kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
86c7afa080e5b116c374313488faf0d9e348439c
imladris/hw/straylight/default.nix
Kyle Isom 86c7afa080 straylight: KillMode=process for mcp-agent so unikernel VMs survive restarts 
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-11 12:59:50 -07:00

71 lines
3.0 KiB
Nix
Raw Blame History

{ inputs, pkgs, lib, ... }:
{
imports = [
./hardware-configuration.nix
../../configs/desktop.nix
../../configs/qemu.nix
../../configs/mcpkg.nix
../../configs/mcp.nix # MCP agent + mcp user (straylight is becoming the core host)
];
config = {
# straylight is the unikernel host. The shared mcp.nix locks the agent
# down with PrivateDevices=true, which hides /dev/kvm and /dev/net/tun.
# Relax that here (only on straylight) so the agent can boot Nanos
# unikernel VMs under QEMU/KVM and (Phase 2) manage TAP devices.
systemd.services.mcp-agent.serviceConfig = {
PrivateDevices = lib.mkForce false;
DeviceAllow = [ "/dev/kvm rw" "/dev/net/tun rw" ];
SupplementaryGroups = [ "kvm" ];
AmbientCapabilities = [ "CAP_NET_ADMIN" ];
# The agent launches each unikernel as a daemonized QEMU process in its
# own cgroup. With the default KillMode=control-group, restarting the
# agent would SIGKILL every running VM. KillMode=process kills only the
# agent's main process on stop/restart, so VMs survive an agent upgrade.
# (If a VM does die, the agent's startup Recover restarts it.)
KillMode = lib.mkForce "process";
};
# Let the mcp user reach /dev/kvm directly as well.
users.users.mcp.extraGroups = [ "kvm" ];
# Isolated host-only bridge for unikernel VMs (Phase 2). Each unikernel
# gets a TAP on this bridge and a 10.99.0.0/24 static IP. The bridge has
# NO uplink and NO NAT, and the firewall drops any VM traffic leaving the
# bridge, so a VM can reach only the host gateway (10.99.0.1) -- mediation
# is enforced by network topology, not convention.
networking.bridges.mcp-br0.interfaces = [ ];
networking.interfaces.mcp-br0.ipv4.addresses = [
{ address = "10.99.0.1"; prefixLength = 24; }
];
# The host accepts traffic from VMs (so mc-proxy on the gateway can serve
# them); the FORWARD drop prevents VMs from routing anywhere off-bridge.
networking.firewall.trustedInterfaces = [ "mcp-br0" ];
networking.firewall.extraCommands = ''
iptables -D FORWARD -i mcp-br0 ! -o mcp-br0 -j DROP 2>/dev/null || true
iptables -A FORWARD -i mcp-br0 ! -o mcp-br0 -j DROP
'';
networking.firewall.extraStopCommands = ''
iptables -D FORWARD -i mcp-br0 ! -o mcp-br0 -j DROP 2>/dev/null || true
'';
# Allow rootless containers (podman) to bind low ports (53 for MCNS,
# 443/8443/9443 for mc-proxy) as straylight takes over the core role.
boot.kernel.sysctl."net.ipv4.ip_unprivileged_port_start" = 53;
# Open ports: DNS (53), mc-proxy (443/8443/9443), agent (9444), master (9555).
networking.firewall.allowedTCPPorts = [ 53 443 8443 9443 9444 9555 ];
networking.firewall.allowedUDPPorts = [ 53 ];
# DNS: MCNS for internal zones, public resolvers as fallback.
networking.nameservers = [
"192.168.88.181"
"100.95.252.120"
"1.1.1.1"
"8.8.8.8"
];
services.resolved.domains = [
"~mcp.metacircular.net"
];
};
}
Reference in New Issue View Git Blame Copy Permalink