1# MicroVM configuration for aomi
 2#
 3# Ephemeral VMs for running Claude Code agents in isolation.
 4# VMs share host's /nix/store and mount specific workspaces.
 5#
 6# VM definitions come from globals.microvms, with host-specific overrides here.
 7#
 8# Usage:
 9#   sudo systemctl start microvm@claude-home
10#   ssh claude-home  # (uses ProxyJump via aomi.sbr.pm)
11#   cd /workspace && cc  # alias for claude --dangerously-skip-permissions
12#
13{
14  pkgs,
15  lib,
16  globals,
17  ...
18}:
19let
20  # Base VM config from globals, with aomi-specific overrides
21  vmOverrides = {
22    claude-home = {
23      vcpu = 8;
24      mem = 4096;
25      extraPackages = with pkgs; [
26        # Nix development
27        deadnix
28        statix
29        nixfmt
30        nix-prefetch-scripts
31        # Go (for tools in this repo)
32        go
33      ];
34    };
35    claude-tekton = {
36      vcpu = 8;
37      mem = 8192; # Tekton tests need more memory
38      extraPackages = with pkgs; [
39        # Go development
40        go
41        gopls
42        golangci-lint
43        ko
44        # Kubernetes
45        kubectl
46        kind
47        kubernetes-helm
48      ];
49    };
50    claude-nixpkgs = {
51      vcpu = 8;
52      mem = 8192; # nixpkgs builds need memory
53      extraPackages = with pkgs; [
54        # Nix tools
55        nixpkgs-review
56        nix-update
57        nurl
58        nix-init
59        nixfmt
60        deadnix
61        statix
62      ];
63    };
64  };
65
66  # Merge globals.microvms.vms with local overrides
67  # Filter out 'description' as it's only for documentation, not a VM option
68  mergedVms = lib.mapAttrs (
69    name: globalVm:
70    (lib.filterAttrs (k: _: k != "description") globalVm)
71    // (vmOverrides.${name} or { })
72    // {
73      autostart = false;
74    }
75  ) globals.microvms.vms;
76in
77{
78  imports = [ ../../modules/microvm ];
79
80  services.microvm-host = {
81    enable = true;
82
83    # Network configuration from globals
84    bridge = "microbr";
85    subnet = globals.microvms.subnet;
86    externalInterface = "enp0s31f6"; # ThinkPad P1 Gen3 ethernet
87
88    # State directory for persistent VM data (SSH keys, etc.)
89    stateDir = "/home/vincent/microvm";
90
91    # VM definitions (merged from globals + local overrides)
92    vms = mergedVms;
93  };
94}