28 lines
553 B
Nix
28 lines
553 B
Nix
{ lib, ... }:
|
|
|
|
let
|
|
secrets = toString ./secrets;
|
|
in
|
|
|
|
{
|
|
imports = [
|
|
<nixpkgs/nixos/modules/virtualisation/qemu-vm.nix>
|
|
./configuration.nix
|
|
];
|
|
|
|
# Ensure secrets are accessible by the
|
|
# activation scripts at runtime.
|
|
virtualisation.qemu.options = [
|
|
"-virtfs local,path=${secrets},security_model=none,mount_tag=secrets"
|
|
];
|
|
fileSystems = lib.mkVMOverride {
|
|
"${secrets}" =
|
|
{ device = "secrets";
|
|
fsType = "9p";
|
|
options = [ "trans=virtio" "version=9p2000.L" ];
|
|
neededForBoot = true;
|
|
};
|
|
};
|
|
|
|
}
|