Last active
February 7, 2026 19:36
-
-
Save sebastiant/1f84da015ae0bfa21b7b0dd0c4ca6c8b to your computer and use it in GitHub Desktop.
nixos qemu vm example
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| description = "qemu vm example"; | |
| inputs = { | |
| nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; | |
| }; | |
| outputs = | |
| { nixpkgs, ... }: | |
| { | |
| devShells."x86_64-linux".default = | |
| let | |
| pkgs = import nixpkgs { | |
| system = "x86_64-linux"; | |
| }; | |
| dev-infra = pkgs.writeScriptBin "dev-infra" '' | |
| set -x | |
| export QEMU_NET_OPTS="hostfwd=tcp::45432-:5432,hostfwd=tcp::6379-:6379" | |
| nixos-rebuild build-vm --flake .#dev-infra && \ | |
| unset LD_LIBRARY_PATH && \ | |
| ./result/bin/run-nixos-vm | |
| ''; | |
| in | |
| pkgs.mkShell { | |
| buildInputs = [ dev-infra ]; | |
| }; | |
| nixosConfigurations.dev-infra = nixpkgs.lib.nixosSystem { | |
| system = "x86_64-linux"; | |
| modules = [ | |
| (import "${nixpkgs}/nixos/modules/virtualisation/qemu-vm.nix") | |
| ( | |
| { pkgs, ... }: | |
| { | |
| config = | |
| let | |
| postgresqlPackage = pkgs.postgresql_14; | |
| in | |
| { | |
| virtualisation.qemu.options = [ | |
| "-audiodev none,id=noaudion" | |
| "-nographic" | |
| ]; | |
| system.stateVersion = "24.05"; | |
| services.qemuGuest.enable = true; | |
| networking.firewall.allowedTCPPorts = [ | |
| 5432 | |
| 6379 | |
| ]; | |
| services.openssh.enable = true; | |
| services.openssh.settings.PermitRootLogin = "yes"; | |
| services.pipewire.enable = false; | |
| users.extraUsers.root.password = ""; | |
| users.mutableUsers = false; | |
| boot.loader.systemd-boot.enable = true; | |
| boot.loader.efi.canTouchEfiVariables = true; | |
| users.groups.foo = { }; | |
| users.users.foo = { | |
| isSystemUser = true; | |
| description = "something descriptive"; | |
| group = "foo"; | |
| }; | |
| services.postgresql = { | |
| enable = true; | |
| package = postgresqlPackage; | |
| enableTCPIP = true; | |
| authentication = pkgs.lib.mkOverride 10 '' | |
| local all all trust | |
| host all all 127.0.0.1/32 trust | |
| host all all 10.0.0.0/8 trust | |
| host all all ::1/128 trust | |
| ''; | |
| }; | |
| systemd.services.postgresql.postStart = '' | |
| CREATE ROLE foo WITH LOGIN PASSWORD 'bar'; | |
| CREATE DATABASE foo; | |
| GRANT ALL PRIVILEGES ON DATABASE foo TO foo; | |
| ''; | |
| services.redis.servers."foo" = { | |
| enable = true; | |
| bind = null; | |
| port = 6379; | |
| settings = { | |
| "protected-mode" = "no"; | |
| }; | |
| }; | |
| }; | |
| } | |
| ) | |
| ]; | |
| }; | |
| }; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment