From 855bffb200cf8d0b57c402f4b173b3d000941d05 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= <motiejus@jakstys.lt>
Date: Mon, 17 Jul 2023 16:35:45 +0300
Subject: [PATCH] wip vm

---
 flake.nix                  | 10 ++++++++
 hosts/vm/configuration.nix | 49 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 59 insertions(+)
 create mode 100644 hosts/vm/configuration.nix

diff --git a/flake.nix b/flake.nix
index 70ac10c..9ee89bb 100644
--- a/flake.nix
+++ b/flake.nix
@@ -36,6 +36,16 @@
     myData = import ./data.nix;
   in
     {
+      nixosConfigurations.vm = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [
+          ./hosts/vm/configuration.nix
+          ./modules
+        ];
+
+        specialArgs = {inherit myData;} // inputs;
+      };
+
       nixosConfigurations.hel1-a = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         modules = [
diff --git a/hosts/vm/configuration.nix b/hosts/vm/configuration.nix
new file mode 100644
index 0000000..a0a7bf3
--- /dev/null
+++ b/hosts/vm/configuration.nix
@@ -0,0 +1,49 @@
+{
+  config,
+  pkgs,
+  lib,
+  myData,
+  ...
+}: let
+in {
+  mj = {
+    stateVersion = "23.05";
+    timeZone = "UTC";
+  };
+
+  users.users.vm.isSystemUser = true;
+  users.users.vm.initialPassword = "test";
+
+  environment = {
+    systemPackages = with pkgs; [
+      tmux
+      htop
+    ];
+  };
+
+  services = {
+    nsd = {
+      enable = true;
+      zones = {
+        "jakstys.lt.".data = myData.jakstysLTZone;
+      };
+    };
+  };
+
+  networking = {
+    hostName = "vm";
+    domain = "jakstys.lt";
+    firewall = {
+      allowedTCPPorts = [53];
+      allowedUDPPorts = [53];
+      logRefusedConnections = false;
+    };
+  };
+
+  nix = {
+    extraOptions = ''
+      experimental-features = nix-command flakes
+      trusted-users = vm
+    '';
+  };
+}