vizanto/hardware-configuration.nix

## hardware-configuration.nix
{ config, lib, pkgs, ... }:

{
  imports = [ ];

  ### SmartOS Linux Branded Zone specific configuration

  nix.extraOptions = ''
    build-users-group =
  '';
  boot.isContainer = lib.mkBefore true;
  networking.useDHCP = false;
  networking.firewall.enable = false;
  services.nscd.enable = false;
  systemd.services.systemd-udevd.unitConfig.ConditionVirtualization = "!other";
  systemd.services.smartos-init = {
    path = [ pkgs.bash ];
    wantedBy = [ "multi-user.target" ];
    serviceConfig = {
      Type = "oneshot";
      ExecStart = ''/lib/smartdc/joyent_rc.local'';
    };
  };

  # LX brand does not (yet?) support 'sandbox' privilege seperation
  # thus we set a working default instead:
  services.openssh.extraConfig = lib.mkBefore "UsePrivilegeSeparation yes";
}

## nixos-rebuild.sh
# nixos-rebuild switch
/nix/node/nixos-coordinator
building Nix...
building the system configuration...
activating the configuration...
ln: cannot remove '/dev/fd': No such file or directory
ln: cannot remove '/dev/stdin': No such file or directory
ln: cannot remove '/dev/stdout': No such file or directory
ln: cannot remove '/dev/stderr': No such file or directory
setting up /etc...
mount: unknown filesystem type 'none'
mount: unknown filesystem type 'none'
mount: unknown filesystem type 'none'
/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/dnsmasq: Permission denied
/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/libc: Permission denied
/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/named: Permission denied
/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/pdnsd: Permission denied
/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/unbound: Permission denied
warning: the following units failed: proc-sys-fs-binfmt_misc.automount, systemd-udevd-control.socket, systemd-udevd-kernel.socket

● systemd-udevd-kernel.socket - udev Kernel Socket
   Loaded: loaded (/nix/store/ncx9b20bpm584kbrp2gvzmdvsgvmgj2c-systemd-229/example/systemd/system/systemd-udevd-kernel.socket; bad; vendor preset: enabled)
   Active: failed (Result: service-start-limit-hit) since Sat 2016-03-19 14:27:05 UTC; 136ms ago
     Docs: man:systemd-udevd.service(8)
           man:udev(7)
   Listen: kobject-uevent 1 (Netlink)

● systemd-udevd-control.socket - udev Control Socket
   Loaded: loaded (/nix/store/ncx9b20bpm584kbrp2gvzmdvsgvmgj2c-systemd-229/example/systemd/system/systemd-udevd-control.socket; bad; vendor preset: enabled)
   Active: failed (Result: service-start-limit-hit) since Sat 2016-03-19 14:27:05 UTC; 168ms ago
     Docs: man:systemd-udevd.service(8)
           man:udev(7)
   Listen: /run/udev/control (SequentialPacket)

● proc-sys-fs-binfmt_misc.automount
   Loaded: loaded
   Active: failed (Result: resources)
    Where: /proc/sys/fs/binfmt_misc
warning: error(s) occurred while switching to the new configuration
	{ config, lib, pkgs, ... }:

	{
	imports = [ ];

	### SmartOS Linux Branded Zone specific configuration

	nix.extraOptions = ''
	build-users-group =
	'';
	boot.isContainer = lib.mkBefore true;
	networking.useDHCP = false;
	networking.firewall.enable = false;
	services.nscd.enable = false;
	systemd.services.systemd-udevd.unitConfig.ConditionVirtualization = "!other";
	systemd.services.smartos-init = {
	path = [ pkgs.bash ];
	wantedBy = [ "multi-user.target" ];
	serviceConfig = {
	Type = "oneshot";
	ExecStart = ''/lib/smartdc/joyent_rc.local'';
	};
	};

	# LX brand does not (yet?) support 'sandbox' privilege seperation
	# thus we set a working default instead:
	services.openssh.extraConfig = lib.mkBefore "UsePrivilegeSeparation yes";
	}
	# nixos-rebuild switch
	/nix/node/nixos-coordinator
	building Nix...
	building the system configuration...
	activating the configuration...
	ln: cannot remove '/dev/fd': No such file or directory
	ln: cannot remove '/dev/stdin': No such file or directory
	ln: cannot remove '/dev/stdout': No such file or directory
	ln: cannot remove '/dev/stderr': No such file or directory
	setting up /etc...
	mount: unknown filesystem type 'none'
	mount: unknown filesystem type 'none'
	mount: unknown filesystem type 'none'
	/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/dnsmasq: Permission denied
	/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/libc: Permission denied
	/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/named: Permission denied
	/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/pdnsd: Permission denied
	/nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/sbin/.resolvconf-wrapped: line 764: /nix/store/ar2h6j5xn2rcmfqm2j7bd26danhnswqh-openresolv-3.7.0/libexec/resolvconf/unbound: Permission denied
	warning: the following units failed: proc-sys-fs-binfmt_misc.automount, systemd-udevd-control.socket, systemd-udevd-kernel.socket

	● systemd-udevd-kernel.socket - udev Kernel Socket
	Loaded: loaded (/nix/store/ncx9b20bpm584kbrp2gvzmdvsgvmgj2c-systemd-229/example/systemd/system/systemd-udevd-kernel.socket; bad; vendor preset: enabled)
	Active: failed (Result: service-start-limit-hit) since Sat 2016-03-19 14:27:05 UTC; 136ms ago
	Docs: man:systemd-udevd.service(8)
	man:udev(7)
	Listen: kobject-uevent 1 (Netlink)

	● systemd-udevd-control.socket - udev Control Socket
	Loaded: loaded (/nix/store/ncx9b20bpm584kbrp2gvzmdvsgvmgj2c-systemd-229/example/systemd/system/systemd-udevd-control.socket; bad; vendor preset: enabled)
	Active: failed (Result: service-start-limit-hit) since Sat 2016-03-19 14:27:05 UTC; 168ms ago
	Docs: man:systemd-udevd.service(8)
	man:udev(7)
	Listen: /run/udev/control (SequentialPacket)

	● proc-sys-fs-binfmt_misc.automount
	Loaded: loaded
	Active: failed (Result: resources)
	Where: /proc/sys/fs/binfmt_misc
	warning: error(s) occurred while switching to the new configuration