Add comments
This commit is contained in:
parent
b53ab2fae4
commit
3c402009ba
|
@ -2,6 +2,7 @@
|
||||||
let
|
let
|
||||||
packageName = "custom-nixos-vm";
|
packageName = "custom-nixos-vm";
|
||||||
|
|
||||||
|
# Determine `system.build` configuration without this file's influence
|
||||||
mergedBuildOption =
|
mergedBuildOption =
|
||||||
with options.system;
|
with options.system;
|
||||||
lib.mergeDefinitions
|
lib.mergeDefinitions
|
||||||
|
@ -15,10 +16,12 @@ let
|
||||||
build.definitionsWithLocations)
|
build.definitionsWithLocations)
|
||||||
(item: { inherit (item) file value; }));
|
(item: { inherit (item) file value; }));
|
||||||
|
|
||||||
|
# Get vanilla `config.system.build.vm`
|
||||||
vanillaVM = mergedBuildOption.mergedValue.vm;
|
vanillaVM = mergedBuildOption.mergedValue.vm;
|
||||||
in {
|
in {
|
||||||
options =
|
options =
|
||||||
let
|
let
|
||||||
|
# Add new options to `config.virtualisation.vmVariant` and `config.virtualisation.vmVariantWithBootLoader`
|
||||||
vmVariantOptions = {
|
vmVariantOptions = {
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
runAsRoot = lib.mkOption {
|
runAsRoot = lib.mkOption {
|
||||||
|
@ -70,11 +73,14 @@ in {
|
||||||
let
|
let
|
||||||
extendVMConfig =
|
extendVMConfig =
|
||||||
vmVariant: {
|
vmVariant: {
|
||||||
|
# Prevent GRUB2 errors in `nixos-rebuild build-vm-with-bootloader`
|
||||||
boot.loader.efi.efiSysMountPoint = lib.mkVMOverride "/boot";
|
boot.loader.efi.efiSysMountPoint = lib.mkVMOverride "/boot";
|
||||||
|
|
||||||
virtualisation = {
|
virtualisation = {
|
||||||
|
# Enable root permissions to get access to the `/etc/ssh` directory
|
||||||
runAsRoot = lib.mkIf vmVariant.virtualisation.sharedHostKeys true;
|
runAsRoot = lib.mkIf vmVariant.virtualisation.sharedHostKeys true;
|
||||||
|
|
||||||
|
# Enable spice and run QEMU in background to let `remote-viewer` take over
|
||||||
qemu = {
|
qemu = {
|
||||||
spice.enable = lib.mkIf vmVariant.virtualisation.virt-viewer true;
|
spice.enable = lib.mkIf vmVariant.virtualisation.virt-viewer true;
|
||||||
runInBackground = lib.mkIf vmVariant.virtualisation.virt-viewer true;
|
runInBackground = lib.mkIf vmVariant.virtualisation.virt-viewer true;
|
||||||
|
@ -93,6 +99,7 @@ in {
|
||||||
])));
|
])));
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Map SSH keys into the vm if necessary
|
||||||
sharedDirectories = lib.optionalAttrs (vmVariant.virtualisation.sharedHostKeys) {
|
sharedDirectories = lib.optionalAttrs (vmVariant.virtualisation.sharedHostKeys) {
|
||||||
hostKeys =
|
hostKeys =
|
||||||
let
|
let
|
||||||
|
@ -111,7 +118,6 @@ in {
|
||||||
vmVariantWithBootLoader = extendVMConfig virtualisation.vmVariantWithBootLoader;
|
vmVariantWithBootLoader = extendVMConfig virtualisation.vmVariantWithBootLoader;
|
||||||
};
|
};
|
||||||
|
|
||||||
# Replace native `qemu` with `remote-viewer`
|
|
||||||
system.build =
|
system.build =
|
||||||
{
|
{
|
||||||
vm = lib.mkForce (
|
vm = lib.mkForce (
|
||||||
|
@ -124,6 +130,7 @@ in {
|
||||||
let
|
let
|
||||||
originalCommand = "${vm}/bin/run-${config.system.name}-vm";
|
originalCommand = "${vm}/bin/run-${config.system.name}-vm";
|
||||||
|
|
||||||
|
# Have the command run in background if requested
|
||||||
suffix =
|
suffix =
|
||||||
lib.concatStringsSep " " (
|
lib.concatStringsSep " " (
|
||||||
lib.optional config.virtualisation.qemu.runInBackground "&");
|
lib.optional config.virtualisation.qemu.runInBackground "&");
|
||||||
|
@ -135,18 +142,21 @@ in {
|
||||||
"${originalCommand} ${suffix}"
|
"${originalCommand} ${suffix}"
|
||||||
] ++ (
|
] ++ (
|
||||||
let
|
let
|
||||||
spice = config.virtualisation.qemu.spice;
|
# Run `remote-viewer` as normal user to limit access
|
||||||
viewerPrefix = "sudo -Eu\"#$SUDO_UID\" ";
|
viewerPrefix = "sudo -Eu\"#$SUDO_UID\" ";
|
||||||
|
spice = config.virtualisation.qemu.spice;
|
||||||
in
|
in
|
||||||
(
|
(
|
||||||
lib.optionals
|
lib.optionals
|
||||||
config.virtualisation.virt-viewer
|
config.virtualisation.virt-viewer
|
||||||
[
|
[
|
||||||
"${viewerPrefix}${pkgs.virt-viewer}/bin/remote-viewer spice://${lib.escapeShellArg spice.bindAddress}:${toString spice.port}"
|
"${viewerPrefix}${pkgs.virt-viewer}/bin/remote-viewer spice://${lib.escapeShellArg spice.bindAddress}:${toString spice.port}"
|
||||||
|
# Kill QEMU after `remote-viewer` finished running
|
||||||
"kill %1"
|
"kill %1"
|
||||||
])));
|
])));
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# Run VM as root if requested
|
||||||
wrapped =
|
wrapped =
|
||||||
if !config.virtualisation.runAsRoot
|
if !config.virtualisation.runAsRoot
|
||||||
then
|
then
|
||||||
|
|
Loading…
Reference in a new issue