{ config, lib, pkgs, ... }: with lib; { boot = { initrd = { availableKernelModules = [ "ehci_pci" "ahci" "isci" "usbhid" "usb_storage" "sd_mod" ]; kernelModules = [ "dm-snapshot" ]; }; kernelModules = [ "kvm-intel" ]; extraModulePackages = [ ]; loader.grub = { enable = true; device = "/dev/sda"; }; supportedFilesystems = [ "btrfs" ]; }; system.stateVersion = "21.11"; fileSystems = { "/" = { device = "root-tmpfs"; fsType = "tmpfs"; options = [ "mode=755" "noexec" ]; }; "/boot" = { device = "/dev/disk/by-label/boot"; fsType = "ext4"; options = [ "noexec" "noatime" "nodiratime" ]; }; "/nix" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = [ "subvol=@nix" "compress=zstd" "noatime" "nodiratime" ]; }; "/var/log" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = [ "subvol=@logs" "compress=zstd" "noatime" "nodiratime" "noexec" ]; neededForBoot = true; }; "/state" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = [ "subvol=@state" "compress=zstd" "noatime" "nodiratime" "noexec" ]; }; "/var/lib/acme" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = [ "subvol=@acme" "compress=zstd" "noatime" "nodiratime" "noexec" ]; }; "/var/lib/prometheus" = { device = "/dev/disk/by-label/data"; fsType = "btrfs"; options = [ "subvol=@prometheus" "compress=zstd" "noatime" "nodiratime" "noexec" ]; }; }; swapDevices = [{ device = "/dev/disk/by-label/swap"; }]; networking = { macvlans = { extif0 = { interface = "eno1"; mode = "bridge"; }; }; useDHCP = false; interfaces = { extif0 = { macAddress = pkgs.lib.network.generate-mac-address config.instance.hostname "extif0"; }; }; }; }