50 lines
1.1 KiB
Nix
50 lines
1.1 KiB
Nix
{ ... }:
|
|
|
|
{
|
|
virtualisation.incus.enable = true;
|
|
virtualisation.incus.ui.enable = true;
|
|
networking.nftables.enable = true;
|
|
networking.firewall.trustedInterfaces = [ "incusbr0" ];
|
|
virtualisation.incus.preseed = {
|
|
networks = [
|
|
{
|
|
config = {
|
|
"ipv4.address" = "10.0.100.1/24";
|
|
"ipv4.nat" = "true";
|
|
};
|
|
name = "incusbr0";
|
|
type = "bridge";
|
|
}
|
|
];
|
|
profiles = [
|
|
{
|
|
devices = {
|
|
eth0 = {
|
|
name = "eth0";
|
|
network = "incusbr0";
|
|
type = "nic";
|
|
};
|
|
root = {
|
|
path = "/";
|
|
pool = "default";
|
|
size = "32GiB";
|
|
type = "disk";
|
|
};
|
|
};
|
|
name = "default";
|
|
}
|
|
];
|
|
storage_pools = [
|
|
{
|
|
config = {
|
|
source = "/var/data/incus/storage-pools/default";
|
|
};
|
|
driver = "dir";
|
|
name = "default";
|
|
}
|
|
];
|
|
};
|
|
|
|
# Dirty hack, should be done through kanidm when setting up unix things
|
|
users.users.lyes.extraGroups = ["incus-admin"];
|
|
}
|