# This doesn't seem to work for some reason. I wonder why.
# The VMs themselves don't want to launch properly.
kittybox:
{ lib, system, ... }: let
kittyboxModule = { config, pkgs, lib, ... }: {
imports = [ kittybox.nixosModules.default commonModule ];
services.kittybox = {
enable = true;
tokenEndpoint = "https://example.com";
authorizationEndpoint = "https://example.com";
backendUri = "file:///srv/kittybox";
};
environment.systemPackages = with pkgs; [ xh ];
virtualisation.fileSystems."/srv" = {
fsType = "nfs";
options = [ "vers=4" ];
device = "primrose:/";
};
systemd.services.kittybox = {
bindsTo = [ "srv.mount" ];
after = [ "srv.mount" ];
serviceConfig = {
DynamicUser = lib.mkForce false;
User = "kittybox";
Group = "kittybox";
};
};
};
commonModule = {
users.users.kittybox = {
isSystemUser = true;
uid = 990;
group = "kittybox";
};
users.groups.kittybox.gid = 990;
networking.firewall.enable = false;
};
in {
name = "kittybox-distributed";
nodes = {
primrose = { config, pkgs, lib, ... }: {
imports = [ commonModule ];
services.nfs.server.enable = true;
services.nfs.server.createMountPoints = true;
services.nfs.server.exports = ''
/srv 192.168.1.0/255.255.255.0(rw,no_root_squash,no_subtree_check,fsid=0)
'';
systemd.tmpfiles.rules = [
"d /srv/kittybox 1750 kittybox root -"
];
};
longiflorum = { config, pkgs, lib, ... }: {
imports = [ kittyboxModule ];
};
amaranthus = { config, pkgs, lib, ... }: {
imports = [ kittyboxModule ];
};
hydrangea = { config, pkgs, lib, ... }: {
imports = [ kittyboxModule ];
};
};
testScript = ''
primary = primrose;
servants = [longiflorum, amaranthus, hydrangea];
primary.wait_for_unit("nfs-server")
primary.succeed("systemctl start network-online.target")
primary.wait_for_unit("network-online.target")
start_all()
for machine in servants:
machine.wait_for_open_port(8080)
# Onboarding
servants[0].copy_from_host("${./onboarding.json}", "/root/onboarding.json")
servants[0].succeed("xh --follow http://localhost:8080/.kittybox/onboarding -j @/root/onboarding.json")
# Check that all machines got this address onboarded
for machine in servants:
machine.succeed("xh http://localhost:8080/ | grep 'vestige of the past long gone'")
'';
}