Configure QEMU virtual bridge for SICA VM

This commit is contained in:
coolneng 2021-03-25 09:52:43 +01:00
parent db16c3fef7
commit eef13ca8bf
Signed by: coolneng
GPG Key ID: 9893DA236405AF57
2 changed files with 42 additions and 7 deletions

View File

@ -26,11 +26,9 @@
nssmdns = true; nssmdns = true;
publish = { publish = {
enable = true; enable = true;
userServices = true; addresses = true;
domain = true; domain = true;
workstation = true;
}; };
reflector = true;
}; };
# Firewall configuration # Firewall configuration
@ -38,6 +36,7 @@
allowedTCPPorts = [ allowedTCPPorts = [
445 # Samba 445 # Samba
139 # Samba 139 # Samba
2222 # VM SSH
5000 # Sybase 5000 # Sybase
]; ];
allowedUDPPorts = [ allowedUDPPorts = [
@ -48,11 +47,21 @@
allowPing = true; allowPing = true;
}; };
# Enable NAT for wireguard # Enable NAT for wireguard and forward ports to sica VM
networking.nat = { networking.nat = {
enable = true; enable = true;
externalInterface = "eth0"; externalInterface = "eth0";
internalInterfaces = [ "wg0" ]; internalInterfaces = [ "wg0" "br0" ];
forwardPorts = [
{
destination = "192.168.122.100:22";
sourcePort = 2222;
}
{
destination = "192.168.122.100:5000";
sourcePort = 5000;
}
];
}; };
# Wireguard setup # Wireguard setup
@ -71,4 +80,29 @@
}; };
}; };
# QEMU virtual bridge
networking.interfaces.br0 = {
ipv4.addresses = [{
address = "192.168.122.1";
prefixLength = 24;
}];
};
networking.bridges.br0.interfaces = [ ];
services.dhcpd4 = {
enable = true;
interfaces = [ "br0" ];
extraConfig = ''
option routers 192.168.122.1;
option broadcast-address 192.168.122.255;
option subnet-mask 255.255.255.0;
option domain-name-servers 1.1.1.1, 8.8.8.8;
default-lease-time -1;
max-lease-time -1;
subnet 192.168.122.0 netmask 255.255.255.0 {
range 192.168.122.100 192.168.122.200;
}
'';
};
} }

View File

@ -4,9 +4,10 @@
# Enable virtualisation # Enable virtualisation
virtualisation.libvirtd = { virtualisation.libvirtd = {
enable = true; enable = true;
qemuRunAsRoot = false;
onBoot = "ignore"; onBoot = "ignore";
onShutdown = "shutdown"; onShutdown = "shutdown";
qemuPackage = pkgs.qemu_kvm; allowedBridges = [ "br0" ];
}; };
# Declarative configuration of the VMs # Declarative configuration of the VMs
@ -16,7 +17,7 @@
script = '' script = ''
disk=/vault/VMs/sica.qcow2 disk=/vault/VMs/sica.qcow2
sock=/run/qemu-sica.mon.sock sock=/run/qemu-sica.mon.sock
${pkgs.qemu_kvm}/bin/qemu-kvm -m 1G -nic user,hostfwd=tcp::2222-:22,hostfwd=tcp::5000-:5000 -hda $disk -monitor unix:$sock,server,nowait -nographic ${pkgs.qemu}/bin/qemu-kvm -m 1G -nic bridge,br=br0,model=virtio --hda $disk -monitor unix:$sock,server,nowait -nographic
''; '';
preStop = '' preStop = ''
echo 'system_powerdown' | ${pkgs.socat}/bin/socat - UNIX-CONNECT:/run/qemu-sica.mon.sock echo 'system_powerdown' | ${pkgs.socat}/bin/socat - UNIX-CONNECT:/run/qemu-sica.mon.sock