Browse Source

runInVm implementation

Signed-off-by: Magic_RB <magic_rb@redalder.org>
master
Magic_RB 1 month ago
parent
commit
75323d9d85
Signed by: Magic_RB GPG Key ID: 08D5287CC5DDCA0E
4 changed files with 140 additions and 41 deletions
  1. +78
    -14
      flake.nix
  2. +0
    -15
      lib/run-in-vm.nix
  3. +41
    -12
      lib/vm/run-in-vm.nix
  4. +21
    -0
      overlay/run-vm-linux.nix

+ 78
- 14
flake.nix View File

@ -8,10 +8,11 @@
supportedSystems = [ "x86_64-linux" "i386-linux" "aarch64-linux" ];
systemed = system: rec {
pkgs = import nixpkgs { inherit system; overlays = [ self.overlay ]; };
callPackage = pkgs.lib.callPackageWith ({
callPackage = pkgs.lib.callPackageWith (pkgs // {
nglib = self.lib system;
inherit pkgs;
} // pkgs);
pkgs = pkgs // { inherit callPackage; };
callPackage = callPackage;
});
lib = pkgs.lib;
nglib = self.lib system;
};
@ -22,11 +23,12 @@
inherit (systemed system) callPackage;
in
{
makeInitramfs = callPackage ./lib/make-initramfs.nix;
makeInitramfs = callPackage ./lib/make-initramfs.nix {};
makeBundle = callPackage ./lib/make-bundle.nix;
makeSystem = callPackage ./lib/make-system.nix;
makeBootloader = callPackage ./lib/make-bootloader;
runInVm = callPackage ./lib/vm/run-in-vm.nix;
writeSubstitutedShellScript = callPackage ./lib/write-substituted-shell-script.nix {};
};
testSystem = (self.lib "x86_64-linux").makeSystem {
@ -41,7 +43,10 @@
];
runit.enable = true;
bootloader.enable = true;
bootloader = {
enable = true;
initrdCompression = [ "gzip" ];
};
initramfs = {
enable = true;
config = {
@ -57,16 +62,75 @@
});
};
vmTest = (self.lib "x86_64-linux").runInVm {
script = (systemed "x86_64-linux").pkgs.writeShellScript "script"
''
echo "asdasd" > /out/file.txt
'';
};
dockerTest = ((self.lib "x86_64-linux").makeSystem {
system = "x86_64-linux";
name = "nixng-docker";
config = ({ pkgs, ... }: {
runit.enable = true;
services.getty.tty = {
baudRate = 38400;
};
services.apache2 = {
enable = true;
configuration = {
LoadModule = [
[ "mpm_event_module" "modules/mod_mpm_event.so" ]
[ "log_config_module" "modules/mod_log_config.so" ]
[ "unixd_module" "modules/mod_unixd.so" ]
[ "authz_core_module" "modules/mod_authz_core.so" ]
[ "dir_module" "modules/mod_dir.so" ]
[ "mime_module" "modules/mod_mime.so" ]
];
ErrorLog = "/dev/stderr";
TransferLog = "/dev/stdout";
LogLevel = "info";
Listen = "0.0.0.0:80";
ServerRoot = "/var/www";
ServerName = "blowhole";
PidFile = "/httpd.pid";
User = "www-data";
Group = "www-data";
DocumentRoot = "/var/www";
AddType = [
[ "image/svg+xml" "svg" "svgz" ]
];
AddEncoding = [ "gzip" "svgz" ];
TypesConfig = "\${TYPES_CONFIG}";
Directory = {
"/" = {
Require = [ "all" "denied" ];
Options = "SymlinksIfOwnerMatch";
};
};
VirtualHost = {
"*:80" = {
Directory = {
"/var/www" = {
Require = [ "all" "granted" ];
Options = [ "-Indexes" "+FollowSymlinks" ];
DirectoryIndex = "index.html";
};
};
};
};
};
};
});
});
overlay = import ./overlay;
packages = nixpkgs.lib.genAttrs
supportedSystems
(s: import nixpkgs { system = s; overlays = [ self.overlay ]; });
# packages = nixpkgs.lib.genAttrs
# supportedSystems
# (s: import nixpkgs { system = s; overlays = [ self.overlay ]; });
};
}

+ 0
- 15
lib/run-in-vm.nix View File

@ -1,15 +0,0 @@
{ makeInitramfs
, pkgs
, qemu ? pkgs.qemu
, runCommandNoCC
, callPackage
, script
}:
let
qemuFlags = callPackage (import ./qemu-flags.nix) {};
in
runCommandNoCC "qemu"
''
${qemu}/
''

+ 41
- 12
lib/vm/run-in-vm.nix View File

@ -3,12 +3,17 @@
, runCommandNoCC
, runVmLinux
, nglib
, writeTextFile, writeText
, writeTextFile, writeText, writeShellScript
, storeDir ? builtins.storeDir
, qemu ? pkgs.qemu
, qemuMem ? 512
, script
, postProcess ? writeShellScript "post-process.sh"
''
cp -r $xchg/out/* $out
''
, preProcess ? null
}:
# TODO NixOS really complicated this, I'd love to know why
# https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/vm/default.nix
@ -42,14 +47,17 @@ let
mount -t tmpfs -o "mode=1777" none /dev/shm
mount -t devpts none /dev/pts
echo "mounting Nix store..."
mkdir -p ${storeDir}
mount -t 9p store ${storeDir} -o trans=virtio,version=9p2000.L,cache=loose
sleep 5
mkdir -p /tmp
mount -t tmpfs none /tmp
echo "mounting out..."
mkdir -p /out
mount -t 9p out /out -o trans=virtio,version=9p2000.L
echo "mounting Nix store..."
mkdir -p ${storeDir} /host-store
mount -t 9p store /host-store -o trans=virtio,version=9p2000.L,cache=loose
mount -t overlay overlay -o lowerdir=/host-store:${storeDir} ${storeDir}
echo "mounting xchg..."
xchg="/xchg"
mkdir -p $xchg
mount -t 9p xchg $xchg -o trans=virtio,version=9p2000.L
mkdir -p /etc
ln -sf /proc/mounts /etc/mtab
@ -59,9 +67,8 @@ let
echo "root:x:0:0:System administrator:/root:/bin/sh" > /etc/passwd
fi
$script
# poweroff -f # that works, the kernel tries to reboot after /init exits but qemu doesnt honor the request and exits
out=/xchg/out $script
echo $? > /xchg/exit-code
'';
executable = true;
destination = "/init";
@ -87,15 +94,37 @@ runCommandNoCC "qemu"
fi
fi
_xchg=$(mktemp -d)
_out=$_xchg/out
mkdir $_out
${lib.optionalString (preProcess != null) ''
(
export xchg=$_xchg
if ! ${preProcess} ; then
exit 1
fi
)
''}
${qemuBinary qemu} \
-virtfs local,path=${storeDir},security_model=none,mount_tag=store \
-virtfs local,path=$out,security_model=none,mount_tag=out \
-virtfs local,path=$_xchg,security_model=none,mount_tag=xchg \
-device virtio-rng-pci \
-nographic -no-reboot \
-m ${toString qemuMem} \
-kernel ${runVmLinux}/bzImage \
-initrd ${initrd} \
-append "panic=1 script=${script} console=${qemuSerialDevice}"
(
export xchg=$_xchg
if ! ${postProcess} ; then
exit 1
fi
)
exit $(<$_xchg/exit-code)
''
# ({ ... }: {
# requiredSystemFeatures = [ "kvm" ];


+ 21
- 0
overlay/run-vm-linux.nix View File

@ -60,5 +60,26 @@ tinyLinux.override {
CONFIG_SYSFS="y";
# devtmpfs
CONFIG_DEVTMPFS="y";
# overlayfs
CONFIG_EXPORTFS="y";
CONFIG_OVERLAY_FS="y";
CONFIG_OVERLAY_FS_INDEX="y";
CONFIG_OVERLAY_FS_METACOPY="y";
# loop devices
CONFIG_BLK_DEV="y";
CONFIG_BLK_DEV_LOOP="y";
CONFIG_BLK_DEV_LOOP_MIN_COUNT="4";
# filesystems
CONFIG_BLOCK="y";
CONFIG_EXT4_FS="y";
CONFIG_EXT4_FS_POSIX_ACL="y";
CONFIG_VFAT_FS="y";
CONFIG_NLS_CODEPAGE_437="y"; # why? cause "FAT-fs (loop0p1): codepage cp437 not found"
CONFIG_NLS_ISO8859_1="y"; # same here, "FAT-fs (loop0p1): IO charset iso8859-1 not found"
CONFIG_FAT_FS="y";
};
}

Loading…
Cancel
Save