nixos-demo/os/virtualization/microvm/default.nix

{
  config,
  flake,
  lib,
  ...
}:

{
  config = lib.mkIf (config.beancloud.software.splunk) {
    microvm = {
      vms = {
        k8s = {
          flake = flake;
          updateFlake = "git+https://code.beancloud.de/public/nixos-demo.git?ref=${config.beancloud.tier}";
          restartIfChanged = true;
        };
      };
      autostart = [
        "k8s"
      ];
    };

    environment.persistence = {
      persistence = {
        directories = [
          "/var/lib/microvms/"
        ];
      };
    };

    systemd.network = {
      networks."${config.beancloud.network.interface.lan}-k8s" = {
        enable = lib.mkDefault true;
        matchConfig.Name = [ "${config.beancloud.network.interface.lan}-k8s" ];
        linkConfig.RequiredForOnline = lib.mkDefault "routable";
        address = [
          "192.168.101.1/32"
        ];
        routes = [
          {
            Destination = "192.168.101.10/32";
          }
        ];
        networkConfig = {
          IPv4Forwarding = true;
        };
      };
    };

    beancloud.network.nat = true;
    networking.nat = {
      internalInterfaces = [ "${config.beancloud.network.interface.lan}-k8s" ];
      internalIPs = [ "192.168.101.0/24" ];
      forwardPorts = [
        {
          proto = "tcp";
          sourcePort = 10023;
          destination = "192.168.101.10:22";
        }
        {
          proto = "tcp";
          sourcePort = 8000;
          destination = "192.168.101.10:8000";
        }
        {
          proto = "tcp";
          sourcePort = 8089;
          destination = "192.168.101.10:8089";
        }
      ];
    };
  };
}