server config and generate vm image

flake.lock

@@ -758,6 +758,21 @@
         "type": "github"
       }
     },
+    "nixlib": {
+      "locked": {
+        "lastModified": 1731805462,
+        "narHash": "sha256-yhEMW4MBi+IAyEJyiKbnFvY1uARyMKJpLUhkczI49wk=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "b9f04e3cf71c23bea21d2768051e6b3068d44734",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
     "nixos-cosmic": {
       "inputs": {
         "flake-compat": "flake-compat_2",
@@ -781,6 +796,27 @@
         "type": "github"
       }
     },
+    "nixos-generators": {
+      "inputs": {
+        "nixlib": "nixlib",
+        "nixpkgs": [
+          "nixpkgs-unstable"
+        ]
+      },
+      "locked": {
+        "lastModified": 1731892054,
+        "narHash": "sha256-BJtD9NGUWaBe4OZ1JO77w8qBP9yHDJJUjsxkG/milFc=",
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "rev": "15a87ccb45e06d24a9fd5f99a49782efe11b23f0",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "type": "github"
+      }
+    },
     "nixos-hardware": {
       "locked": {
         "lastModified": 1730919458,
@@ -1014,6 +1050,7 @@
         "hyprland": "hyprland",
         "nix-colors": "nix-colors",
         "nixos-cosmic": "nixos-cosmic",
+        "nixos-generators": "nixos-generators",
         "nixos-hardware": "nixos-hardware",
         "nixos-wsl": "nixos-wsl",
         "nixpkgs": "nixpkgs",

flake.nix

@@ -11,6 +11,10 @@
       url = "github:nix-community/home-manager/release-24.05";
       inputs.nixpkgs.follows = "nixpkgs";
     };
+    nixos-generators = {
+      url = "github:nix-community/nixos-generators";
+      inputs.nixpkgs.follows = "nixpkgs-unstable";
+    };
     # secrets management
     agenix = {
       url = "github:ryantm/agenix";
@@ -60,7 +64,7 @@
   };
   outputs = { self, nur, nixpkgs, nixos-hardware, nixos-wsl, nixpkgs-unstable
     , agenix, home-manager, home-manager-unstable, nix-colors, nixos-cosmic
-    , nixvim, stylix, disko, flake-utils, ... }@inputs:
+    , nixvim, nixos-generators, stylix, disko, flake-utils, ... }@inputs:
     let
       inherit (self) outputs;
       system = "x86_64-linux";
@@ -73,6 +77,7 @@
           nur.overlay
         ];
       };
+      defaultModules = [ ./modules agenix.nixosModules.default overlays ];
       # helper function to create a machine
       mkHost = { modules, specialArgs ? {
         pkgsVersion = nixpkgs-unstable;
@@ -82,7 +87,7 @@
         in specialArgs.pkgsVersion.lib.nixosSystem {
           inherit system;
           modules = modules
-            ++ [ ./modules agenix.nixosModules.default overlays ]
+            ++ defaultModules
             ++ lib.lists.optionals (!minimal)
             [ specialArgs.home-manager-version.nixosModules.home-manager ]
             ++ lib.lists.optionals (!minimal && graphical) [
@@ -186,6 +191,27 @@
         # build vm -> nixos-rebuild build-vm  --flake .#vm
         "vm" =
           mkHost { modules = [ ./users/vm ./systems/vm/configuration.nix ]; };
+
+        "server-vm" =
+          mkHost { modules = [ ./users/anon ./systems/server-vm/configuration.nix ]; };
+      };
+
+      packages.x86_64-linux = {
+        "server-vm" = nixos-generators.nixosGenerate {
+          format = "vmware";
+          system = "x86_64-linux";
+          #pkgs = nixpkgs-unstable.legacyPackages.x86_64-linux;
+          specialArgs = {
+            pkgsVersion = nixpkgs-unstable;
+          } // {inherit inputs outputs; };
+          lib = nixpkgs-unstable.legacyPackages.x86_64-linux.lib;
+          modules = defaultModules ++ [ home-manager-unstable.nixosModules.home-manager ./users/anon ./systems/server-vm/configuration.nix {
+            # 100G disk;
+            virtualisation.diskSize = 100 * 1024;
+          } 
+          ];
+
+        };
       };
     };
 }

systems/amd-server/configuration.nix

@@ -12,10 +12,9 @@
 
 
   custom = {
-    tmpfs.enable = true;
+    #tmpfs.enable = true;
     nftables.enable = true;
     cli-tools.enable = true;
-    virt-manager.enable = true;
     nix = {
       index.enable = true;
       ld.enable = true;
@@ -60,6 +59,8 @@
   mainUser.layout = "de";
   mainUser.variant = "us";
 
+  virtualisation.vmware.host.enable = true; 
+
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;

systems/amd-server/hardware-configuration.nix

@@ -4,25 +4,35 @@
 { config, lib, pkgs, modulesPath, ... }:
 
 {
-  imports =
+  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules =
+    [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
+  fileSystems."/" = {
-    { device = "/dev/disk/by-uuid/a3c34c9e-06be-49dc-a5d3-4156defa11e7";
+    device = "/dev/disk/by-uuid/a3c34c9e-06be-49dc-a5d3-4156defa11e7";
-      fsType = "btrfs";
+    fsType = "btrfs";
-    };
+  };
 
-  fileSystems."/boot" =
+  fileSystems."/boot" = {
-    { device = "/dev/disk/by-uuid/AE1C-16B9";
+    device = "/dev/disk/by-uuid/AE1C-16B9";
-      fsType = "vfat";
+    fsType = "vfat";
-      options = [ "fmask=0077" "dmask=0077" ];
+    options = [ "fmask=0077" "dmask=0077" ];
-    };
+  };
+
+  fileSystems."/data" = {
+    device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
+    fsType = "btrfs";
+    options = [ "compress=zstd" "noatime" "nofail" ];
+  };
+  fileSystems."/1tbssd" = {
+    device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
+    fsType = "ext4";
+    options = [ "defaults" "nofail" "noatime" ];
+  };
 
   swapDevices = [ ];
 
@@ -34,5 +44,6 @@
   # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  hardware.cpu.amd.updateMicrocode =
+    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

systems/server-vm/configuration.nix

@@ -0,0 +1,137 @@
+{ config, pkgs, modulesPath, lib, ... }:
+
+{
+  imports = [ # Include the results of the hardware scan.
+    #./hardware-configuration.nix
+    ../../modules/services/ssh.nix
+    ../../modules/services/step-ca.nix
+    ../../modules/fail2ban.nix
+    ../../modules/logging.nix
+    ../../modules/motd.nix
+    (modulesPath + "/installer/scan/not-detected.nix")
+    (modulesPath + "/profiles/qemu-guest.nix")
+  ];
+
+  boot = {
+    kernelParams = [ "console=tty0" "console=ttyS0" ];
+    loader.timeout = lib.mkForce 1;
+
+    loader.grub = {
+      efiSupport = true;
+      efiInstallAsRemovable = true;
+    };
+  };
+
+  mainUser.layout = "de";
+  mainUser.variant = "us";
+  custom = {
+    static-ip = {
+      enable = true;
+      ip = "192.168.0.21";
+      interface = "eth0";
+      #dns = "127.0.0.1";
+      dns = "192.168.0.10";
+    };
+    user = {
+      name = "anon";
+      layout = "de";
+      variant = "us";
+    };
+    hardware = {
+      firmware.enable = true;
+      ssd.enable = true;
+    };
+    misc = {
+      docker.enable = true;
+      #backup = let
+      #  kavita = "/data/kavita";
+      #  gitolite = "/var/lib/gitolite";
+      #  syncthing = [ "/data/synced/default/" "/data/synced/work_drive/" ];
+      #  syncthingFull = syncthing
+      #    ++ [ "/data/synced/fh/" "/data/synced/books/" ];
+      #  backupPathsSmall = [ "/home" gitolite ] ++ syncthing;
+      #  backupPathsMedium = [ "/home" gitolite ] ++ syncthing;
+      #  backupPathsFull = [ "/home" kavita gitolite ] ++ syncthingFull;
+      #in {
+      #  enable = true;
+      #  small = backupPathsSmall; # goes to backblaze
+      #  medium = backupPathsMedium; # goes to gdrive
+      #  large = backupPathsFull; # goes to local storage medium
+      #};
+    };
+    services = {
+      acme.enable = true;
+      #gitolite.enable = true;
+      #github-runner.enable = true;
+      #caldav.enable = true;
+      #kop-monitor.enable = true;
+      kop-fileshare = {
+        basePath = "/stash";
+        dataDir = "/1tbssd/kop-fileshare";
+        enable = true;
+      };
+      #nginx.enable = true;
+      #ente.enable = true;
+      #kavita = {
+      #  enable = true;
+      #  dir = "/data/kavita";
+      #};
+      #wireguard = {
+      #  enable = true;
+      #  ip = "192.168.2.1";
+      #};
+      #adguard.enable = true;
+      #syncthing = {
+      #  enable = true;
+      #  basePath = "/data/synced";
+      #};
+    };
+    nftables.enable = true;
+    cli-tools.enable = true;
+    nix = {
+      index.enable = true;
+      ld.enable = true;
+      settings.enable = true;
+    };
+  };
+
+  virtualisation.vmware.guest.enable = true;
+  services.xserver.videoDrivers = [ "vmware" ];
+
+  fileSystems."/data" = {
+    device = "/dev/disk/by-uuid/d117419d-fce9-4d52-85c7-e3481feaa22a";
+    fsType = "btrfs";
+    options = [ "compress=zstd" "noatime" "nofail" ];
+  };
+  fileSystems."/1tbssd" = {
+    device = "/dev/disk/by-uuid/801d9217-9c38-4ca8-914e-e31361603892";
+    fsType = "ext4";
+    options = [ "defaults" "nofail" "noatime" ];
+  };
+
+  networking.firewall.allowedTCPPorts = [ 25565 25566 ];
+  networking.hostName = "server-vm"; # Define your hostname.
+
+  # Set your time zone.
+  time.timeZone = "Europe/Vienna";
+
+  # Select internationalisation properties.
+  i18n.defaultLocale = "en_US.UTF-8";
+
+  i18n.extraLocaleSettings = {
+    LC_ADDRESS = "de_AT.UTF-8";
+    LC_IDENTIFICATION = "de_AT.UTF-8";
+    LC_MEASUREMENT = "de_AT.UTF-8";
+    LC_MONETARY = "de_AT.UTF-8";
+    LC_NAME = "de_AT.UTF-8";
+    LC_NUMERIC = "de_AT.UTF-8";
+    LC_PAPER = "de_AT.UTF-8";
+    LC_TELEPHONE = "de_AT.UTF-8";
+    LC_TIME = "de_AT.UTF-8";
+  };
+
+  # Configure console keymap
+  console.keyMap = "us";
+
+  system.stateVersion = "24.11"; # Did you read the comment?
+}