From dd7b32ac517d0e60cd86bc213415ad5880c7cc6d Mon Sep 17 00:00:00 2001
From: plasmagoat <david.mikael@proton.me>
Date: Sat, 7 Jun 2025 04:33:52 +0200
Subject: [PATCH] new base image

---
 .forgejo/workflows/build-image.yml    |  2 +-
 nixos/base.nix                        | 15 +++++++++++++++
 nixos/configuration.nix               | 14 +++++++-------
 nixos/flake.nix                       |  6 +++---
 nixos/hosts/monitoring/prometheus.nix |  3 +++
 5 files changed, 29 insertions(+), 11 deletions(-)
 create mode 100644 nixos/base.nix

diff --git a/.forgejo/workflows/build-image.yml b/.forgejo/workflows/build-image.yml
index a7c7e74..1782b7b 100644
--- a/.forgejo/workflows/build-image.yml
+++ b/.forgejo/workflows/build-image.yml
@@ -30,7 +30,7 @@ jobs:
 
       - name: Build NixOS image
         working-directory: nixos
-        run: nix build .#base
+        run: nix build .#proxmoxTemplate
 
       - name: Upload & Restore to Proxmox
         working-directory: nixos
diff --git a/nixos/base.nix b/nixos/base.nix
new file mode 100644
index 0000000..b1692cc
--- /dev/null
+++ b/nixos/base.nix
@@ -0,0 +1,15 @@
+{ config, pkgs, ... }: {
+  system.stateVersion = "24.05";
+
+  services.openssh.enable = true;
+  services.qemuGuest.enable = true;
+
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCeg/n/vst9KME8byhxX2FhA+FZNQ60W38kkNt45eNzK5zFqBYuwo1nDXVanJSh9unRvB13b+ygpZhrb4sHvkETGWiEioc49MiWr8czEhu6Wpo0vv5MAJkiYvGZUYPdUW52jUzWcYdw8PukG2rowrxL5G0CmsqLwHMPU2FyeCe5aByFI/JZb8R80LoEacgjUiipJcoLWUVgG2koMomHClqGu+16kB8nL5Ja3Kc9lgLfDK7L0A5R8JXhCjrlEsmXbxZmwDKuxvjDAZdE9Sl1VZmMDfWkyrRlenrt01eR3t3Fec6ziRm5ZJk9e2Iu1DPoz+PoHH9aZGVwmlvvnr/gMF3OILxcqb0qx+AYlCCnb6D6pJ9zufhZkKcPRS1Q187F6fz+v2oD1xLZWFHJ92+7ItM0WmbDOHOC29s5EA6wNm3iXZCq86OI3n6T34njDtPqh6Z7Pk2sdK4GBwnFj4KwEWXvdKZKSX1qb2EVlEBE9QI4Gf3eg4SiBu2cAFt3nOSzs8c= asol\\dbs@ALPHA-DBS-P14sG2"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICUP7m8jZJiclZGfSje8CeBYFhX10SrdtjYziuChmj1X plasmagoat@macbook-air"
+  ];
+
+  # Disables KVM-specific features
+  virtualisation.useKvm = false;
+  virtualisation.virtualbox.guest.enable = false;
+}
diff --git a/nixos/configuration.nix b/nixos/configuration.nix
index b3d8794..d629197 100644
--- a/nixos/configuration.nix
+++ b/nixos/configuration.nix
@@ -61,9 +61,9 @@
 
     # Default filesystem on
     fileSystems."/" = lib.mkDefault {
-        device = "/dev/disk/by-label/nixos";
-        autoResize = true;   # grow on first boot
-        fsType = "ext4";
+      device = "/dev/disk/by-label/nixos";
+      autoResize = true;   # grow on first boot
+      fsType = "ext4";
     };
 
     # Timezone & Keyboard
@@ -72,10 +72,10 @@
 
     # Default set of packages
     environment.systemPackages = with pkgs; [
-        vim    # emergencies
-        git    # pulling flakes, code
-        curl   # downloading things
-        python3  # for Ansible if needed on live VM
+      vim    # emergencies
+      git    # pulling flakes, code
+      curl   # downloading things
+      python3  # for Ansible if needed on live VM
     ];
 
     # Nix settings (cache, experimental, gc)
diff --git a/nixos/flake.nix b/nixos/flake.nix
index 7e58a47..5e01942 100644
--- a/nixos/flake.nix
+++ b/nixos/flake.nix
@@ -70,9 +70,9 @@
       ################################################################################
 
       # 1) Existing Proxmox “base” image generator
-      base = nixos-generators.nixosGenerate {
+      proxmoxTemplate = nixos-generators.nixosGenerate {
         system = "x86_64-linux";
-        modules = [ ./templates/base.nix ];
+        modules = [ ./base.nix ];
         format  = "proxmox";  # outputs a .vma.zst suitable for qmrestore
       };
 
@@ -100,7 +100,7 @@
       #     • docker             → `nix build .#docker`     (docker template)
       ################################################################################
       packages.x86_64-linux = {
-        base = base;
+        proxmoxTemplate = proxmoxTemplate;
         docker = docker;
       };
     };
diff --git a/nixos/hosts/monitoring/prometheus.nix b/nixos/hosts/monitoring/prometheus.nix
index 6eed8bc..55eabd4 100644
--- a/nixos/hosts/monitoring/prometheus.nix
+++ b/nixos/hosts/monitoring/prometheus.nix
@@ -5,6 +5,7 @@ let
   traefik_ip = "traefik.lab";
   sandbox_ip = "sandbox.lab";
   forgejo_ip = "forgejo.lab";
+  runner01_ip = "forgejo-runner-01.lab";
   dnsmasq_ip = "dns.lab";
 
   prometheus_exporter_port = 9100;
@@ -23,12 +24,14 @@ let
         "${traefik_ip}:${toString prometheus_exporter_port}"
         "${sandbox_ip}:${toString prometheus_exporter_port}"
         "${forgejo_ip}:${toString prometheus_exporter_port}"
+        "${runner01_ip}:${toString prometheus_exporter_port}"
     ];
     promtail = [
         "${monitor_ip}:${toString promtail_port}"
         "${traefik_ip}:${toString promtail_port}"
         "${sandbox_ip}:${toString promtail_port}"
         "${forgejo_ip}:${toString promtail_port}"
+        "${runner01_ip}:${toString promtail_port}"
     ];
     grafana = [ "${monitor_ip}:${toString grafana_port}" ];
     prometheus = [ "${monitor_ip}:${toString prometheus_port}" ];