gistfile1.txt

{ inputs }:
let
  inherit (inputs) nixpkgs;

  system = "x86_64-linux";

  authorizedSshPubKeys = [ (import ../../../data.nix).authorized_keys.ssh_ca_user_root ];
in
inputs.minnows.lib.minnowsSystem {
  inherit system;

  metadata = {
    name = "sample-netboot-machine";
    description = "A Minnows system used for internal experimentation and continuous integration testing via netboot";
    flakeref = "minnows-sample-netboot-machine";
    attributes = {
      role = "debug";
    };
    tags = [
      "sample"
      "testing"
      "netboot"
    ];
  };

  platforms = {
    "demo-generic-x86_64" = {
      definition = inputs.platform-generic-x86_64.minnowsPlatforms.default;
    };
  };

  resources = {
    devices.console = {
      path = "/dev/console";
    };
    listeningPorts.ssh = {
      family = null;
      protocol = "tcp";
      port = 22;
    };
  };

  flows.boot-status = {
    definition = import inputs.flow-boot-status { self = inputs.self; };

    config = { };

    grantedCapabilities = {
      fullDeviceAccess = true;
      fullFilesystemAccess = true;
      runAsRoot = true;
      allowSystemDBusAccess = true;
    };

    grantAll = true;
  };

  flows.debug-shell = {
    definition = inputs.flow-debug-shell.minnowsFlows.default;
    config = {
      shell = "${nixpkgs.legacyPackages.${system}.bashInteractive}/bin/bash";
    };

    resources = {
      devices.console = "console";
    };

    grantAll = true;
  };

  flows.sshd = {
    definition = inputs.flow-sshd.minnowsFlows.default;
    config = {
      path = with inputs.nixpkgs.legacyPackages.${system}; [
        gnugrep
        usbutils
        ripgrep
        lshw
      ];
      authorizedKeys = authorizedSshPubKeys;
    };

    resources = {
      listeningPorts.port = "ssh";
    };

    grantedCapabilities = {
      fullDeviceAccess = true;
      fullFilesystemAccess = true;
    };

    grantAll = true;
  };
}