🚧 wip: progress on p1 + changed provider to virtualbox

Signed-off-by: xtrm <oss@xtrm.me>

.envrc

@@ -1 +1,2 @@
 use flake
+watch_file shell.nix

.gitignore

@@ -1 +1,2 @@
 .direnv/
+.vagrant/

flake.nix

@@ -17,7 +17,10 @@
       devShells = forAllSystems (
         system:
         let
-          pkgs = import nixpkgs { inherit system; };
+          pkgs = import nixpkgs { 
+            inherit system;
+            config.allowUnfree = true;
+          };
         in
         {
           default = (import ./shell.nix) { inherit pkgs; };

p1/Vagrantfile

@@ -0,0 +1,44 @@
+# -*- mode: ruby -*-
+#
+# vi: set ft=ruby :
+
+def environ(key, default)
+  ENV[key] || default
+end
+
+IOT_LOGIN = environ("IOT_LOGIN", "kiroussa")
+IOT_PROVIDER = environ("IOT_PROVIDER", "virtualbox")
+XDG_RUNTIME_DIR = environ("XDG_RUNTIME_DIR", "unknown")
+if XDG_RUNTIME_DIR == "unknown"
+  raise "XDG_RUNTIME_DIR is not set"
+end
+
+#   Here are the expected specifications:
+# • The machine names must be the login of someone of your team. The hostname
+# of the first machine must be followed by the capital letter S (like Server). The
+# hostname of the second machine must be followed by SW (like ServerWorker).
+# • Have a dedicated IP on the eth1 interface. The IP of the first machine (Server)
+# will be 192.168.56.110, and the IP of the second machine (ServerWorker) will be
+# 192.168.56.111.
+# • Be able to connect with SSH on both machines with no password.
+
+Vagrant.configure("2") do |config|
+  config.vagrant.plugins = []
+
+  config.vm.network "private_network", ip: "192.168.56.100"
+  config.vm.box = "debian/jessie64"
+  config.vm.provider "#{IOT_PROVIDER}" do |provider|
+    provider.cpus = 1
+    provider.memory = 1024
+  end
+
+  config.vm.define "#{IOT_LOGIN}S" do |server|
+    server.vm.hostname = "#{IOT_LOGIN}S"
+    server.vm.network "private_network", ip: "192.168.56.110"
+  end
+
+  config.vm.define "#{IOT_LOGIN}SW" do |serverworker|
+    serverworker.vm.hostname = "#{IOT_LOGIN}SW"
+    serverworker.vm.network "private_network", ip: "192.168.56.111"
+  end
+end

shell.nix

@@ -4,6 +4,11 @@
 
 pkgs.mkShell {
   nativeBuildInputs = with pkgs; [
+    # Tools
+    vagrant
+    kubectl
+
+    # Virtual Machine
     nixos-generators
   ];
 }

vm/configuration.nix

@@ -12,7 +12,6 @@
   ];
 
   networking.hostName = hostname;
-
   nixpkgs.config.allowUnfree = true;
 
   # Since `fileSystems` is ignored by nixos-generators, we need to be creative
@@ -24,6 +23,7 @@
     script = ''
       mkdir -p /iot
       /run/wrappers/bin/mount -t 9p -o trans=virtio,version=9p2000.L host0 /iot
+      ${pkgs.bindfs}/bin/bindfs --map=1000/0:@100/@0 /iot /iot
     '';
 
     wantedBy = [ "multi-user.target" ];
@@ -38,11 +38,36 @@
   users.users.root = {
     password = "toor";
     shell = pkgs.zsh;
+    extraGroups = [ "wheel" "libvirtd" ];
   };
 
   services = {
     getty.autologinUser = "root";
+    openssh = {
+      enable = true;
+      ports = [ 22 ];
+      settings = {
+        PermitRootLogin = "yes";
+        PasswordAuthentication = true;
+        AllowUsers = null;
       };
+    };
+    xserver = {
+      enable = true;
+      xkb = {
+        layout = "fr";
+        variant = "us";
+      };
+      displayManager.gdm.enable = true;
+      desktopManager.gnome.enable = true;
+    };
+    libinput.enable = true;
+  };
+  hardware.graphics = {
+    enable = true;
+    enable32Bit = true;
+  };
+  virtualisation.virtualbox.host.enable = true;
 
   programs = {
     zsh = {
@@ -56,6 +81,8 @@
 
   environment = {
     systemPackages = with pkgs; [
+      librewolf
+      bindfs
       vagrant
       git
       zip

vm/flake.nix

@@ -27,16 +27,15 @@
       packages = forAllSystems (
         system:
         let
-          vm = nixos-generators.nixosGenerate {
+          generate-vm = modules:
-            inherit system;
+            nixos-generators.nixosGenerate {
+              inherit system, modules;
               specialArgs = {
                 inherit hostname;
               };
-            modules = [
-              ./configuration.nix
-            ];
               format = "vm";
             };
+          vm = generate-vm [ ./configuration.nix ];
         in 
         {
           inherit vm;
@@ -58,7 +57,22 @@
               script = pkgs.writeShellScriptBin "${scriptName}" ''
                 ${selfPkgs.vm}/bin/run-${hostname}-vm \
                   -enable-kvm \
-                  -virtfs local,path=$(${pkgs.coreutils}/bin/pwd)/..,mount_tag=host0,security_model=passthrough,id=host0
+                  -virtfs local,path=$(${pkgs.coreutils}/bin/pwd)/..,mount_tag=host0,security_model=mapped-xattr,id=host0
+              '';
+            in
+            {
+              type = "app";
+              program = "${script}/bin/${scriptName}";
+            };
+
+          vm-nodisplay =
+            let
+              scriptName = "run-${hostname}-vm-nodisplay";
+              script = pkgs.writeShellScriptBin "${scriptName}" ''
+                ${selfPkgs.vm}/bin/run-${hostname}-vm \
+                  -enable-kvm \
+                  -nographic \
+                  -virtfs local,path=$(${pkgs.coreutils}/bin/pwd)/..,mount_tag=host0,security_model=mapped-xattr,id=host0
               '';
             in
             {