Configure QEMU virtual bridge for SICA VM
This commit is contained in:
parent
db16c3fef7
commit
eef13ca8bf
GPG Key ID:
9893DA236405AF57
|
|
@ -26,11 +26,9 @@
|
|||
nssmdns = true;
|
||||
publish = {
|
||||
enable = true;
|
||||
userServices = true;
|
||||
addresses = true;
|
||||
domain = true;
|
||||
workstation = true;
|
||||
};
|
||||
reflector = true;
|
||||
};
|
||||
|
||||
# Firewall configuration
|
||||
|
|
@ -38,6 +36,7 @@
|
|||
allowedTCPPorts = [
|
||||
445 # Samba
|
||||
139 # Samba
|
||||
2222 # VM SSH
|
||||
5000 # Sybase
|
||||
];
|
||||
allowedUDPPorts = [
|
||||
|
|
@ -48,11 +47,21 @@
|
|||
allowPing = true;
|
||||
};
|
||||
|
||||
# Enable NAT for wireguard
|
||||
# Enable NAT for wireguard and forward ports to sica VM
|
||||
networking.nat = {
|
||||
enable = true;
|
||||
externalInterface = "eth0";
|
||||
internalInterfaces = [ "wg0" ];
|
||||
internalInterfaces = [ "wg0" "br0" ];
|
||||
forwardPorts = [
|
||||
{
|
||||
destination = "192.168.122.100:22";
|
||||
sourcePort = 2222;
|
||||
}
|
||||
{
|
||||
destination = "192.168.122.100:5000";
|
||||
sourcePort = 5000;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
# Wireguard setup
|
||||
|
|
@ -71,4 +80,29 @@
|
|||
};
|
||||
};
|
||||
|
||||
# QEMU virtual bridge
|
||||
networking.interfaces.br0 = {
|
||||
ipv4.addresses = [{
|
||||
address = "192.168.122.1";
|
||||
prefixLength = 24;
|
||||
}];
|
||||
};
|
||||
networking.bridges.br0.interfaces = [ ];
|
||||
|
||||
services.dhcpd4 = {
|
||||
enable = true;
|
||||
interfaces = [ "br0" ];
|
||||
extraConfig = ''
|
||||
option routers 192.168.122.1;
|
||||
option broadcast-address 192.168.122.255;
|
||||
option subnet-mask 255.255.255.0;
|
||||
option domain-name-servers 1.1.1.1, 8.8.8.8;
|
||||
default-lease-time -1;
|
||||
max-lease-time -1;
|
||||
subnet 192.168.122.0 netmask 255.255.255.0 {
|
||||
range 192.168.122.100 192.168.122.200;
|
||||
}
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,9 +4,10 @@
|
|||
# Enable virtualisation
|
||||
virtualisation.libvirtd = {
|
||||
enable = true;
|
||||
qemuRunAsRoot = false;
|
||||
onBoot = "ignore";
|
||||
onShutdown = "shutdown";
|
||||
qemuPackage = pkgs.qemu_kvm;
|
||||
allowedBridges = [ "br0" ];
|
||||
};
|
||||
|
||||
# Declarative configuration of the VMs
|
||||
|
|
@ -16,7 +17,7 @@
|
|||
script = ''
|
||||
disk=/vault/VMs/sica.qcow2
|
||||
sock=/run/qemu-sica.mon.sock
|
||||
${pkgs.qemu_kvm}/bin/qemu-kvm -m 1G -nic user,hostfwd=tcp::2222-:22,hostfwd=tcp::5000-:5000 -hda $disk -monitor unix:$sock,server,nowait -nographic
|
||||
${pkgs.qemu}/bin/qemu-kvm -m 1G -nic bridge,br=br0,model=virtio --hda $disk -monitor unix:$sock,server,nowait -nographic
|
||||
'';
|
||||
preStop = ''
|
||||
echo 'system_powerdown' | ${pkgs.socat}/bin/socat - UNIX-CONNECT:/run/qemu-sica.mon.sock
|
||||
|
|
|
|||
Loading…
Reference in New Issue