From 7d9d2a93df544f82efec881aede057152da3d950 Mon Sep 17 00:00:00 2001
From: Pierre Bourdon <delroth@gmail.com>
Date: Sun, 23 Jun 2024 14:13:53 +0200
Subject: [PATCH] modules: add bagel-container

---
 hosts/epyc.nix              |  1 +
 modules/bagel-container.nix | 26 ++++++++++++++++++++++++++
 2 files changed, 27 insertions(+)
 create mode 100644 modules/bagel-container.nix

diff --git a/hosts/epyc.nix b/hosts/epyc.nix
index 86a172b..eb9e483 100644
--- a/hosts/epyc.nix
+++ b/hosts/epyc.nix
@@ -13,6 +13,7 @@ in
     ../modules/android-cache.nix
     ../modules/garage.nix
     ../modules/users/friends.nix
+    ../modules/bagel-container.nix
   ];
 
   networking.hostName = "epyc";
diff --git a/modules/bagel-container.nix b/modules/bagel-container.nix
new file mode 100644
index 0000000..f7562dd
--- /dev/null
+++ b/modules/bagel-container.nix
@@ -0,0 +1,26 @@
+# Stateful/mutable container used for Bagel (tm) related infra (mostly
+# rebuilding nixpkgs a lot).
+#
+# System image is stored at /var/lib/machines/bagel.
+{
+  systemd.nspawn.bagel = {
+    execConfig = {
+      Boot = true;
+      Ephemeral = false;
+      PrivateUsers = true;
+      NotifyReady = true;
+      LinkJournal = "try-guest";
+    };
+
+    networkConfig = {
+      Bridge = "wan-br";
+    };
+  };
+
+  systemd.services."systemd-nspawn@bagel" = {
+    wantedBy = [ "machines.target" ];
+    wants = [ "network.target" ];
+    after = [ "network.target" ];
+    overrideStrategy = "asDropin";
+  };
+}