vms almost working

modules/microvm.nix

@@ -1,3 +1,38 @@
-{...}: {
-  microvm.hyprvisor = "cloud-hyprvisor";
+{
+  config,
+  lib,
+  ...
+}: let
+  attrSets = lib.lists.imap1 (i: v: {
+    name = v;
+    index = i;
+  }) (builtins.attrNames config.microvm.vms);
+in {
+  config.microvm.hyprvisor = "cloud-hyprvisor";
+
+  systemd.network.networks = builtins.listToAttrs attrSet ({
+    name,
+    index,
+  }: {
+    name = "30-vm${name}";
+    value = {
+      matchConfig.Name = "vm${name}";
+      address = [
+        "10.0.0.0/32"
+      ];
+      routes = [
+        {
+          Destination = "10.0.0.${toString index}/32";
+        }
+      ];
+      networkConfig = {IPv4Forwarding = true;};
+    };
+  });
+
+  # NAT (make vms accessible in host)
+  networking.nat = {
+    enable = true;
+    internalIps = ["10.0.0.0/24"];
+    externalInterface = "enp2s0";
+  };
 }

modules/networking-metal.nix

@@ -1,8 +1,8 @@
 {...}: {
   networking.useDHCP = false;
 
-  networking.wakeOnLan.enable = true;
-  networking.enp2s0.wakeOnLan.policy = "magic";
+  # networking.wakeOnLan.enable = true;
+  # networking.interfaces.enp2s0.wakeOnLan.policy = "magic";
 
   networking.interfaces.enp2s0 = {
     ipv4.addresses = [

modules/networking-shared.nix

@@ -1,7 +1,8 @@
 {hostname ? "server"}: {...}: {
   networking.hostName = hostname;
   networking.hostId = "2ead098f";
-  networking.networkmanager.enable = true;
+  networking.networkmanager.enable = false;
+  networking.useNetworkd = true;
   networking.firewall = {
     enable = true;
     allowedTCPPorts = [];

services/sonarr.nix

@@ -1,16 +1,20 @@
 {lib, ...}: let
   host = "127.0.0.1";
   port = 8989;
+  vm-index = 1;
+  vm-mac = "00:00:00:00:00:01";
 in {
   config.microvm.autostart = ["sonarr"];
 
   config.system.activationScripts.makeSonarrDir = lib.stringAfter ["var"] ''
     mkdir -p /var/lib/sonarr
+    chmod -R microvm /var/lib/sonarr
   '';
 
   config.microvm.vms."sonarr" = {
     config = {
       system.stateVersion = "24.11";
+      # Storage share configuration
       microvm.shares = [
         {
           tag = "ro-store";
@@ -21,33 +25,55 @@ in {
           tag = "data-dir";
           source = "/var/lib/sonarr";
           mountPoint = "/var/lib/sonarr";
+          proto = "virtiofs";
         }
       ];
+
+      # VM Networking
       microvm.interfaces = [
         {
+          id = "vm${toString vm-index}";
           type = "tap";
-
-          # interface name on the host
-          id = "vm-sonarr";
-
-          # Ethernet address of the MicroVM's interface, not the host's
-          #
-          # Locally administered have one of 2/6/A/E in the second nibble.
-          mac = "02:00:00:00:00:01";
+          mac = vm-mac;
         }
       ];
-
-      services.sonarr = {
-        enable = true;
-        openFirewall = true; # Hide sonarr behind firewall
+      networking.useNetworkd = true;
+      systemd.network.networks."10-eth" = {
+        matchConfig.MACAddress = vm-mac;
+        address = [
+          "10.0.0.${toString vm-index}/32"
+        ];
+        routes = [
+          # Host Route
+          {
+            Destination = "10.0.0.0/32";
+            GatewayOnLink = true;
+          }
+          # Default route
+          {
+            Destination = "0.0.0.0/0";
+            Gateway = "10.0.0.0";
+            GatewayOnLink = true;
+          }
+        ];
+        networkConfig = {
+          DNS = [
+            "9.9.9.9"
+            "8.8.8.8"
+            "8.8.4.4"
+          ];
+        };
       };
 
-      services.nginx.virtualHosts."sonarr.spoodythe.one" = {
-        addSSL = true;
-        enableACME = true;
-        locations."/" = {
-          proxyPass = "http://${host}:${toString port}";
-        };
+      # Service
+      services.sonarr = {
+        enable = true;
+        openFirewall = true;
+      };
+
+      # Debug user
+      users.users."root" = {
+        password = "1234";
       };
     };
   };