Kyle Isom
768e9a61dc
BIOS boot with GRUB on /dev/xvda, MCP agent via systemd, mc-proxy and MCNS as containers via MCP agent. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
25 lines
719 B
Nix
25 lines
719 B
Nix
{ inputs, lib, ... }:
|
|
|
|
{
|
|
imports = [
|
|
./hardware-configuration.nix
|
|
./disk-config.nix
|
|
../../configs/mcpkg.nix
|
|
../../configs/mcp.nix
|
|
];
|
|
|
|
config = {
|
|
# svc is BIOS, not UEFI — override baseline systemd-boot.
|
|
boot.loader.systemd-boot.enable = lib.mkForce false;
|
|
boot.loader.grub.enable = true;
|
|
boot.loader.grub.device = "/dev/xvda";
|
|
|
|
# mc-proxy (container) binds 443; MCNS (container) binds 53; MCP agent on 9555.
|
|
networking.firewall.allowedTCPPorts = [ 53 443 9555 ];
|
|
networking.firewall.allowedUDPPorts = [ 53 ];
|
|
|
|
# Allow rootless containers to bind privileged ports (mc-proxy :443, MCNS :53).
|
|
boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = 0;
|
|
};
|
|
}
|