nix-community · onixie · Feb 21, 2020 · Mar 2, 2020 · Mar 2, 2020 · Mar 2, 2020
diff --git a/examples/virtd-network.nix b/examples/virtd-network.nix
@@ -0,0 +1,35 @@
+{
+    resources.libvirtdNetworks.net2 = {
+        type = "nat";
+        cidrBlock = "172.16.100.0/16";
+        staticIPs = [
+            {
+                machine = "node1";
+                address = "172.16.100.12";
+            }
+            {
+                machine = "node2";
+                address = "172.16.100.5";
+            }
+        ];
+    };
+
+    node1 = {
+        deployment.targetEnv = "libvirtd";
+        deployment.libvirtd.imageDir = "/var/lib/libvirt/images";
+        deployment.libvirtd.networks = [
+            "net2"
+            # {
+            #     name = "ovsbr0";
+            #     type = "bridge";
+            #     virtualport = "openvswitch";
+            # }
+        ];
+    };
+
+    node2 = {resources, ...}: {
+        deployment.targetEnv = "libvirtd";
+        deployment.libvirtd.imageDir = "/var/lib/libvirt/images";
+        deployment.libvirtd.networks = [ resources.libvirtdNetworks.net2 ];
+    };
+}
diff --git a/nix/default.nix b/nix/default.nix
@@ -5,5 +5,7 @@
   options = [
     ./libvirtd.nix
   ];
-  resources = { ... }: {};
+  resources = { evalResources, zipAttrs, resourcesByType, ...}: {
+    libvirtdNetworks = evalResources ./libvirtd-network.nix (zipAttrs resourcesByType.libvirtdNetworks or []);
+  };
 }
diff --git a/nix/libvirtd-network.nix b/nix/libvirtd-network.nix
@@ -0,0 +1,80 @@
+{ config, lib, pkgs, uuid, name, ... }:
+
+with lib;
+with import <nixops/lib.nix> lib;
+
+let
+    toMachineName = m: if builtins.isString m then m else m._name;
+in
+rec {
+    options = {
+        type = mkOption {
+            default = "nat";
+            description = ''
+              The type of the libvirt network.
+              Either NAT network or isolated network can be specified. Defaults to NAT Network.
+            '';
+            type = types.enum [ "nat" "isolate" ];
+        };
+
+        cidrBlock = mkOption {
+            example = "192.168.56.0/24";
+            description = ''
+              The IPv4 CIDR block for the libvirt network. The following IP addresses are reserved for the network:
+              Network     - The first  address in the IP range, e.g. 192.168.56.0   in 192.168.56.0/24
+              Gateway     - The second address in the IP range, e.g. 192.168.56.1   in 192.168.56.0/24
+              Broadcast   - The last   address in the IP range, e.g. 192.168.56.255 in 192.168.56.0/24
+            '';
+            type = types.str;
+        };
+
+        staticIPs = mkOption {
+            example = ''
+              # As an attrset
+              {
+                "192.168.56.10" = "node1";
+                "192.168.56.11" = "node2";
+                ...
+              }
+              # Or as a list
+              [
+                { address = "192.168.56.10"; machine = "node1"; }
+                { address = "192.168.56.11"; machine = "node2"; }
+                ...
+              ]
+            '';
+            default = [];
+            description = "The list of machine to IPv4 address bindings for fixing IP address of the machine in the network";
+            apply = a: if builtins.isAttrs a then mapAttrs (k: toMachineName) a else a;
+            type = with types; either attrs (listOf (submodule {
+                options = {
+                    machine = mkOption {
+                        type = either str (resource "machine");
+                        apply = toMachineName;
+                        description = "The name of the machine in the network";
+                    };
+                    address = mkOption {
+                        example = "192.168.56.3";
+                        type = str;
+                        description = ''
+                          The IPv4 address assigned to the machine as static IP.
+                          The static IP must be a non-reserved IP address.
+                        '';
+                    };
+                };
+            }));
+        };
+
+        URI = mkOption {
+            type = types.str;
+            default = "qemu:///system";
+            description = ''
+              Connection URI.
+            '';
+        };
+    };
+
+    config = {
+        _type = "libvirtd-network";
+    };
+}
diff --git a/nix/libvirtd.nix b/nix/libvirtd.nix
@@ -1,6 +1,7 @@
 { config, pkgs, lib, ... }:
 
 with lib;
+with import <nixops/lib.nix> lib;
 
 let
   the_key = builtins.getEnv "NIXOPS_LIBVIRTD_PUBKEY";
@@ -80,10 +81,48 @@ in
         disk image as a base.
       '';
     };
-
     deployment.libvirtd.networks = mkOption {
       default = [ "default" ];
-      type = types.listOf types.str;
+      type = with types; nonEmptyListOf
+          (either
+              str # for backward compatibility
+              (either
+                  (resource "libvirtd-network")
+                  (submodule {
+                  options = {
+                      name = mkOption {
+                          default = "";
+                          description = "The name of the network not managed by NixOps";
+                          type = str;
+                      };
+                      type = mkOption {
+                          description = "The type of the network";
+                          type = enum [ "nat" "isolate" "bridge" "direct" ];
+                      };
+                      mode = mkOption {
+                          default = "bridge";
+                          description = "The mode of the direct (macvtap) network";
+                          type = enum [ "bridge" "vepa" "private" "passthrough" ];
+                      };
+                      virtualport = mkOption {
+                          default = null;
+                          description = "The virtualport for specific bridge devices such as Open vSwitch";
+                          type = nullOr (either str (submodule {
+                              optiones = {
+                                  type = mkOption {
+                                      description = "The type of the virtualport";
+                                      type = str;
+                                  };
+                                  parameters = mkOption {
+                                      description = "The parameters of the virtualport";
+                                      type = attrset;
+                                  };
+                              };
+                          }));
+                      };
+                  };
+                  }))
+          );
       description = "Names of libvirt networks to attach the VM to.";
     };
 
@@ -134,9 +173,15 @@ in
     fileSystems."/".device = "/dev/disk/by-label/nixos";
 
     boot.loader.grub.version = 2;
-    boot.loader.grub.device = "/dev/sda";
+    boot.loader.grub.device = "/dev/vda";
     boot.loader.timeout = 0;
 
+    # imports =
+    #   [ <nixpkgs/nixos/modules/profiles/qemu-guest.nix>
+    #   ];
+    boot.initrd.availableKernelModules = [ "virtio_pci" "virtio_blk" "virtio_net" ];
+    boot.kernelModules = [ "kvm-intel" ];
+
     services.openssh.enable = true;
     services.openssh.startWhenNeeded = false;
     services.openssh.extraConfig = "UseDNS no";