New modules for container managment

modules/commons.nix

@@ -0,0 +1,40 @@
+{ config, lib, ... }:
+let
+  cfg = config.commons;
+in
+{
+  options.commons = {
+    enable = lib.mkEnableOption "Enable commons stuff that are always nice to have";
+
+    allowReboot = lib.mkOption {
+      default = false;
+      type = lib.types.bool;
+      description = config.system.autoUpgrade.allowReboot;
+    };
+
+  };
+
+  config = lib.mkIf cfg.enable {
+
+    # Auto update
+    system.autoUpgrade = {
+      enable = true;
+      randomizedDelaySec = "10min";
+      allowReboot = cfg.allowReboot;
+    };
+
+    nix = {
+
+      settings.experimental-features = [ "nix-command" "flakes" ];
+
+      gc = {
+        # Auto delete old generations
+        automatic = true;
+        options = "--delete-older-than 2d";
+      };
+    };
+
+    nixpkgs.config.allowUnfree = true;
+
+  };
+}

modules/default.nix

@@ -8,6 +8,7 @@
 
     # Files
     ./btrfs-autoscrub.nix
+    ./commons.nix
     ./main-user.nix
     ./audio.nix
 

modules/services/default.nix

@@ -1,6 +1,7 @@
 {
   imports = [
     ./download-pod.nix
+    ./download-pod-old.nix
     ./nextcloud-podman.nix
   ];
 }

modules/virtualisation/default.nix

@@ -3,7 +3,9 @@
     ./docker.nix
     ./libvirtd.nix
     ./lxc.nix
+    ./lxc-guest.nix
     ./podman.nix
-    ./oci-containers
+    ./proxmox.nix
+    # ./oci-containers
   ];
 }

modules/virtualisation/docker.nix

@@ -10,7 +10,7 @@ in
   config = lib.mkIf cfg.enable {
     virtualisation = {
       docker = {
-        storageDriver = "btrfs";
+        storageDriver = "overlay2";
         rootless = {
           enable = true;
           setSocketVariable = true;

modules/virtualisation/lxc-guest.nix

@@ -0,0 +1,27 @@
+{ config, lib, ... }:
+let
+  cfg = config.lxcGuest;
+in
+{
+  options.lxcGuest = {
+    enable = lib.mkEnableOption "NixOs inside LXC container";
+  };
+
+  config = lib.mkIf cfg.enable {
+    # start tty0 on serial console
+    systemd.services."getty@tty1" = {
+      enable = lib.mkForce true;
+      wantedBy = [ "getty.target" ]; # to start at boot
+      serviceConfig.Restart = "always"; # restart when session is closed
+    };
+
+    # Supress systemd units that don't work because of LXC.
+    # https://blog.xirion.net/posts/nixos-proxmox-lxc/#configurationnix-tweak
+    systemd.suppressedSystemUnits = [
+      "dev-mqueue.mount"
+      "sys-kernel-debug.mount"
+      "sys-fs-fuse-connections.mount"
+    ];
+  };
+
+}

modules/virtualisation/proxmox.nix

@@ -0,0 +1,48 @@
+{ config, lib, pkgs, ... }:
+
+let
+  cfg = config.proxmox;
+in
+{
+
+  options.proxmox = {
+    enable = lib.mkEnableOption "If this host is running inside Proxmox";
+
+    privileged = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to enable privileged mounts
+      '';
+    };
+
+    manageNetwork = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to manage network interfaces through nix options
+        When false, systemd-networkd is enabled to accept network
+        configuration from proxmox.
+      '';
+    };
+
+    manageHostName = lib.mkOption {
+      type = lib.types.bool;
+      default = false;
+      description = ''
+        Whether to manage hostname through nix options
+        When false, the hostname is picked up from /etc/hostname
+        populated by proxmox.
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+    proxmoxLXC = {
+      enable = true;
+      privileged = cfg.privileged;
+      manageNetwork = cfg.manageNetwork;
+      manageHostName = cfg.manageHostName;
+    };
+  };
+}