example.nix

{
  network.storage.legacy.databasefile = "./deployment.nixops";

  example = { pkgs, lib, ... }: let
    use-virtual-split = true;

    makeNsPhysical = name: {
      systemd.services."${name}".serviceConfig.NetworkNamespacePath = "/var/run/netns/physical";
    };
  in
    {
      deployment.targetEnv = "virtualbox";

      imports = [
        # networkmanager units:
        (makeNsPhysical "NetworkManager")
        (makeNsPhysical "NetworkManager-dispatcher")
        (makeNsPhysical "NetworkManager-wait-online")
        (makeNsPhysical "ModemManager")

        # without networkmanager:
        (makeNsPhysical "dhcpcd")
      ];


      nixpkgs.overlays = [
        (
          self: super: {
            dhcpcd = builtins.trace "wtf" self.hello;
            systemd = self.hello;
          }
        )
      ];

      networking = {
        hostId = "deadbeef";

        # note: enabling networkmanager messes stuff up for nixops, as it expects a specific IP.
        # from the physical expr:
        # networking = {
        #    privateIPv4 = "192.168.56.104";
        # };
        # but, this can be fixed with nmtui manually adding the preferred IP after
        # `nixops show-physical`.
        #
        # networkmanager.enable = true;
      };
      boot = {
        loader.timeout = lib.mkForce 2;

        systemdExecutable = toString (
          pkgs.writeShellScript "systemd-shim" ''
            echo "Here come some shenanigans."
            set -eux
            ${pkgs.iproute}/bin/ip netns add virtual
            ${pkgs.coreutils}/bin/touch /var/run/netns/physical
            ${pkgs.utillinux}/bin/mount -o bind /proc/self/ns/net /var/run/netns/physical
            exec ${pkgs.iproute}/bin/ip netns exec ${if use-virtual-split then "virtual" else "physical"} systemd
          ''
        );
      };

      services.mingetty.autologinUser = "root";
    };
}