diff --git a/flake.lock b/flake.lock index 49ffd8c..add25e7 100644 --- a/flake.lock +++ b/flake.lock @@ -7,11 +7,11 @@ ] }, "locked": { - "lastModified": 1750040002, - "narHash": "sha256-KrC9iOVYIn6ukpVlHbqSA4hYCZ6oDyJKrcLqv4c5v84=", + "lastModified": 1753140376, + "narHash": "sha256-7lrVrE0jSvZHrxEzvnfHFE/Wkk9DDqb+mYCodI5uuB8=", "owner": "nix-community", "repo": "disko", - "rev": "7f1857b31522062a6a00f88cbccf86b43acceed1", + "rev": "545aba02960caa78a31bd9a8709a0ad4b6320a5c", "type": "github" }, "original": { @@ -61,11 +61,11 @@ ] }, "locked": { - "lastModified": 1750107071, - "narHash": "sha256-yfuHCO4m+gu3OBNGnP0/TL5W8nLXrC/EV1fs/+YcoL8=", + "lastModified": 1753181343, + "narHash": "sha256-CLQfNtUqirNVSYoW/kYbvL4PeeNasmZonaPnjO3+1YQ=", "owner": "nix-community", "repo": "home-manager", - "rev": "0edffd088e42fdc48598b37d88eb5345e2ca3937", + "rev": "0cdfcdbb525b77b951c889b6131047bc374f48fe", "type": "github" }, "original": { @@ -133,11 +133,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1749903597, - "narHash": "sha256-jp0D4vzBcRKwNZwfY4BcWHemLGUs4JrS3X9w5k/JYDA=", + "lastModified": 1753151930, + "narHash": "sha256-XSQy6wRKHhRe//iVY5lS/ZpI/Jn6crWI8fQzl647wCg=", "owner": "nixos", "repo": "nixpkgs", - "rev": "41da1e3ea8e23e094e5e3eeb1e6b830468a7399e", + "rev": "83e677f31c84212343f4cc553bab85c2efcad60a", "type": "github" }, "original": { @@ -181,11 +181,11 @@ ] }, "locked": { - "lastModified": 1749592509, - "narHash": "sha256-VunQzfZFA+Y6x3wYi2UE4DEQ8qKoAZZCnZPUlSoqC+A=", + "lastModified": 1752544651, + "narHash": "sha256-GllP7cmQu7zLZTs9z0J2gIL42IZHa9CBEXwBY9szT0U=", "owner": "Mic92", "repo": "sops-nix", - "rev": "50754dfaa0e24e313c626900d44ef431f3210138", + "rev": "2c8def626f54708a9c38a5861866660395bb3461", "type": "github" }, "original": { diff --git a/hosts/vm-oddjob/configuration.nix b/hosts/vm-oddjob/configuration.nix index 6e8560d..7cc184d 100644 --- a/hosts/vm-oddjob/configuration.nix +++ b/hosts/vm-oddjob/configuration.nix @@ -18,6 +18,42 @@ profiles.vm.enable = true; }; + # Omada Software Controller + users.users.omada = { + isSystemUser = true; + group = "omada"; + }; + users.groups.omada = { }; + virtualisation.podman = { + enable = true; + dockerCompat = true; + defaultNetwork.settings.dns_enabled = true; + }; + virtualisation.oci-containers = { + backend = "podman"; + containers = { + omada-controller = { + user = "omada:omada"; + podman.user = "omada"; + volumes = [ + "/var/lib/omada:/opt/tplink/EAPController/data" + "/var/log/omada:/opt/tplink/EAPController/logs" + ]; + environment = { + TZ = "Europe/Amsterdam"; + }; + extraOptions = [ + "--network=host" + "--ulimit nofile=4096:8192" + ]; + image = "mbentley/omada-controller:5.15"; + }; + }; + }; + modules.impermanence.directories = [ + "/var/lib/omada" + ]; + # Setup NAS backups environment.systemPackages = with pkgs; [ keyutils diff --git a/profiles/nixos/vm.nix b/profiles/nixos/vm.nix index 0d7eb80..a2fd20b 100644 --- a/profiles/nixos/vm.nix +++ b/profiles/nixos/vm.nix @@ -49,7 +49,7 @@ in services.getty.autologinUser = "root"; # Local user - modules.secrets.secrets."passwords/local-hashed".neededForUsers = true; + sops.secrets."passwords/local-hashed".neededForUsers = true; users.mutableUsers = false; users.users.local = { isNormalUser = true; @@ -80,7 +80,7 @@ in # Machine platform nixpkgs.hostPlatform = "x86_64-linux"; - # Set hostid for ZFS + # Set hostid (required for ZFS) networking.hostId = "deadbeef"; # Hardware configuration @@ -88,11 +88,22 @@ in boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" + "virtio_net" "virtio_pci" + "virtio_mmio" + "virtio_blk" "virtio_scsi" + "9p" + "9pnet_virtio" "sd_mod" "sr_mod" ]; - boot.kernelModules = [ "kvm-intel" ]; + boot.kernelModules = [ + "kvm-intel" + "virtio_balloon" + "virtio_console" + "virtio_rng" + "virtio_gpu" + ]; }; }