1 files changed, 45 insertions, 7 deletions

diff --git a/machines/nixos/x86_64-linux/synology-vm/default.nix b/machines/nixos/x86_64-linux/synology-vm.nix
index c1b2270..702f8b4 100644
--- a/machines/nixos/x86_64-linux/synology-vm/default.nix
+++ b/machines/nixos/x86_64-linux/synology-vm.nix
@@ -1,20 +1,53 @@
 {
+  modulesPath,
   lib,
   adminUser,
   config,
   ...
 }:
 {
+  age = {
+    secrets = {
+      restic_gcs_credentials = {
+        file = ../../../secrets/restic_gcs_credentials.age;
+      };
+      restic_password = {
+        file = ../../../secrets/restic_password.age;
+      };
+      nas_client_credentials = {
+        file = ../../../secrets/nas_client.age;
+      };
+      wireguard = {
+        file = ../../../secrets/vm-synology/wireguard.age;
+      };
+    };
+  };
+
   imports = [
-    ./disks.nix
-    ./hardware.nix
-    ./secrets.nix
-    ./profiles/goget.nix
-    ../../../../profiles/defaults.nix
-    ../../../../profiles/server.nix
-    ../../../../profiles/cgroups.nix
+    (modulesPath + "/profiles/qemu-guest.nix")
+    (modulesPath + "/installer/scan/not-detected.nix")
+    ../../../profiles/defaults.nix
+    ../../../profiles/server.nix
+    ../../../profiles/cgroups.nix
+    ../../../profiles/disk/basic-vm.nix
   ];
 
+  boot.initrd.availableKernelModules = [
+    "ata_piix"
+    "uhci_hcd"
+    "virtio_pci"
+    "virtio_scsi"
+    "sd_mod"
+    "sr_mod"
+  ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-amd" ];
+  boot.extraModulePackages = [ ];
+
+  swapDevices = [ ];
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+
   boot.loader.efi.canTouchEfiVariables = true;
   boot.loader.systemd-boot.enable = true;
 
@@ -79,6 +112,11 @@
     };
   };
 
+  services.goget = {
+    enable = true;
+    openFirewall = true;
+  };
+
   networking.firewall.allowedUDPPorts = [ 51871 ];
 
   system.stateVersion = "23.11"; # Did you read the comment?