a-kenji
c926f23c09
All checks were successful
buildbot/nix-build .#checks.aarch64-darwin.nixos-test_install_machine Build done.
buildbot/nix-build .#checks.aarch64-darwin.nixos-flash-installer Build done.
buildbot/nix-build .#checks.aarch64-darwin.nixos-iso-installer Build done.
buildbot/nix-build .#checks.aarch64-linux.nixos-test_install_machine Build done.
buildbot/nix-build .#checks.x86_64-linux.check-for-breakpoints Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-bash Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-e2fsprogs Build done.
buildbot/nix-build .#checks.x86_64-linux.package-clan-ts-api Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-fakeroot Build done.
buildbot/nix-build .#checks.x86_64-linux.package-clan-cli-docs Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-git Build done.
buildbot/nix-build .#checks.x86_64-linux.package-clan-cli Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-nix Build done.
buildbot/nix-build .#checks.x86_64-linux.renderClanOptions Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-rsync Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-sops Build done.
buildbot/nix-build .#checks.aarch64-linux.nixos-test-backup Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-test-backup Build done.
buildbot/nix-build .#checks.x86_64-linux.package-module-docs Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-openssh Build done.
buildbot/nix-build .#checks.x86_64-linux."clan-dep-python3.11-mypy" Build done.
buildbot/nix-build .#checks.aarch64-darwin.nixos-test-backup Build done.
buildbot/nix-build .#checks.x86_64-linux."clan-dep-python3.11-qemu" Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-sshpass Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-age Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-tor Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-webview-ui Build done.
buildbot/nix-build .#checks.x86_64-linux.package-default Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-docs Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-cli Build done.
buildbot/nix-build .#checks.x86_64-linux.borgbackup Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-default Build done.
buildbot/nix-build .#checks.x86_64-linux.lib-jsonschema-example-valid Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-vm-manager-no-breakpoints Build done.
buildbot/nix-build .#checks.aarch64-linux.nixos-flash-installer Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-dep-zbar Build done.
buildbot/nix-build .#checks.aarch64-linux.nixos-iso-installer Build done.
buildbot/nix-build .#checks.x86_64-linux.deltachat Build done.
buildbot/nix-build .#checks.x86_64-linux.matrix-synapse Build done.
buildbot/nix-build .#checks.x86_64-linux.lib-jsonschema-nix-unit-tests Build done.
buildbot/nix-build .#checks.x86_64-linux.treefmt Build done.
buildbot/nix-build .#checks.x86_64-linux.package-editor Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-vm-manager-pytest Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gui-install-test-ubuntu-22-04 Build done.
buildbot/nix-build .#checks.x86_64-linux.package-docs Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-apk Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-archlinux Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-deb Build done.
buildbot/nix-build .#checks.x86_64-linux.module-schema Build done.
buildbot/nix-build .#checks.x86_64-linux.container Build done.
buildbot/nix-build .#checks.x86_64-linux.test-backups Build done.
buildbot/nix-build .#checks.x86_64-linux.package-gui-installer-rpm Build done.
buildbot/nix-build .#checks.x86_64-linux.package-impure-checks Build done.
buildbot/nix-build .#checks.x86_64-linux.package-merge-after-ci Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-test_install_machine Build done.
buildbot/nix-build .#checks.x86_64-linux.package-moonlight-sunshine-accept Build done.
buildbot/nix-build .#checks.x86_64-linux.package-pending-reviews Build done.
buildbot/nix-build .#checks.x86_64-linux.package-tea-create-pr Build done.
buildbot/nix-build .#checks.x86_64-linux.devShell-clan-vm-manager Build done.
buildbot/nix-build .#checks.x86_64-linux.package-zerotier-members Build done.
buildbot/nix-build .#checks.x86_64-linux.package-zt-tcp-relay Build done.
buildbot/nix-build .#checks.x86_64-linux.package-zerotierone Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-pytest-with-core Build done.
buildbot/nix-build .#checks.x86_64-linux.package-function-schema Build done.
buildbot/nix-build .#checks.x86_64-linux.package-deploy-docs Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-iso-installer Build done.
buildbot/nix-build .#checks.x86_64-linux.package-webview-ui Build done.
buildbot/nix-build .#checks.x86_64-linux.secrets Build done.
buildbot/nix-build .#checks.x86_64-linux.package-module-schema Build done.
buildbot/nix-build .#checks.x86_64-linux.zt-tcp-relay Build done.
buildbot/nix-build .#checks.x86_64-linux.nixos-flash-installer Build done.
buildbot/nix-build .#checks.x86_64-linux.wayland-proxy-virtwl Build done.
buildbot/nix-build .#checks.x86_64-linux.package-iso-installer Build done.
buildbot/nix-build .#checks.x86_64-linux.syncthing Build done.
buildbot/nix-build .#checks.x86_64-linux.package-clan-vm-manager Build done.
buildbot/nix-build .#checks.x86_64-linux.clan-pytest-without-core Build done.
checks / checks-impure (pull_request) Successful in 2m23s
buildbot/nix-build .#checks.x86_64-linux.flash Build done.
buildbot/nix-build .#checks.x86_64-linux.test-installation Build done.
buildbot/nix-eval Build done.
214 lines
6.6 KiB
Python
214 lines
6.6 KiB
Python
import argparse
|
|
import importlib
|
|
import json
|
|
import logging
|
|
import os
|
|
from contextlib import ExitStack
|
|
from pathlib import Path
|
|
from tempfile import TemporaryDirectory
|
|
|
|
from ..cmd import Log, run
|
|
from ..completions import add_dynamic_completer, complete_machines
|
|
from ..dirs import module_root, user_cache_dir, vm_state_dir
|
|
from ..errors import ClanError
|
|
from ..facts.generate import generate_facts
|
|
from ..machines.machines import Machine
|
|
from ..nix import nix_shell
|
|
from .inspect import VmConfig, inspect_vm
|
|
from .qemu import qemu_command
|
|
from .virtiofsd import start_virtiofsd
|
|
from .waypipe import start_waypipe
|
|
|
|
log = logging.getLogger(__name__)
|
|
|
|
|
|
def facts_to_nixos_config(facts: dict[str, dict[str, bytes]]) -> dict:
|
|
nixos_config: dict = {}
|
|
nixos_config["clanCore"] = {}
|
|
nixos_config["clanCore"]["secrets"] = {}
|
|
for service, service_facts in facts.items():
|
|
nixos_config["clanCore"]["secrets"][service] = {}
|
|
nixos_config["clanCore"]["secrets"][service]["facts"] = {}
|
|
for fact, value in service_facts.items():
|
|
nixos_config["clanCore"]["secrets"][service]["facts"][fact] = {
|
|
"value": value.decode()
|
|
}
|
|
return nixos_config
|
|
|
|
|
|
# TODO move this to the Machines class
|
|
def build_vm(
|
|
machine: Machine, tmpdir: Path, nix_options: list[str] = []
|
|
) -> dict[str, str]:
|
|
# TODO pass prompt here for the GTK gui
|
|
secrets_dir = get_secrets(machine, tmpdir)
|
|
|
|
public_facts_module = importlib.import_module(machine.public_facts_module)
|
|
public_facts_store = public_facts_module.FactStore(machine=machine)
|
|
public_facts = public_facts_store.get_all()
|
|
|
|
nixos_config_file = machine.build_nix(
|
|
"config.system.clan.vm.create",
|
|
extra_config=facts_to_nixos_config(public_facts),
|
|
nix_options=nix_options,
|
|
)
|
|
try:
|
|
vm_data = json.loads(Path(nixos_config_file).read_text())
|
|
vm_data["secrets_dir"] = str(secrets_dir)
|
|
return vm_data
|
|
except json.JSONDecodeError as e:
|
|
raise ClanError(f"Failed to parse vm config: {e}")
|
|
|
|
|
|
def get_secrets(
|
|
machine: Machine,
|
|
tmpdir: Path,
|
|
) -> Path:
|
|
secrets_dir = tmpdir / "secrets"
|
|
secrets_dir.mkdir(parents=True, exist_ok=True)
|
|
|
|
secret_facts_module = importlib.import_module(machine.secret_facts_module)
|
|
secret_facts_store = secret_facts_module.SecretStore(machine=machine)
|
|
|
|
generate_facts([machine], None, False)
|
|
|
|
secret_facts_store.upload(secrets_dir)
|
|
return secrets_dir
|
|
|
|
|
|
def prepare_disk(
|
|
directory: Path,
|
|
size: str = "1024M",
|
|
file_name: str = "disk.img",
|
|
) -> Path:
|
|
disk_img = directory / file_name
|
|
cmd = nix_shell(
|
|
["nixpkgs#qemu"],
|
|
[
|
|
"qemu-img",
|
|
"create",
|
|
"-f",
|
|
"qcow2",
|
|
str(disk_img),
|
|
size,
|
|
],
|
|
)
|
|
run(
|
|
cmd,
|
|
log=Log.BOTH,
|
|
error_msg=f"Could not create disk image at {disk_img}",
|
|
)
|
|
|
|
return disk_img
|
|
|
|
|
|
def run_vm(
|
|
vm: VmConfig,
|
|
*,
|
|
cachedir: Path | None = None,
|
|
socketdir: Path | None = None,
|
|
nix_options: list[str] = [],
|
|
) -> None:
|
|
with ExitStack() as stack:
|
|
machine = Machine(vm.machine_name, vm.flake_url)
|
|
log.debug(f"Creating VM for {machine}")
|
|
|
|
# store the temporary rootfs inside XDG_CACHE_HOME on the host
|
|
# otherwise, when using /tmp, we risk running out of memory
|
|
cache = user_cache_dir() / "clan"
|
|
cache.mkdir(exist_ok=True)
|
|
|
|
if cachedir is None:
|
|
cache_tmp = stack.enter_context(TemporaryDirectory(dir=cache))
|
|
cachedir = Path(cache_tmp)
|
|
|
|
if socketdir is None:
|
|
socket_tmp = stack.enter_context(TemporaryDirectory())
|
|
socketdir = Path(socket_tmp)
|
|
|
|
# TODO: We should get this from the vm argument
|
|
nixos_config = build_vm(machine, cachedir, nix_options)
|
|
|
|
state_dir = vm_state_dir(str(vm.flake_url), machine.name)
|
|
state_dir.mkdir(parents=True, exist_ok=True)
|
|
|
|
# specify socket files for qmp and qga
|
|
qmp_socket_file = socketdir / "qmp.sock"
|
|
qga_socket_file = socketdir / "qga.sock"
|
|
# Create symlinks to the qmp/qga sockets to be able to find them later.
|
|
# This indirection is needed because we cannot put the sockets directly
|
|
# in the state_dir.
|
|
# The reason is, qemu has a length limit of 108 bytes for the qmp socket
|
|
# path which is violated easily.
|
|
qmp_link = state_dir / "qmp.sock"
|
|
if os.path.lexists(qmp_link):
|
|
qmp_link.unlink()
|
|
qmp_link.symlink_to(qmp_socket_file)
|
|
|
|
qga_link = state_dir / "qga.sock"
|
|
if os.path.lexists(qga_link):
|
|
qga_link.unlink()
|
|
qga_link.symlink_to(qga_socket_file)
|
|
|
|
rootfs_img = prepare_disk(cachedir)
|
|
state_img = state_dir / "state.qcow2"
|
|
if not state_img.exists():
|
|
state_img = prepare_disk(
|
|
directory=state_dir,
|
|
file_name="state.qcow2",
|
|
size="50G",
|
|
)
|
|
virtiofsd_socket = socketdir / "virtiofsd.sock"
|
|
qemu_cmd = qemu_command(
|
|
vm,
|
|
nixos_config,
|
|
secrets_dir=Path(nixos_config["secrets_dir"]),
|
|
rootfs_img=rootfs_img,
|
|
state_img=state_img,
|
|
virtiofsd_socket=virtiofsd_socket,
|
|
qmp_socket_file=qmp_socket_file,
|
|
qga_socket_file=qga_socket_file,
|
|
)
|
|
|
|
packages = ["nixpkgs#qemu"]
|
|
|
|
env = os.environ.copy()
|
|
if vm.graphics and not vm.waypipe:
|
|
packages.append("nixpkgs#virt-viewer")
|
|
remote_viewer_mimetypes = module_root() / "vms" / "mimetypes"
|
|
env["XDG_DATA_DIRS"] = (
|
|
f"{remote_viewer_mimetypes}:{env.get('XDG_DATA_DIRS', '')}"
|
|
)
|
|
|
|
with (
|
|
start_waypipe(qemu_cmd.vsock_cid, f"[{vm.machine_name}] "),
|
|
start_virtiofsd(virtiofsd_socket),
|
|
):
|
|
run(
|
|
nix_shell(packages, qemu_cmd.args),
|
|
env=env,
|
|
log=Log.BOTH,
|
|
error_msg=f"Could not start vm {machine}",
|
|
)
|
|
|
|
|
|
def run_command(
|
|
machine: str,
|
|
flake: Path,
|
|
option: list[str] = [],
|
|
**kwargs: dict[str, str],
|
|
) -> None:
|
|
machine_obj: Machine = Machine(machine, flake)
|
|
|
|
vm: VmConfig = inspect_vm(machine=machine_obj)
|
|
|
|
run_vm(vm, nix_options=option)
|
|
|
|
|
|
def register_run_parser(parser: argparse.ArgumentParser) -> None:
|
|
machine_action = parser.add_argument(
|
|
"machine", type=str, help="machine in the flake to run"
|
|
)
|
|
add_dynamic_completer(machine_action, complete_machines)
|
|
parser.set_defaults(func=lambda args: run_command(**args.__dict__))
|