54 lines
1.2 KiB
Nix
54 lines
1.2 KiB
Nix
|
# Edit this configuration file to define what should be installed on
|
|||
|
|
# your system. Help is available in the configuration.nix(5) man page
|
|||
|
|
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
|||
|
|
|
|||
|
|
{ config, pkgs, lib, flake-inputs, ... }:
|
|||
|
|
|
|||
|
|
{
|
|||
|
|
networking.networkmanager.enable = false;
|
|||
|
|
|
|||
|
|
virtualisation = {
|
|||
|
|
kvmgt.enable = true;
|
|||
|
|
libvirtd = {
|
|||
|
|
enable = true;
|
|||
|
|
qemu = {
|
|||
|
|
runAsRoot = true;
|
|||
|
|
verbatimConfig = ''
|
|||
|
|
cgroup_device_acl = ["/dev/kvmfr0", "/dev/kvm"]
|
|||
|
|
'';
|
|||
|
|
swtpm = {
|
|||
|
|
enable = true;
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
docker = {
|
|||
|
|
enable = true;
|
|||
|
|
enableNvidia = false;
|
|||
|
|
};
|
|||
|
|
|
|||
|
|
containers = {
|
|||
|
|
enable = true;
|
|||
|
|
policy = {
|
|||
|
|
default = [ { type = "insecureAcceptAnything"; } ];
|
|||
|
|
transports = {
|
|||
|
|
docker-daemon = {
|
|||
|
|
"" = [ { type = "insecureAcceptAnything"; } ];
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
};
|
|||
|
|
|
|||
|
|
services.openssh.enable = true;
|
|||
|
|
networking.firewall.enable = true;
|
|||
|
|
|
|||
|
|
environment.systemPackages = [ pkgs.nfs-utils ];
|
|||
|
|
services.openiscsi = {
|
|||
|
|
enable = true;
|
|||
|
|
name = "${config.networking.hostName}-initiatorhost";
|
|||
|
|
};
|
|||
|
|
|
|||
|
|
systemd.network.wait-online.enable = lib.mkDefault false;
|
|||
|
|
networking.useDHCP = false;
|
|||
|
|
}
|