autonomic-bot
433ec9de30
flake.nix/flake.lock STAY at root so the build ref #cc-ci is unchanged; only flake's internal configuration.nix path updated. Root-relative refs inside moved modules re-based ../X -> ../../X (secrets/bridge/dashboard); configuration.nix's ../../modules imports unchanged (both dirs under nix/). Living docs (README, architecture/install/secrets/enroll) + .drone.yml comment updated to nix/...; append-only history logs left as-is. DECISIONS.md records RL5 + the deferred-coordinated RL6. Verified on cc-ci: nixos-rebuild build 'path:#cc-ci' -> toplevel 8i3jcad9 (BYTE-IDENTICAL to the pre-move build — store derivations are content-addressed on file contents, module .nix not in the runtime closure); scripts/lint.sh -> lint: PASS. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
22 lines
628 B
Nix
22 lines
628 B
Nix
# Hardware / platform for cc-ci: an Incus VM (x86_64) on the autonomic infra.
|
|
# Mirrors the pre-flake baseline (docs/baseline.md).
|
|
{ modulesPath, ... }:
|
|
{
|
|
imports = [
|
|
"${modulesPath}/virtualisation/incus-virtual-machine.nix"
|
|
];
|
|
|
|
# incus-agent for `incus exec`
|
|
virtualisation.incus.agent.enable = true;
|
|
|
|
# cloud-init seeded the VM (network + /etc/ts-* files); keep it enabled.
|
|
services.cloud-init = {
|
|
enable = true;
|
|
network.enable = true;
|
|
};
|
|
|
|
# DHCP from the incus bridge; bridge provides no resolver, so set our own.
|
|
networking.useDHCP = true;
|
|
networking.nameservers = [ "1.1.1.1" "8.8.8.8" ];
|
|
}
|