althaea.zone / wire
ALPHA: wire is a tool to deploy nixos systems wire.althaea.zone/
fork atom
wire / bench / vm.nix
at rollback-hacking 67 lines 1.4 kB view raw
1{ 2 lib, 3 index, 4 modulesPath, 5 pkgs, 6 ... 7}: 8let 9 flake = import ../default.nix; 10 snakeOil = import "${pkgs.path}/nixos/tests/ssh-keys.nix" pkgs; 11in 12{ 13 imports = [ 14 "${flake.inputs.nixpkgs}/nixos/modules/virtualisation/qemu-vm.nix" 15 "${modulesPath}/virtualisation/qemu-vm.nix" 16 "${modulesPath}/testing/test-instrumentation.nix" 17 ]; 18 19 networking.hostName = "node_${index}"; 20 21 boot = { 22 loader = { 23 systemd-boot.enable = true; 24 efi.canTouchEfiVariables = true; 25 }; 26 }; 27 28 environment.variables.XDG_RUNTIME_DIR = "/tmp"; 29 30 services = { 31 openssh = { 32 enable = true; 33 settings = { 34 PermitRootLogin = "without-password"; 35 }; 36 }; 37 38 getty.autologinUser = "root"; 39 }; 40 41 virtualisation = { 42 graphics = false; 43 # useBootLoader = true; 44 45 diskSize = 5024; 46 memorySize = 4096; 47 }; 48 49 # It's important to note that you should never ever use this configuration 50 # for production. You are risking a MITM attack with this! 51 programs.ssh.extraConfig = '' 52 Host * 53 StrictHostKeyChecking no 54 UserKnownHostsFile /dev/null 55 ''; 56 57 users.users.root.openssh.authorizedKeys.keys = [ snakeOil.snakeOilEd25519PublicKey ]; 58 systemd.tmpfiles.rules = [ 59 "C+ /root/.ssh/id_ed25519 600 - - - ${snakeOil.snakeOilEd25519PrivateKey}" 60 ]; 61 62 nix = { 63 nixPath = [ "nixpkgs=${pkgs.path}" ]; 64 settings.substituters = lib.mkForce [ ]; 65 package = pkgs.lix; 66 }; 67}