Use incus (#77)

2025-12-26 15:04:59 +08:00 · 2025-01-21 15:19:24 -05:00 · 2025-01-21 15:19:24 -05:00 · 2e24bebafc
commit 2e24bebafc
parent 8383bac2e6
2 changed files with 59 additions and 3 deletions
--- a/configurations/nixos/pureintent/default.nix
+++ b/configurations/nixos/pureintent/default.nix
@ -11,6 +11,7 @@ in
  imports = [
    self.nixosModules.default
    ./configuration.nix
+    (self + /modules/nixos/linux/lxd.nix)
    (self + /modules/nixos/shared/github-runner.nix)
  ];

--- a/modules/nixos/linux/lxd.nix
+++ b/modules/nixos/linux/lxd.nix
@ -1,7 +1,62 @@
-{ flake, ... }: {
-  virtualisation.lxd.enable = true;
+# https://wiki.nixos.org/wiki/Incus
+{ flake, ... }:
+let
+  networkName = "incusbr0";
+
+  # Problems? 
+  # 1. Disable the service
+  # 2. Reset with: `sudo rm -rf /var/lib/lx* /var/lib/incus/`
+  # 3. Reboot
+  # 4. Then re-enable service
+  #
+  # Getting `user-1000` related nonsense errors?
+  # Just use the default project: `incus project switch default`
+  preseedConfig = {
+    networks = [
+      {
+        name = networkName;
+        type = "bridge";
+      }
+    ];
+    profiles = [
+      {
+        name = "default";
+        devices = {
+          eth0 = {
+            name = "eth0";
+            network = networkName;
+            type = "nic";
+          };
+          root = {
+            path = "/";
+            pool = "default";
+            type = "disk";
+          };
+        };
+      }
+    ];
+    storage_pools = [
+      {
+        name = "default";
+        driver = "dir";
+        config = {
+          source = "/var/lib/incus/storage-pools/default";
+        };
+      }
+    ];
+  };
+in
+{
+  virtualisation.incus = {
+    enable = true;
+    preseed = preseedConfig;
+  };

  users.users.${flake.config.me.username} = {
-    extraGroups = [ "lxd" ];
+    extraGroups = [ "incus" "incus-admin" ];
  };
+
+  networking.nftables.enable = true;
+
+  networking.firewall.trustedInterfaces = [ networkName ];
 }