From 8ee72ba5fa250ffc047104e9d05992f7ea11402e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 15 Dec 2023 13:14:55 +0100 Subject: [PATCH 1/2] clanCore: refactor flake-module.nix into smaller files --- flake.nix | 1 - nixosModules/clanCore/default.nix | 17 +++ nixosModules/clanCore/flake-module.nix | 127 ------------------ .../{clan-imports/default.nix => imports.nix} | 0 nixosModules/clanCore/metadata.nix | 32 +++++ nixosModules/clanCore/outputs.nix | 76 +++++++++++ nixosModules/clanCore/schema.nix | 11 ++ nixosModules/flake-module.nix | 9 +- 8 files changed, 144 insertions(+), 129 deletions(-) create mode 100644 nixosModules/clanCore/default.nix delete mode 100644 nixosModules/clanCore/flake-module.nix rename nixosModules/clanCore/{clan-imports/default.nix => imports.nix} (100%) create mode 100644 nixosModules/clanCore/metadata.nix create mode 100644 nixosModules/clanCore/outputs.nix create mode 100644 nixosModules/clanCore/schema.nix diff --git a/flake.nix b/flake.nix index 7dc2e1e5..a515d40c 100644 --- a/flake.nix +++ b/flake.nix @@ -41,7 +41,6 @@ ./lib/flake-module.nix ./nixosModules/flake-module.nix - ./nixosModules/clanCore/flake-module.nix ]; }); } diff --git a/nixosModules/clanCore/default.nix b/nixosModules/clanCore/default.nix new file mode 100644 index 00000000..220fad60 --- /dev/null +++ b/nixosModules/clanCore/default.nix @@ -0,0 +1,17 @@ +{ + imports = [ + ./backups.nix + ./imports.nix + ./meshnamed + ./metadata.nix + ./networking.nix + ./nix-settings.nix + ./options.nix + ./outputs.nix + ./packages.nix + ./schema.nix + ./secrets + ./vm.nix + ./zerotier + ]; +} diff --git a/nixosModules/clanCore/flake-module.nix b/nixosModules/clanCore/flake-module.nix deleted file mode 100644 index 4d6dbe2e..00000000 --- a/nixosModules/clanCore/flake-module.nix +++ /dev/null @@ -1,127 +0,0 @@ -{ self, inputs, lib, ... }: { - flake.nixosModules.clanCore = { config, pkgs, options, ... }: { - imports = [ - ./backups.nix - ./clan-imports - ./secrets - ./zerotier - ./meshnamed - ./networking.nix - ./packages.nix - ./nix-settings.nix - inputs.sops-nix.nixosModules.sops - # just some example options. Can be removed later - ./vm.nix - ./options.nix - ]; - options.clanSchema = lib.mkOption { - type = lib.types.attrs; - description = "The json schema for the .clan options namespace"; - default = self.lib.jsonschema.parseOptions options.clan; - }; - options.clanCore = { - clanName = lib.mkOption { - type = lib.types.str; - description = '' - the name of the clan - ''; - }; - clanDir = lib.mkOption { - type = lib.types.either lib.types.path lib.types.str; - description = '' - the location of the flake repo, used to calculate the location of facts and secrets - ''; - }; - clanIcon = lib.mkOption { - type = lib.types.nullOr lib.types.path; - description = '' - the location of the clan icon - ''; - }; - machineName = lib.mkOption { - type = lib.types.str; - description = '' - the name of the machine - ''; - }; - clanPkgs = lib.mkOption { - default = self.packages.${pkgs.system}; - defaultText = "self.packages.${pkgs.system}"; - internal = true; - }; - }; - # TODO: factor these out into a separate interface.nix. - # Also think about moving these options out of `system.clan`. - # Maybe we should not re-use the already polluted confg.system namespace - # and instead have a separate top-level namespace like `clanOutputs`, with - # well defined options marked as `internal = true;`. - options.system.clan = lib.mkOption { - type = lib.types.submodule { - options = { - deployment.data = lib.mkOption { - type = lib.types.attrs; - description = '' - the data to be written to the deployment.json file - ''; - }; - deployment.file = lib.mkOption { - type = lib.types.path; - description = '' - the location of the deployment.json file - ''; - }; - deploymentAddress = lib.mkOption { - type = lib.types.str; - description = '' - the address of the deployment server - ''; - }; - secretsUploadDirectory = lib.mkOption { - type = lib.types.path; - description = '' - the directory on the deployment server where secrets are uploaded - ''; - }; - uploadSecrets = lib.mkOption { - type = lib.types.path; - description = '' - script to upload secrets to the deployment server - ''; - default = "${pkgs.coreutils}/bin/true"; - }; - generateSecrets = lib.mkOption { - type = lib.types.path; - description = '' - script to generate secrets - ''; - default = "${pkgs.coreutils}/bin/true"; - }; - vm.config = lib.mkOption { - type = lib.types.attrs; - description = '' - the vm config - ''; - }; - vm.create = lib.mkOption { - type = lib.types.path; - description = '' - json metadata about the vm - ''; - }; - }; - }; - description = '' - utility outputs for clan management of this machine - ''; - }; - # optimization for faster secret generate/upload and machines update - config = { - system.clan.deployment.data = { - inherit (config.system.clan) uploadSecrets generateSecrets; - inherit (config.clan.networking) deploymentAddress; - inherit (config.clanCore) secretsUploadDirectory; - }; - system.clan.deployment.file = pkgs.writeText "deployment.json" (builtins.toJSON config.system.clan.deployment.data); - }; - }; -} diff --git a/nixosModules/clanCore/clan-imports/default.nix b/nixosModules/clanCore/imports.nix similarity index 100% rename from nixosModules/clanCore/clan-imports/default.nix rename to nixosModules/clanCore/imports.nix diff --git a/nixosModules/clanCore/metadata.nix b/nixosModules/clanCore/metadata.nix new file mode 100644 index 00000000..77afc0ee --- /dev/null +++ b/nixosModules/clanCore/metadata.nix @@ -0,0 +1,32 @@ +{ lib, pkgs, ... }: { + options.clanCore = { + clanName = lib.mkOption { + type = lib.types.str; + description = '' + the name of the clan + ''; + }; + clanDir = lib.mkOption { + type = lib.types.either lib.types.path lib.types.str; + description = '' + the location of the flake repo, used to calculate the location of facts and secrets + ''; + }; + clanIcon = lib.mkOption { + type = lib.types.nullOr lib.types.path; + description = '' + the location of the clan icon + ''; + }; + machineName = lib.mkOption { + type = lib.types.str; + description = '' + the name of the machine + ''; + }; + clanPkgs = lib.mkOption { + defaultText = "self.packages.${pkgs.system}"; + internal = true; + }; + }; +} diff --git a/nixosModules/clanCore/outputs.nix b/nixosModules/clanCore/outputs.nix new file mode 100644 index 00000000..d60f8778 --- /dev/null +++ b/nixosModules/clanCore/outputs.nix @@ -0,0 +1,76 @@ +{ config, lib, pkgs, ... }: { + # TODO: factor these out into a separate interface.nix. + # Also think about moving these options out of `system.clan`. + # Maybe we should not re-use the already polluted confg.system namespace + # and instead have a separate top-level namespace like `clanOutputs`, with + # well defined options marked as `internal = true;`. + options.system.clan = lib.mkOption { + type = lib.types.submodule { + options = { + deployment.data = lib.mkOption { + type = lib.types.attrs; + description = '' + the data to be written to the deployment.json file + ''; + }; + deployment.file = lib.mkOption { + type = lib.types.path; + description = '' + the location of the deployment.json file + ''; + }; + deploymentAddress = lib.mkOption { + type = lib.types.str; + description = '' + the address of the deployment server + ''; + }; + secretsUploadDirectory = lib.mkOption { + type = lib.types.path; + description = '' + the directory on the deployment server where secrets are uploaded + ''; + }; + uploadSecrets = lib.mkOption { + type = lib.types.path; + description = '' + script to upload secrets to the deployment server + ''; + default = "${pkgs.coreutils}/bin/true"; + }; + generateSecrets = lib.mkOption { + type = lib.types.path; + description = '' + script to generate secrets + ''; + default = "${pkgs.coreutils}/bin/true"; + }; + vm.config = lib.mkOption { + type = lib.types.attrs; + description = '' + the vm config + ''; + }; + vm.create = lib.mkOption { + type = lib.types.path; + description = '' + json metadata about the vm + ''; + }; + }; + }; + description = '' + utility outputs for clan management of this machine + ''; + }; + # optimization for faster secret generate/upload and machines update + config = { + system.clan.deployment.data = { + inherit (config.system.clan) uploadSecrets generateSecrets; + inherit (config.clan.networking) deploymentAddress; + inherit (config.clanCore) secretsUploadDirectory; + }; + system.clan.deployment.file = pkgs.writeText "deployment.json" (builtins.toJSON config.system.clan.deployment.data); + }; + +} diff --git a/nixosModules/clanCore/schema.nix b/nixosModules/clanCore/schema.nix new file mode 100644 index 00000000..b93d8642 --- /dev/null +++ b/nixosModules/clanCore/schema.nix @@ -0,0 +1,11 @@ +{ options, lib, ... }: +let + jsonschema = import ../../lib/jsonschema { inherit lib; }; +in +{ + options.clanSchema = lib.mkOption { + type = lib.types.attrs; + description = "The json schema for the .clan options namespace"; + default = jsonschema.parseOptions options.clan; + }; +} diff --git a/nixosModules/flake-module.nix b/nixosModules/flake-module.nix index 6443ac97..96b264b5 100644 --- a/nixosModules/flake-module.nix +++ b/nixosModules/flake-module.nix @@ -1,6 +1,13 @@ -{ ... }: { +{ inputs, self, ... }: { flake.nixosModules = { hidden-ssh-announce.imports = [ ./hidden-ssh-announce.nix ]; installer.imports = [ ./installer ]; + clanCore.imports = [ + inputs.sops-nix.nixosModules.sops + ./clanCore + ({ pkgs, lib, ... }: { + clanCore.clanPkgs = lib.mkDefault self.packages.${pkgs.hostPlatform.system}; + }) + ]; }; } From 9dfc3f9613df4ddb639a23c75feb3f3399b01aed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Fri, 15 Dec 2023 12:53:53 +0100 Subject: [PATCH 2/2] add wayland-proxy-virtwl module --- checks/flake-module.nix | 1 + checks/wayland-proxy-virtwl/default.nix | 29 +++++++++++++ nixosModules/clanCore/default.nix | 1 + .../clanCore/wayland-proxy-virtwl.nix | 43 +++++++++++++++++++ 4 files changed, 74 insertions(+) create mode 100644 checks/wayland-proxy-virtwl/default.nix create mode 100644 nixosModules/clanCore/wayland-proxy-virtwl.nix diff --git a/checks/flake-module.nix b/checks/flake-module.nix index 3096fefa..4b11ce1b 100644 --- a/checks/flake-module.nix +++ b/checks/flake-module.nix @@ -19,6 +19,7 @@ meshnamed = import ./meshnamed nixosTestArgs; borgbackup = import ./borgbackup nixosTestArgs; syncthing = import ./syncthing nixosTestArgs; + wayland-proxy-virtwl = import ./wayland-proxy-virtwl nixosTestArgs; }; schemaTests = pkgs.callPackages ./schemas.nix { inherit self; diff --git a/checks/wayland-proxy-virtwl/default.nix b/checks/wayland-proxy-virtwl/default.nix new file mode 100644 index 00000000..1b0c6cd0 --- /dev/null +++ b/checks/wayland-proxy-virtwl/default.nix @@ -0,0 +1,29 @@ +import ../lib/test-base.nix ({ config, pkgs, lib, ... }: { + name = "wayland-proxy-virtwl"; + + nodes.machine = { self, ... }: { + imports = [ + self.nixosModules.clanCore + { + clanCore.machineName = "machine"; + clanCore.clanDir = ./.; + } + ]; + services.wayland-proxy-virtwl.enable = true; + + virtualisation.qemu.options = [ + "-vga none -device virtio-gpu-rutabaga,cross-domain=on,hostmem=4G,wsi=headless" + ]; + virtualisation.qemu.package = lib.mkForce self.packages.${pkgs.hostPlatform.system}.qemu-wayland; + }; + # FIXME: currently we still see this error in the build sandbox, + # but it gives us some smoke test + # vm-test-run-wayland-proxy-virtwl> machine # qemu-kvm: The errno is ENOENT: No such file or directory + # vm-test-run-wayland-proxy-virtwl> machine # qemu-kvm: CHECK failed in rutabaga_cmd_submit_3d() ../hw/display/virtio-gpu-rutabaga.c:341 + # vm-test-run-wayland-proxy-virtwl> machine # qemu-kvm: virtio_gpu_rutabaga_process_cmd: ctrl 0x207, error 0x1200 + testScript = '' + start_all() + # use machinectl + machine.succeed("machinectl shell .host ${config.nodes.machine.systemd.package}/bin/systemctl --user start wayland-proxy-virtwl >&2") + ''; +}) diff --git a/nixosModules/clanCore/default.nix b/nixosModules/clanCore/default.nix index 220fad60..725ae9da 100644 --- a/nixosModules/clanCore/default.nix +++ b/nixosModules/clanCore/default.nix @@ -12,6 +12,7 @@ ./schema.nix ./secrets ./vm.nix + ./wayland-proxy-virtwl.nix ./zerotier ]; } diff --git a/nixosModules/clanCore/wayland-proxy-virtwl.nix b/nixosModules/clanCore/wayland-proxy-virtwl.nix new file mode 100644 index 00000000..ca79ed27 --- /dev/null +++ b/nixosModules/clanCore/wayland-proxy-virtwl.nix @@ -0,0 +1,43 @@ +{ pkgs, config, lib, ... }: +{ + options = { + # maybe upstream this? + services.wayland-proxy-virtwl = { + enable = lib.mkEnableOption "wayland-proxy-virtwl"; + package = lib.mkPackageOption pkgs "wayland-proxy-virtwl" { }; + }; + }; + config = lib.mkIf config.services.wayland-proxy-virtwl.enable { + programs.xwayland.enable = lib.mkDefault true; + environment.etc."X11/xkb".source = config.services.xserver.xkb.dir; + + environment.sessionVariables = { + WAYLAND_DISPLAY = "wayland-1"; + DISPLAY = ":0"; + QT_QPA_PLATFORM = "wayland"; # Qt Applications + GDK_BACKEND = "wayland"; # GTK Applications + XDG_SESSION_TYPE = "wayland"; # Electron Applications + SDL_VIDEODRIVER = "wayland"; + CLUTTER_BACKEND = "wayland"; + }; + + # Is there a better way to do this? + programs.bash.loginShellInit = '' + if [ "$(tty)" = "/dev/ttyS0" ]; then + systemctl --user start graphical-session.target + fi + ''; + + systemd.user.services.wayland-proxy-virtwl = { + description = "Wayland proxy for virtwl"; + before = [ "graphical-session.target" ]; + wantedBy = [ "graphical-session.target" ]; + serviceConfig = { + Type = "simple"; + ExecStart = "${config.services.wayland-proxy-virtwl.package}/bin/wayland-proxy-virtwl --virtio-gpu --x-display=0 --xwayland-binary=${pkgs.xwayland}/bin/Xwayland"; + Restart = "always"; + RestartSec = 5; + }; + }; + }; +}