Makefile

@@ -318,6 +318,14 @@ isc-dhcp:
 
 container_registry=harbor.home.wugi.info
 .ONESHELL:
+mumble:
+	set -o nounset -o errexit -o pipefail -o xtrace
+	commit_8=$$(git rev-parse HEAD | cut -c -8)
+	container=$$(guix time-machine --channels=dotfiles/channels-guix-mumble.scm -- system image --max-layers=100 -t docker --network dotfiles/guixsd/docker-image-mumble.scm)
+	skopeo copy docker-archive\:$$container docker://$(container_registry)/library/$@:$$commit_8
+
+container_registry=harbor.home.wugi.info
+.ONESHELL:
 guix-image-workstation: dotfiles/guixsd/modules/home/config/openssh.scm.gpg
 	set -o nounset -o errexit -o pipefail -o xtrace
 	commit_8=$$(git rev-parse HEAD | cut -c -8)
@@ -332,5 +340,13 @@ nix-update-inputs:
 container-systemd-taskexecutor:
 	$(MAKE) -C dotfiles/nix/container-systemd-taskexecutor
 
+container_registry=harbor.home.wugi.info
+.ONESHELL:
+workstation-controller:
+	set -o nounset -o errexit -o pipefail -o xtrace
+	commit_8=$$(git rev-parse HEAD | cut -c -8)
+	$(MAKE) -C src/go/workstation-controller docker-build IMG=$(container_registry)/library/$@:$$commit_8
+	$(MAKE) -C src/go/workstation-controller docker-push IMG=$(container_registry)/library/$@:$$commit_8
+
 .PHONY: all
 all: dotfiles/scripts/nix-ssh-known-hosts-to-file.scm

apps/base/workstation-controller/manager/kustomization.yaml

@@ -5,4 +5,4 @@ kind: Kustomization
 images:
 - name: controller
   newName: harbor.home.wugi.info/library/workstation-controller
-  newTag: 8e31e2ab
+  newTag: 97442701

dotfiles/channels-guix-mumble.scm

@@ -0,0 +1,11 @@
+(list (channel
+       (name 'guix)
+       (url "https://cgit.wugi.info/git/guix/guix")
+       (branch "master")
+       (commit
+        "4b5f0408e66392ab745dc0f7830732217d88f17d")
+       (introduction
+        (make-channel-introduction
+         "9edb3f66fd807b096b48283debdcddccfea34bad"
+         (openpgp-fingerprint
+          "BBB0 2DDF 2CEA F6A8 0D1D  E643 A2A0 6DF2 A33A 54FA")))))

dotfiles/guixsd/docker-image-mumble.scm

@@ -0,0 +1,38 @@
+;; This is an operating system configuration template for a "Docker image"
+;; setup, so it has barely any services at all.
+
+(use-modules (gnu)
+             (gnu packages base)
+             (gnu packages bash)
+             (gnu services networking))
+
+(operating-system
+  (host-name "isc-dhcp")
+  (timezone "Europe/Moscow")
+  (locale "en_US.utf8")
+
+  ;; Because the system will run in a Docker container, we may omit many
+  ;; things that would normally be required in an operating system
+  ;; configuration file.  These things include:
+  ;;
+  ;;   * bootloader
+  ;;   * file-systems
+  ;;   * services such as mingetty, udevd, slim, networking, dhcp
+  ;;
+  ;; Either these things are simply not required, or Docker provides
+  ;; similar services for us.
+
+  ;; This will be ignored.
+  (bootloader (bootloader-configuration
+               (bootloader grub-bootloader)
+               (targets '("does-not-matter"))))
+  ;; This will be ignored, too.
+  (file-systems (list (file-system
+                        (device "does-not-matter")
+                        (mount-point "/")
+                        (type "does-not-matter"))))
+
+  (services (list (syslog-service)
+                  (service special-files-service-type
+                           `(("/bin/sh" ,(file-append bash "/bin/sh"))
+                             ("/usr/bin/env" ,(file-append coreutils "/bin/env")))))))

dotfiles/run/guixsd/00-run.sh

@@ -3,6 +3,6 @@
 set -e
 
 ./01-luks.sh
-./02-dri.sh
+./07-virsh.sh
 ./04-kubelet.sh
 ./08-openwrt.sh

src/go/workstation-controller/internal/controller/workstation_controller.go

@@ -84,7 +84,7 @@ func (r *WorkstationReconciler) CreateWorkstationPod(ctx context.Context, req ct
 	var HostPathFile corev1.HostPathType = "File"
 	var HostPathSocket corev1.HostPathType = "Socket"
 	var guixShmQuantity resource.Quantity = resource.MustParse("1Gi")
-	var guixTmpQuantity resource.Quantity = resource.MustParse("16Gi") // Bootstrap requires a lot of disk space.
+	var guixTmpQuantity resource.Quantity = resource.MustParse("32Gi")
 	var guixRunQuantity resource.Quantity = resource.MustParse("512M")
 	var nixosVarLibDockerQuantity resource.Quantity = resource.MustParse("16G")
 
@@ -341,7 +341,7 @@ rm -f /home/oleg/.gnupg/gpg-agent.conf /home/oleg/.gnupg/gpg.conf`,
 					Name: "guix-tmp",
 					VolumeSource: corev1.VolumeSource{
 						EmptyDir: &corev1.EmptyDirVolumeSource{
-							Medium:    corev1.StorageMediumMemory,
+							Medium:    corev1.StorageMediumDefault,
 							SizeLimit: &guixTmpQuantity,
 						},
 					},
@@ -606,7 +606,7 @@ fi
 					Name: "archlinux-tmp",
 					VolumeSource: corev1.VolumeSource{
 						EmptyDir: &corev1.EmptyDirVolumeSource{
-							Medium:    corev1.StorageMediumMemory,
+							Medium:    corev1.StorageMediumDefault,
 							SizeLimit: &guixTmpQuantity,
 						},
 					},
@@ -717,7 +717,7 @@ fi
 					Name: "gentoo-tmp",
 					VolumeSource: corev1.VolumeSource{
 						EmptyDir: &corev1.EmptyDirVolumeSource{
-							Medium:    corev1.StorageMediumMemory,
+							Medium:    corev1.StorageMediumDefault,
 							SizeLimit: &guixTmpQuantity,
 						},
 					},
@@ -829,7 +829,7 @@ fi
 					Name: "kali-rolling-tmp",
 					VolumeSource: corev1.VolumeSource{
 						EmptyDir: &corev1.EmptyDirVolumeSource{
-							Medium:    corev1.StorageMediumMemory,
+							Medium:    corev1.StorageMediumDefault,
 							SizeLimit: &guixTmpQuantity,
 						},
 					},