mkOpt mkBoolOpt;
  cfg = config.${namespace}.hardware.asahi;
@ -16,12 +16,12 @@ in
    firmwareDirectory = mkOpt types.path null "firmware directory";
  };
-  config = mkIf cfg.enable {
+  config = {
-    hardware = {
+    hardware.asahi = {
-      asahi = {
+      enable = cfg.enable;
-        peripheralFirmwareDirectory = cfg.firmwareDirectory;
+    } // optionalAttrs cfg.enable {
-        useExperimentalGPUDriver = cfg.enableGPU;
+      peripheralFirmwareDirectory = cfg.firmwareDirectory;
-      };
+      useExperimentalGPUDriver = cfg.enableGPU;
    };
  };
 }
--- a/systems/x86_64-virtual/rke2-image.nix
+++ b/systems/x86_64-virtual/rke2-image.nix
@ -1,189 +0,0 @@
 { pkgs, lib, modulesPath, ... }:
 {
  imports = [
    (modulesPath + "/profiles/qemu-guest.nix")
  ];
  config = {
    # Basic System
    system.stateVersion = "24.11";
    nix.settings.experimental-features = [ "nix-command" "flakes" ];
    time.timeZone = "UTC";
    fileSystems."/" = {
      device = "/dev/disk/by-label/nixos";
      fsType = "ext4";
      autoResize = true;
    };
    boot = {
      initrd = {
        availableKernelModules = [
          # Xen
          "xen_blkfront"
          "xen_netfront"
        ];
        kernelModules = [ "xen_netfront" "xen_blkfront" ];
        supportedFilesystems = [ "ext4" "xenfs" ];
      };
      kernelModules = [
        # Xen VM Requirements
        "xen_netfront"
        "xen_blkfront"
        "xenfs"
        # iSCSI
        "iscsi_tcp"
      ];
    };
    # Add Intel Arc A310 GPU Drivers
    nixpkgs.config.allowUnfree = true;
    hardware.enableRedistributableFirmware = true;
    hardware.graphics = {
      enable = true;
      extraPackages = with pkgs; [
        libvdpau-va-gl
        intel-vaapi-driver
        intel-media-driver
        intel-compute-runtime
        intel-ocl
      ];
    };
    # Network Configuration
    networking = {
      hostName = lib.mkForce "";
      useNetworkd = true;
      useDHCP = false;
      firewall = {
        enable = true;
        allowedTCPPorts = [
          # RKE2 Ports - https://docs.rke2.io/install/requirements#networking
          6443 # Kubernetes API
          9345 # RKE2 supervisor API
          2379 # etcd Client Port
          2380 # etcd Peer Port
          2381 # etcd Metrics Port
          10250 # kubelet metrics
          9099 # Canal CNI health checks
        ];
        allowedUDPPorts = [
          # RKE2 Ports - https://docs.rke2.io/install/requirements#networking
          8472 # Canal CNI with VXLAN
          # 51820 # Canal CNI with WireGuard IPv4 (if using encryption)
          # 51821 # Canal CNI with WireGuard IPv6 (if using encryption)
        ];
        # Allow Multicast
        extraCommands = ''
          iptables -A INPUT -m pkttype --pkt-type multicast -j ACCEPT
        '';
      };
    };
    services = {
      # Enable Xen Guest Utilities
      xe-guest-utilities.enable = true;
      # Enable iSCSI
      openiscsi = {
        enable = true;
        name = "iqn.2025.placeholder:initiator"; # Overridden @ Runtime
      };
      # Cloud Init
      cloud-init = {
        enable = true;
        network.enable = true;
        settings = {
          datasource_list = [ "NoCloud" ];
          preserve_hostname = false;
          system_info.distro = "nixos";
          system_info.network.renderers = [ "networkd" ];
        };
      };
      # Enable SSH
      openssh = {
        enable = true;
        settings = {
          PasswordAuthentication = false;
          PermitRootLogin = "prohibit-password";
        };
      };
      # Enable RKE2
      rke2 = {
        enable = true;
        disable = [ "rke2-ingress-nginx" ];
      };
    };
    systemd.services = {
      # RKE2 - Wait Cloud Init
      rke2-server = {
        after = [ "cloud-final.service" ];
        requires = [ "cloud-final.service" ];
      };
      # Runtime iSCSI Initiator Setup
      iscsi-initiator-setup = {
        description = "Setup iSCSI Initiator Name";
        requires = [ "cloud-final.service" ];
        before = [ "iscsid.service" ];
        after = [ "cloud-final.service" ];
        wantedBy = [ "multi-user.target" ];
        serviceConfig = {
          Type = "oneshot";
          RemainAfterExit = true;
        };
        path = [ pkgs.hostname pkgs.util-linux ];
        script = ''
          mkdir -p /run/iscsi
          echo "InitiatorName=iqn.2025.org.nixos:$(hostname)" > /run/iscsi/initiatorname.iscsi
          mount --bind /run/iscsi/initiatorname.iscsi /etc/iscsi/initiatorname.iscsi
        '';
      };
    };
    # User Authorized Keys
    users.users.root = {
      openssh.authorizedKeys.keys = [
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
      ];
      hashedPassword = null;
    };
    # Add Symlinks Expected by Democratic
    system.activationScripts = {
      iscsi-initiator = ''
        mkdir -p /usr/bin
        ln -sf ${pkgs.openiscsi}/bin/iscsiadm /usr/bin/iscsiadm
        ln -sf ${pkgs.openiscsi}/bin/iscsid /usr/bin/iscsid
      '';
    };
    # System Packages
    environment = {
      systemPackages = with pkgs; [
        htop
        intel-gpu-tools
        k9s
        kubectl
        kubernetes-helm
        nfs-utils
        openiscsi
        tmux
        vim
      ];
      # Don't Manage - Runtime Generation
      etc."iscsi/initiatorname.iscsi".enable = false;
    };
  };
 }
--- a/systems/x86_64-virtual/usb-image.nix
+++ b/systems/x86_64-virtual/usb-image.nix
@ -1,46 +0,0 @@
 { pkgs, ... }:
 {
  # Basic System
  system.stateVersion = "24.11";
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  time.timeZone = "UTC";
  fileSystems."/" = {
    device = "/dev/disk/by-label/nixos";
    fsType = "ext4";
    autoResize = true;
  };
  # SSH
  services.openssh = {
    enable = true;
    settings = {
      PasswordAuthentication = false;
      PermitRootLogin = "prohibit-password";
    };
  };
  # Firewall Configuration
  networking.firewall = {
    enable = true;
    allowedTCPPorts = [
      22
    ];
  };
  # User Authorized Keys
  users.users.root = {
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIe1n9l9pVF5+kjWJCOt3AvBVf1HOSZkEDZxCWVPSIkr evan@reichard"
    ];
    hashedPassword = null;
  };
  # System Packages
  environment.systemPackages = with pkgs; [
    htop
    tmux
    vim
  ];
 }
--- a/systems/x86_64-vmware/rke2-node/default.nix
+++ b/systems/x86_64-vmware/rke2-node/default.nix
@ -4,6 +4,10 @@
    (modulesPath + "/profiles/qemu-guest.nix")
  ];
  config = {
    reichard = {
      nix.enable = false;
    };
    # Basic System
    system.stateVersion = "24.11";
    nix.settings.experimental-features = [ "nix-command" "flakes" ];