Compare commits
2 Commits
b9117bf8ad
...
9ab0eb3fb2
| Author | SHA1 | Date | |
|---|---|---|---|
|
9ab0eb3fb2
|
||
|
|
0b3b5c5063
|
52
flake.nix
52
flake.nix
@@ -90,7 +90,22 @@
|
|||||||
mem = 8192;
|
mem = 8192;
|
||||||
extraModules = [({ pkgs, ... }: {
|
extraModules = [({ pkgs, ... }: {
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
nix = {
|
||||||
|
registry.nix-mcp = {
|
||||||
|
from = {
|
||||||
|
type = "github";
|
||||||
|
owner = "illustris";
|
||||||
|
repo = "nix-mcp";
|
||||||
|
};
|
||||||
|
to = nix-mcp;
|
||||||
|
};
|
||||||
|
settings.experimental-features = [ "nix-command" "flakes" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
services.openssh.enable = true;
|
||||||
|
users.users.root.openssh.authorizedKeys.keys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAm3qVkTmuYEayM3Vstruv8w5SM4K9riokAxUcpothhO illustris@illustris-thinkpad"
|
||||||
|
];
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
claude-code-bin
|
claude-code-bin
|
||||||
@@ -103,6 +118,9 @@
|
|||||||
|
|
||||||
microvm = {
|
microvm = {
|
||||||
writableStoreOverlay = "/nix/.rw-store";
|
writableStoreOverlay = "/nix/.rw-store";
|
||||||
|
forwardPorts = [
|
||||||
|
{ from = "host"; host.port = 2222; guest.port = 22; }
|
||||||
|
];
|
||||||
shares = [
|
shares = [
|
||||||
{
|
{
|
||||||
proto = "9p";
|
proto = "9p";
|
||||||
@@ -129,6 +147,29 @@
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# Create and loop-mount an ext4 image on the 9p data volume
|
||||||
|
# for the overlay upper/work (9p can't serve as overlayfs upper)
|
||||||
|
systemd.services.claude-overlay-img = {
|
||||||
|
description = "Create ext4 image for Claude overlay";
|
||||||
|
wantedBy = [ "var-lib-claude\\x2drw.mount" ];
|
||||||
|
before = [ "var-lib-claude\\x2drw.mount" ];
|
||||||
|
after = [ "var-lib-cc\\x2dsandbox.mount" ];
|
||||||
|
requires = [ "var-lib-cc\\x2dsandbox.mount" ];
|
||||||
|
unitConfig.DefaultDependencies = false;
|
||||||
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
RemainAfterExit = true;
|
||||||
|
ExecStart = pkgs.writeShellScript "claude-overlay-img" ''
|
||||||
|
img=/var/lib/cc-sandbox/claude-overlay.img
|
||||||
|
if [ ! -f "$img" ]; then
|
||||||
|
${pkgs.coreutils}/bin/truncate -s 128M "$img"
|
||||||
|
${pkgs.e2fsprogs}/bin/mkfs.ext4 -q "$img"
|
||||||
|
fi
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
# tmpfs backing for the writable nix store overlay
|
# tmpfs backing for the writable nix store overlay
|
||||||
"/nix/.rw-store" = {
|
"/nix/.rw-store" = {
|
||||||
@@ -137,11 +178,14 @@
|
|||||||
neededForBoot = true;
|
neededForBoot = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Claude config: ephemeral overlay on top of host's ~/.claude
|
# Loop-mounted ext4 image for overlay upper/work
|
||||||
"/var/lib/claude-rw" = {
|
"/var/lib/claude-rw" = {
|
||||||
fsType = "tmpfs";
|
device = "/var/lib/cc-sandbox/claude-overlay.img";
|
||||||
options = [ "size=128M" "mode=0700" ];
|
fsType = "ext4";
|
||||||
|
options = [ "loop" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Claude config: persistent overlay on top of host's ~/.claude
|
||||||
"/root/.claude".overlay = {
|
"/root/.claude".overlay = {
|
||||||
lowerdir = [ "/var/lib/claude-lower" ];
|
lowerdir = [ "/var/lib/claude-lower" ];
|
||||||
upperdir = "/var/lib/claude-rw/upper";
|
upperdir = "/var/lib/claude-rw/upper";
|
||||||
|
|||||||
Reference in New Issue
Block a user