clan/clan-core
11
2
Fork 13
Code Issues 91 Pull Requests 6 Actions Packages Projects 1 Releases Wiki Activity
6adc68a354
clan-core/nixosModules/clanCore/vm.nix
DavHau 6adc68a354
All checks were successful
checks-impure / test (pull_request) Successful in 1m34s
Details
checks / test (pull_request) Successful in 3m6s
Details
checks / test (push) Successful in 30s
Details
checks-impure / test (push) Successful in 1m27s
Details
vm-state: fix and improve testing 
Also adds qemu qga protocol implementation to execute commands
2024-01-26 19:41:05 +07:00

184 lines
5.6 KiB
Nix
Raw Blame History

{ lib, config, pkgs, options, extendModules, modulesPath, ... }:
let
# Flatten the list of state folders into a single list
stateFolders = lib.flatten (
lib.mapAttrsToList
(_item: attrs: attrs.folders)
config.clanCore.state
);
# Ensure sane mount order by topo-sorting
sortedStateFolders =
let
sorted = lib.toposort lib.hasPrefix stateFolders;
in
sorted.result or (
throw ''
The state folders have a cyclic dependency.
This is not allowed.
The cyclic dependencies are:
- ${lib.concatStringsSep "\n - " sorted.loops}
''
);
vmModule = {
imports = [
(modulesPath + "/virtualisation/qemu-vm.nix")
./serial.nix
];
# required for issuing shell commands via qga
services.qemuGuest.enable = true;
boot.initrd.systemd.enable = true;
systemd.sysusers.enable = true;
system.etc.overlay.enable = true;
# currently needed for system.etc.overlay.enable
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.initrd.systemd.storePaths = [ pkgs.util-linux pkgs.e2fsprogs ];
# Ensures, that all state paths will be persisted across reboots
# - Mounts the state.qcow2 disk to /vmstate.
# - Binds directories from /vmstate/{some-path} to /{some-path}.
boot.initrd.systemd.services.rw-etc-pre = {
unitConfig = {
DefaultDependencies = false;
RequiresMountsFor = "/sysroot /dev";
};
requiredBy = [ "rw-etc.service" ];
before = [ "rw-etc.service" ];
serviceConfig = {
Type = "oneshot";
};
script = ''
mkdir -p -m 0755 \
/sysroot/vmstate \
/sysroot/.rw-etc \
/sysroot/vmstate/.rw-etc
${pkgs.util-linux}/bin/blkid /dev/vdb || ${pkgs.e2fsprogs}/bin/mkfs.ext4 /dev/vdb
sync
mount /dev/vdb /sysroot/vmstate
mount --bind /sysroot/vmstate/.rw-etc /sysroot/.rw-etc
for folder in "${lib.concatStringsSep ''" "'' sortedStateFolders}"; do
mkdir -p -m 0755 "/sysroot/vmstate/$folder" "/sysroot/$folder"
mount --bind "/sysroot/vmstate/$folder" "/sysroot/$folder"
done
'';
};
virtualisation.fileSystems = {
${config.clanCore.secretsUploadDirectory} = lib.mkForce {
device = "secrets";
fsType = "9p";
neededForBoot = true;
options = [ "trans=virtio" "version=9p2000.L" "cache=loose" ];
};
};
};
# We cannot simply merge the VM config into the current system config, because
# it is not necessarily a VM.
# Instead we use extendModules to create a second instance of the current
# system configuration, and then merge the VM config into that.
vmConfig = extendModules {
modules = [ vmModule ];
};
in
{
options = {
clan.virtualisation = {
cores = lib.mkOption {
type = lib.types.ints.positive;
default = 1;
description = lib.mdDoc ''
Specify the number of cores the guest is permitted to use.
The number can be higher than the available cores on the
host system.
'';
};
memorySize = lib.mkOption {
type = lib.types.ints.positive;
default = 1024;
description = lib.mdDoc ''
The memory size in megabytes of the virtual machine.
'';
};
graphics = lib.mkOption {
type = lib.types.bool;
default = true;
description = lib.mdDoc ''
Whether to run QEMU with a graphics window, or in nographic mode.
Serial console will be enabled on both settings, but this will
change the preferred console.
'';
};
};
# All important VM config variables needed by the vm runner
# this is really just a remapping of values defined elsewhere
# and therefore not intended to be set by the user
clanCore.vm.inspect = {
clan_name = lib.mkOption {
type = lib.types.str;
internal = true;
readOnly = true;
description = ''
the name of the clan
'';
};
memory_size = lib.mkOption {
type = lib.types.int;
internal = true;
readOnly = true;
description = ''
the amount of memory to allocate to the vm
'';
};
cores = lib.mkOption {
type = lib.types.int;
internal = true;
readOnly = true;
description = ''
the number of cores to allocate to the vm
'';
};
graphics = lib.mkOption {
type = lib.types.bool;
internal = true;
readOnly = true;
description = ''
whether to enable graphics for the vm
'';
};
};
};
config = {
# for clan vm inspect
clanCore.vm.inspect = {
clan_name = config.clanCore.clanName;
memory_size = config.clan.virtualisation.memorySize;
inherit (config.clan.virtualisation) cores graphics;
};
# for clan vm create
system.clan.vm = {
create = pkgs.writeText "vm.json" (builtins.toJSON {
initrd = "${vmConfig.config.system.build.initialRamdisk}/${vmConfig.config.system.boot.loader.initrdFile}";
toplevel = vmConfig.config.system.build.toplevel;
regInfo = (pkgs.closureInfo { rootPaths = vmConfig.config.virtualisation.additionalPaths; });
inherit (config.clan.virtualisation) memorySize cores graphics;
});
};
virtualisation = lib.optionalAttrs (options.virtualisation ? cores) {
memorySize = lib.mkDefault config.clan.virtualisation.memorySize;
graphics = lib.mkDefault config.clan.virtualisation.graphics;
cores = lib.mkDefault config.clan.virtualisation.cores;
};
};
}
Reference in New Issue View Git Blame Copy Permalink