kubernetes vm building

vms/kube-vm/default.nix

@@ -0,0 +1,6 @@
+{ pkgs, ... }: {
+  environment.systemPackages = with pkgs; [ virtiofsd ];
+  microvm.autostart = [ "kube-vm" ];
+  microvm.vms."kube-vm" = { config = ./kube-vm.nix; };
+
+}

vms/kube-vm/kube-vm.nix

@@ -0,0 +1,70 @@
+{ pkgs, ... }: {
+  users.users.root = {
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAhiPhFbCi64NduuV794omgS8mctBLXtqxbaEJyUo6lg botalex@DESKTOPSKTOP-ENDVV0V"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIFhTExbc9m4dCK6676wGiA8zPjE0l/9Fz2yf0IKvUvg snorre@archlinux"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxUPAsPkri0B+xkO3sCHJZfKgAbgPcepP8J4WW4yyLj u0_a167@localhost"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAfQLOKUnOARUAs8X1EL1GRHoCQ0oMun0vzL7Z78yOsM nixos@nixos"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJw1ckvXz78ITeqANrWSkJl6PJo2AMA4myNrRMBAB7xW zhentao2004@gmail.com"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKhcUZbIMX0W27l/FMF5WijpdsJAK329/P008OEAfcyz botmain@nixos"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILB0esg3ABIcYWxvQKlPuwEE6cbhNcWjisfky0wnGirJ root@nixos"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGxUPAsPkri0B+xkO3sCHJZfKgAbgPcepP8J4WW4yyLj u0_a167@localhost"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKyZOZlcQBmqSPxjaGgE2tP+K7LYziqjFUo3EX12rGtf botlap@nixos"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLSUXsao6rjC3FDtRHhh7z6wqMtA/mqL50e1Dj9a2wE botserver@botserver"
+    ];
+  };
+  services.openssh = { enable = true; };
+  imports = [ ./../../modules/getNvim.nix ];
+  environment.systemPackages = with pkgs; [
+    neovim
+    git
+    wget
+    curl
+    busybox
+    gcc
+    tree-sitter
+    busybox
+    nodejs_22
+    screen
+    fastfetch
+    btop
+    openssh
+    ripgrep
+  ];
+
+  # --- MicroVM Specific Settings ---
+  microvm = {
+    # Choose your hypervisor: "qemu", "firecracker", "cloud-hypervisor", etc.
+    hypervisor = "qemu";
+
+    # Create a tap interface or user networking
+    interfaces = [{
+      type = "user"; # 'user' networking is easiest for testing (slirp)
+      id = "eth0";
+      mac = "02:00:00:00:00:01";
+    }];
+
+    forwardPorts = [{
+      from = "host";
+      host.port = 2222;
+      guest.port = 22;
+    }];
+
+    # Mount the host's /nix/store explicitly (read-only)
+    # This makes the VM start instantly as it shares the host store.
+    shares = [{
+      tag = "ro-store";
+      source = "/nix/store";
+      mountPoint = "/nix/.ro-store";
+    }];
+
+    # Writable disk allocation
+    volumes = [{
+      image = "/var/lib/microvms/kube-vm/kube-vm.img";
+      mountPoint = "/";
+      size = 512 * 4; # Size in MB
+    }];
+  };
+
+  system.stateVersion = "24.11";
+}

vms/kube-vm/kubernetes.nix

@@ -0,0 +1,72 @@
+{ pkgs, ... }:
+let
+  kubeMasterIP = "37.49.130.171";
+  kubeMasterHostname = "polycule.deprived";
+  kubeMasterAPIServerPort = 6443;
+in {
+  nixpkgs.overlays = [
+    (final: prev: {
+      containerd = prev.containerd.overrideAttrs rec {
+        version = "1.7.29";
+
+        src = final.fetchFromGitHub {
+          owner = "containerd";
+          repo = "containerd";
+          rev = "v${version}";
+          sha256 = "sha256-aR0i+0v2t6vyI+QN30P1+t+pHU2Bw7/XPUYLjJm1rhw=";
+        };
+
+        installTargets = [ "install" ];
+        outputs = [ "out" ];
+      };
+    })
+  ];
+
+  virtualisation.containerd.enable = true;
+  environment.systemPackages = with pkgs; [
+    kompose
+    kubectl
+    kubernetes
+    argocd
+    openiscsi
+    nfs-utils
+  ];
+
+  networking.useNetworkd = true;
+  networking.extraHosts = ''
+    ${kubeMasterIP} ${kubeMasterHostname} 
+      192.168.50.82  botkube'';
+  services.kubernetes = let
+    api = "https://${kubeMasterHostname}:${toString kubeMasterAPIServerPort}";
+  in {
+    roles = [ "node" ];
+    masterAddress = kubeMasterHostname;
+    easyCerts = true;
+    apiserver.allowPrivileged = true;
+
+    # point kubelet and other services to kube-apiserver
+    kubelet.kubeconfig.server = api;
+    apiserverAddress = api;
+
+    # use coredns
+    addons.dns.enable = true;
+
+    # needed if you use swap
+    kubelet.extraOpts =
+      "--fail-swap-on=false --resolv-conf=/run/systemd/resolve/resolv.conf";
+  };
+
+  systemd.services."forward-argocd" = {
+    enable = true;
+    description =
+      "forwards argocd running on kubernetes to argocd.spoodythe.one";
+    after = [ "network-online.target" "kubelet.service" ];
+    wants = [ "network-online.target" ];
+    wantedBy = [ "multi-user.target" ];
+
+    script = ''
+      ${pkgs.kubernetes}/bin/kubectl port-forward svc/argocd-server -n argocd --address 0.0.0.0 4325:80 
+    '';
+    serviceConfig = { User = "botserver"; };
+  };
+}