diff --git a/configurations.nix b/configurations.nix index 5c77292..6645be4 100644 --- a/configurations.nix +++ b/configurations.nix @@ -8,6 +8,7 @@ let nur colmena flake-registry + nixos-hypervisor nixos-hardware nixpkgs-unstable srvos @@ -44,6 +45,8 @@ let srvos.nixosModules.mixins-trusted-nix-caches srvos.nixosModules.mixins-terminfo + nixos-hypervisor.nixosModules.host + # srvos.nixosModules.mixins-telegraf # srvos.nixosModules.mixins-terminfo @@ -105,6 +108,9 @@ in flake.colmena = { meta.nixpkgs = import nixpkgs { system = "x86_64-linux"; + overlays = [ + nixos-hypervisor.overlays.default + ]; }; epyc = { imports = diff --git a/flake.lock b/flake.lock index 0c1856a..c5de10c 100644 --- a/flake.lock +++ b/flake.lock @@ -183,6 +183,27 @@ "type": "github" } }, + "flake-parts_2": { + "inputs": { + "nixpkgs-lib": [ + "nixos-hypervisor", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1687762428, + "narHash": "sha256-DIf7mi45PKo+s8dOYF+UlXHzE0Wl/+k3tXUyAoAnoGE=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "37dd7bb15791c86d55c5121740a1887ab55ee836", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, "flake-registry": { "flake": false, "locked": { @@ -286,6 +307,29 @@ "type": "github" } }, + "nixos-hypervisor": { + "inputs": { + "flake-parts": "flake-parts_2", + "nixpkgs": [ + "nixpkgs" + ], + "treefmt-nix": "treefmt-nix" + }, + "locked": { + "lastModified": 1688428885, + "narHash": "sha256-fVIbXKvHmxSUAKTMiXx799UasQwU2XT+op7bzvtfl8c=", + "ref": "main", + "rev": "9f32a304708fd9c91c081db05eee1b4f2e0226cc", + "revCount": 2, + "type": "git", + "url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor" + }, + "original": { + "ref": "main", + "type": "git", + "url": "ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor" + } + }, "nixpkgs": { "locked": { "lastModified": 1702539185, @@ -336,16 +380,16 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1716155578, - "narHash": "sha256-+ocwkKmur5q8MJpm8ao0O2wdbMYBxPtFDrCvjqnkZYA=", - "owner": "pennae", + "lastModified": 1709428628, + "narHash": "sha256-//ZCCnpVai/ShtO2vPjh3AWgo8riXCaret6V9s7Hew4=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "093d16ae7a4c6b5f215152972a223b9fbcd3343a", + "rev": "66d65cb00b82ffa04ee03347595aa20e41fe3555", "type": "github" }, "original": { - "owner": "pennae", - "ref": "stdenv-jobserver", + "owner": "NixOS", + "ref": "release-23.11", "repo": "nixpkgs", "type": "github" } @@ -375,6 +419,7 @@ "flake-registry": "flake-registry", "home-manager": "home-manager_2", "nixos-hardware": "nixos-hardware", + "nixos-hypervisor": "nixos-hypervisor", "nixpkgs": "nixpkgs_2", "nixpkgs-unstable": "nixpkgs-unstable", "nur": "nur", @@ -431,6 +476,27 @@ "repo": "default", "type": "github" } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": [ + "nixos-hypervisor", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688026376, + "narHash": "sha256-qJmkr9BWDpqblk4E9/rCsAEl39y2n4Ycw6KRopvpUcY=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "df3f32b0cc253dfc7009b7317e8f0e7ccd70b1cf", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index c52f6dd..88aaf19 100644 --- a/flake.nix +++ b/flake.nix @@ -10,7 +10,7 @@ flake-parts.url = "github:hercules-ci/flake-parts"; flake-parts.inputs.nixpkgs-lib.follows = "nixpkgs"; - nixpkgs.url = "github:pennae/nixpkgs/stdenv-jobserver"; + nixpkgs.url = "github:NixOS/nixpkgs/release-23.11"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; nixos-hardware.url = "github:NixOS/nixos-hardware"; @@ -33,8 +33,8 @@ # Ryan's experimental hypervisor based on cloud-hypervisor # Private repository, you need a valid SSH key to access it - # nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main"; - # nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs"; + nixos-hypervisor.url = "git+ssh://gitea@git.newtype.fr/newtype/nixos-hypervisor?ref=main"; + nixos-hypervisor.inputs.nixpkgs.follows = "nixpkgs"; flake-registry.url = "github:NixOS/flake-registry"; flake-registry.flake = false; diff --git a/hosts/epyc.nix b/hosts/epyc.nix index f84a8f4..0e27c41 100644 --- a/hosts/epyc.nix +++ b/hosts/epyc.nix @@ -36,6 +36,14 @@ in ''; networking.firewall.allowedTCPPorts = [ 5432 ]; + virtualisation.nvisor.vms = { + vm01 = { + config = { pkgs, ... }: { + environment.systemPackages = [ pkgs.hello ]; + }; + }; + }; + nix.buildMachines = [ { hostName = "localhost"; systems = [ diff --git a/modules/hypervisor.nix b/modules/hypervisor.nix index 4b2c5c4..2b11b5c 100644 --- a/modules/hypervisor.nix +++ b/modules/hypervisor.nix @@ -1,2 +1,5 @@ { ... }: { + virtualisation.nvisor = { + enable = true; + }; } diff --git a/modules/nix-daemon.nix b/modules/nix-daemon.nix index b30d12d..9ebbe82 100644 --- a/modules/nix-daemon.nix +++ b/modules/nix-daemon.nix @@ -30,9 +30,6 @@ in { domain = "*"; item = "nofile"; type = "-"; value = "20480"; } ]; - # Makes the computer go faster. - nixos.jobserver.enable = true; - # Memory accounting techniques systemd.services.nix-daemon.serviceConfig = { MemoryAccounting = true; @@ -66,7 +63,7 @@ in use-cgroups = true; http-connections = 0; auto-allocate-uids = true; - cores = 0; + cores = 64; # 128 is too much, it will explode the RAM for now. Let's keep it serious. max-jobs = 2; # Do not build more than 2 derivations at once in the event, both of them are too big, yes this is stupid, fix it in Nix. fsync-metadata = true; substituters = [