feat: added defenseio miner

modules/nixos/default.nix

@@ -16,7 +16,8 @@ in
           sddm
           wireguard
           microvm
-          midnight
+          defenseio
+          # midnight
           ;
       };
     };
@@ -31,7 +32,8 @@ in
           plymouth
           wireguard
           microvm
-          midnight
+          defenseio
+          # midnight
           ;
       };
     };
@@ -40,7 +42,8 @@ in
       imports = builtins.attrValues {
         inherit (modules)
           microvm
-          midnight
+          defenseio
+          # midnight
           ;
       };
     };
@@ -60,7 +63,7 @@ in
           # logrotate
           mastodon
           microvm
-          midnight
+          # midnight
           minecraft
           # ollamaCeres
           ceresOpenCloud
@@ -72,6 +75,7 @@ in
           vaultwarden
           website
           zookeeper
+          defenseio
           ;
       };
     };
@@ -83,10 +87,11 @@ in
           caddy
           logrotate
           microvm
-          midnight
+          # midnight
           # opencloud
           sambaEris
           postgresEris
+          defenseio
           ;
       };
     };

modules/nixos/guests/defenseio/default.nix

@@ -0,0 +1,174 @@
+{
+  flake,
+  pkgs,
+  config,
+  ...
+}:
+let
+  inherit (flake.config.people) user0;
+  inherit (flake.config.machines) devices;
+
+  mars = devices.mars.name;
+  ceres = devices.ceres.name;
+  eris = devices.eris.name;
+  deimos = devices.deimos.name;
+  phobos = devices.phobos.name;
+
+  hostname = config.networking.hostName;
+
+  deviceLogic =
+    var0: var1: var2: var3: var4:
+    if hostname == ceres then
+      var0
+    else if hostname == eris then
+      var1
+    else if hostname == mars then
+      var2
+    else if hostname == deimos then
+      var3
+    else if hostname == phobos then
+      var4
+    else
+      var0;
+
+  macOctet = deviceLogic "57" "58" "59" "60" "61";
+in
+
+{
+  microvm = {
+    vms = {
+      defenseio = {
+        autostart = true;
+        config =
+          let
+            macAddress = "02:00:00:00:00:${macOctet}";
+            workers = deviceLogic 35 4 18 5 6;
+          in
+          {
+            environment.systemPackages = [
+              pkgs.git
+              pkgs.ncurses
+              pkgs.python313
+            ];
+
+            microvm = {
+              forwardPorts = [
+                {
+                  from = "host";
+                  host.port = 2058;
+                  guest.port = 22;
+                }
+              ];
+              hypervisor = "qemu";
+              interfaces = [
+                {
+                  type = "user";
+                  id = "uservm-dfo";
+                  mac = macAddress;
+                }
+              ];
+              mem = deviceLogic 45000 5120 22000 6144 7168;
+              shares = [
+                {
+                  mountPoint = "/nix/.ro-store";
+                  proto = "virtiofs";
+                  source = "/nix/store";
+                  tag = "read_only_nix_store";
+                }
+                {
+                  mountPoint = "/var/lib/defenseio-data";
+                  proto = "virtiofs";
+                  source = "/var/lib/defenseio-data";
+                  tag = "defenseio_data";
+                }
+              ];
+              vcpu = workers;
+            };
+
+            networking.firewall.allowedTCPPorts = [
+              22
+            ];
+
+            services = {
+              openssh = {
+                enable = true;
+                settings.PasswordAuthentication = false;
+              };
+            };
+
+            system.stateVersion = "25.05";
+
+            systemd = {
+              network = {
+                enable = true;
+                networks."20-user" = {
+                  matchConfig.MACAddress = macAddress;
+                  networkConfig = {
+                    DHCP = "yes";
+                  };
+                };
+              };
+
+              tmpfiles.rules = [
+                "d /var/lib/defenseio-data 0755 root root - -"
+              ];
+
+              services = {
+                defenseio-miner = {
+                  after = [ "network-online.target" ];
+                  description = "DefenseIOMiner - DFO token miner";
+                  serviceConfig = {
+                    Environment = [
+                      "PATH=/run/current-system/sw/bin"
+                      "TERM=xterm-256color"
+                    ];
+                    ExecStartPre = pkgs.writeShellScript "setup-miner" ''
+                      # Create venv if not already present (persists on virtiofs mount)
+                      if [ ! -d /var/lib/defenseio-data/venv ]; then
+                        ${pkgs.python313}/bin/python -m venv /var/lib/defenseio-data/venv
+                      fi
+
+                      # Install/upgrade dependencies
+                      /var/lib/defenseio-data/venv/bin/pip install --upgrade pip
+                      /var/lib/defenseio-data/venv/bin/pip install requests pycardano cbor2 portalocker
+
+                      # Clone repo if not already present
+                      if [ ! -d /var/lib/defenseio-data/MidnightMiner ]; then
+                        cd /var/lib/defenseio-data
+                        ${pkgs.git}/bin/git clone https://github.com/djeanql/MidnightMiner.git
+                      else
+                        cd /var/lib/defenseio-data/MidnightMiner
+                        ${pkgs.git}/bin/git pull
+                      fi
+
+                      # Show current commit
+                      cd /var/lib/defenseio-data/MidnightMiner
+                      echo "Current commit: $(${pkgs.git}/bin/git log -1 --format='%h - %s')"
+                    '';
+                    ExecStart = pkgs.writeShellScript "run-miner" ''
+                      export PATH=/run/current-system/sw/bin:$PATH
+                      cd /var/lib/defenseio-data/MidnightMiner
+                      /var/lib/defenseio-data/venv/bin/python miner.py --defensio --workers ${toString workers} --no-donation
+                    '';
+                    Restart = "always";
+                    RestartSec = 10;
+                  };
+                  wants = [ "network-online.target" ];
+                  wantedBy = [ "multi-user.target" ];
+                };
+              };
+            };
+
+            time.timeZone = "America/Winnipeg";
+
+            users.users.root.openssh.authorizedKeys.keys = flake.config.people.users.${user0}.sshKeys;
+
+          };
+      };
+    };
+  };
+  systemd.tmpfiles.rules = [
+    "d /var/lib/defenseio-data 0751 microvm wheel - -"
+  ];
+
+}

modules/nixos/guests/jellyfin/default.nix

@@ -82,7 +82,7 @@ in
         systemd.services.systemd-networkd.wantedBy = [ "multi-user.target" ];
 
         microvm = {
-          vcpu = 6;
+          vcpu = 8;
           mem = 8192;
           hypervisor = "qemu";
           interfaces = [

modules/nixos/guests/projectSite/default.nix

@@ -78,7 +78,6 @@ in
     };
   };
 
-  # Host Caddy
   services.caddy = {
     enable = true;
     virtualHosts.${host}.extraConfig = ''
@@ -86,7 +85,6 @@ in
     '';
   };
 
-  # ACME cert
   security.acme.certs.${host} = {
     dnsProvider = instances.web.dns.provider1;
     environmentFile = config.sops.secrets."dns/${instances.web.dns.provider1}".path;

profiles/user0/files/misc/justfile.nix

@@ -9,16 +9,16 @@ let
   inherit (flake.config.services) instances;
   hostname = config.networking.hostName;
   dotPath = "~/projects/dotfiles";
-  mkLocalRebuild = type: ''
+  mkLocalRebuild = ''
-    ${type}-rebuild:
+    rebuild:
-      nixos-rebuild ${type} --sudo --flake ${dotPath}#${hostname} --show-trace
+      nixos-rebuild switch --sudo --flake ${dotPath}#${hostname} --show-trace
   '';
   mkRemoteRebuild = name: ip: ''
-    ${name}-rebuild:
+    rebuild-${name}:
        nixos-rebuild switch --flake ${dotPath}#${name} --target-host ${ip} --sudo --ask-sudo-password --show-trace
   '';
   mkSshCommands = name: ip: ''
-    ${name}-ssh:
+    ${name}:
       ssh ${ip}
   '';
   mkMicrVMSshCommands = name: ssh: ''
@@ -43,14 +43,7 @@ let
       (command instances.firefly-iii.name instances.firefly-iii.interface.ssh)
       (command instances.mastodon.name instances.mastodon.interface.ssh)
     ];
-  typeLabels =
+  localRebuild = mkLocalRebuild;
-    type:
-    lib.concatStrings [
-      (type "switch")
-      (type "build")
-      (type "boot")
-    ];
-  localRebuild = typeLabels mkLocalRebuild;
   remoteRebuild = systemRecords mkRemoteRebuild;
   sshCommand = systemRecords mkSshCommands;
   microVMSshCommand = instanceRecords mkMicrVMSshCommands;