Bicep as a vm

hosts/bicep/configuration.nix

@@ -7,13 +7,13 @@
     (fp /misc/metrics-exporters.nix)
     ./services/nginx
 
-    ./services/calendar-bot.nix
+    #./services/calendar-bot.nix
-    ./services/git-mirrors
+    #./services/git-mirrors
-    ./services/minecraft-heatmap.nix
+    #./services/minecraft-heatmap.nix
-    ./services/mysql.nix
+    #./services/mysql.nix
     ./services/postgres.nix
 
-    ./services/matrix
+    #./services/matrix
   ];
 
   sops.defaultSopsFile = fp /secrets/bicep/bicep.yaml;
@@ -21,13 +21,17 @@
   sops.age.keyFile = "/var/lib/sops-nix/key.txt";
   sops.age.generateKey = true;
 
-  boot.loader.grub.enable = true;
+  #boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/disk/by-id/scsi-3600508b1001cb1a8751c137b30610682";
+  #boot.loader.grub.device = "/dev/disk/by-id/scsi-3600508b1001cb1a8751c137b30610682";
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
 
   networking.hostName = "bicep";
 
-  systemd.network.networks."30-enp6s0f0" = values.defaultNetworkConfig // {
+  #systemd.network.networks."30-enp6s0f0" = values.defaultNetworkConfig // {
-    matchConfig.Name = "enp6s0f0";
+  systemd.network.networks."30-ens18" = values.defaultNetworkConfig // {
+    #matchConfig.Name = "enp6s0f0";
+    matchConfig.Name = "ens18";
     address = with values.hosts.bicep; [ (ipv4 + "/25") (ipv6 + "/64") ]
       ++ (with values.services.turn; [ (ipv4 + "/25") (ipv6 + "/64") ]);
   };
@@ -38,6 +42,13 @@
   # There are no smart devices
   services.smartd.enable = false;
   
+  # we are a vm now
+  services.qemuGuest.enable = true;  
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+  services.sshguard.enable = true;
+
   # Do not change, even during upgrades.
   # See https://search.nixos.org/options?show=system.stateVersion
   system.stateVersion = "22.11";

hosts/bicep/hardware-configuration.nix

@@ -5,22 +5,29 @@
 
 {
   imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
+    [ (modulesPath + "/profiles/qemu-guest.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "uhci_hcd" "ehci_pci" "hpsa" "ohci_pci" "usbhid" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "ahci" "sd_mod" "sr_mod" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = "/dev/disk/by-uuid/31a67903-dc00-448a-a24a-36e820318fe5";
+    { device = "/dev/disk/by-uuid/20e06202-7a09-47cc-8ef6-5e7afe19453a";
       fsType = "ext4";
     };
 
+  # temp data disk, only 128gb not enough until we can add another disk to the system.
   fileSystems."/data" =
-    { device = "/dev/disk/by-uuid/79e93eed-ad95-45c9-b115-4ef92afcc8c0";
+    { device = "/dev/disk/by-uuid/c81af266-0781-4084-b8eb-c2587cbcf1ba";
-      fsType = "f2fs";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/198B-E363";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
     };
 
   swapDevices = [ ];
@@ -30,11 +37,7 @@
   # still possible to use this option, but it's recommended to use it in conjunction
   # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
   networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp6s0f0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.ens18.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp6s0f1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp6s0f2.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp6s0f3.useDHCP = lib.mkDefault true;
 
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }