add support for foreigen guest-system

On macos this allows us the following:

./bin/nixos-shell --build-system aarch64-darwin --guest-system
riscv64-linux examples/vm.nix

This is not doing any cross-compilation, meaning the host machine needs
to have a remote builder setup.

Author: Mic92

bin/nixos-shell

@@ -14,7 +14,7 @@ usage() {
 vm.nix" 1>&2
 }
 
-nixos_config=vm.nix
+nixos_config=
 while [[ $# -gt 0 ]]; do
   i="$1"; shift 1
   case "$i" in
@@ -40,21 +40,35 @@ while [[ $# -gt 0 ]]; do
   --show-trace|--keep-failed|-K|--keep-going|-k|--verbose|-v|-vv|-vvv|-vvvv|-vvvvv|--fallback|--repair|-L|--refresh|--no-net|--impure)
     extraBuildFlags+=("$i")
     ;;
+  --guest-system)
+    j="$1"; shift 1
+    extraBuildFlags+=("--argstr" "guestSystem" "$j")
+    ;;
+  --host-system)
+    j="$1"; shift 1
+    extraBuildFlags+=("--argstr" "hostSystem" "$j")
+    ;;
   --option)
     j="$1"; shift 1
     k="$1"; shift 1
     extraBuildFlags+=("$i" "$j" "$k")
     ;;
   *)
+    if [[ -n "$nixos_config" ]]; then
+      usage
+      exit 1
+    fi
     nixos_config="$i"
     ;;
   esac
 done
+nixos_config=${nixos_config:-vm.nix}
 
 unset NIXOS_CONFIG
 
 if [[ -z "$flake_uri" ]]; then
   extraBuildFlags+=(
+    --extra-experimental-features "nix-command"
     -I "nixos-config=$nixos_config"
   )
 else

share/modules/nixos-shell-config.nix

@@ -2,7 +2,7 @@
 
 let
   cfg = config.nixos-shell;
-
+  home = builtins.getEnv "HOME";
   mkVMDefault = lib.mkOverride 900;
 in {
   config =
@@ -23,9 +23,6 @@ in {
       })
 
       (
-        let
-          home = builtins.getEnv "HOME";
-        in
         lib.mkIf (home != "" && cfg.mounts.mountHome) {
           users.extraUsers.root.home = lib.mkVMOverride home;
         }
@@ -75,16 +72,16 @@ in {
               "-mon chardev=char0,mode=readline"
               "-device virtconsole,chardev=char0,nr=0"
             ] ++
-            lib.optional cfg.mounts.mountHome "-virtfs local,path=/home,security_model=none,mount_tag=home" ++
+            lib.optional cfg.mounts.mountHome "-virtfs local,path=${home},security_model=none,mount_tag=home" ++
             lib.optional (cfg.mounts.mountNixProfile && builtins.pathExists nixProfile) "-virtfs local,path=${nixProfile},security_model=none,mount_tag=nixprofile" ++
             lib.mapAttrsToList (target: mount: "-virtfs local,path=${builtins.toString mount.target},security_model=none,mount_tag=${mount.tag}") cfg.mounts.extraMounts;
         };
 
         # build-vm overrides our filesystem settings in nixos-config
         boot.initrd.postMountCommands =
           (lib.optionalString cfg.mounts.mountHome ''
-            mkdir -p $targetRoot/home/
-            mount -t 9p home $targetRoot/home/ -o trans=virtio,version=9p2000.L,cache=${cfg.mounts.cache},msize=${toString config.virtualisation.msize}
+            mkdir -p $targetRoot/${lib.escapeShellArg home}
+            mount -t 9p home $targetRoot/${lib.escapeShellArg home} -o trans=virtio,version=9p2000.L,cache=${cfg.mounts.cache},msize=${toString config.virtualisation.msize}
           '') +
           (lib.optionalString (user != "" && cfg.mounts.mountNixProfile) ''
             mkdir -p $targetRoot/nix/var/nix/profiles/per-user/${user}/profile/
@@ -97,6 +94,12 @@ in {
             '')
             cfg.mounts.extraMounts);
 
+        # avoid leaking incompatible host binaries into the VM
+        system.activationScripts.shadow-nix-profile = lib.mkIf (options.virtualisation.host.pkgs.isDefined && config.virtualisation.host.pkgs.stdenv.hostPlatform != pkgs.stdenv.hostPlatform) (lib.stringAfter [ "specialfs" "users" "groups" ] ''
+          mkdir -p ${lib.escapeShellArg home}/.nix-profile/
+          mount --bind ${config.system.path} ${lib.escapeShellArg home}/.nix-profile/
+        '');
+
         environment = {
           systemPackages = with pkgs; [
             xterm # for resize command

share/modules/nixos-shell.nix

@@ -1,4 +1,4 @@
-{ lib, modulesPath, pkgs, extendModules, ... }:
+{ lib, pkgs, modulesPath, config, options, extendModules, ... }:
 
 {
   imports = [
@@ -15,13 +15,14 @@
     in {
       mountHome = mkOption {
         type = types.bool;
-        default = true;
-        description = "Whether to mount `/home`.";
+        default = builtins.getEnv "HOME" != "";
+        description = "Whether to mount `$HOME`.";
       };
 
       mountNixProfile = mkOption {
         type = types.bool;
-        default = true;
+        # if our host os does not match the guest os, binaries in our nix profile will not work
+        default = options.virtualisation.host.pkgs.isDefined && config.virtualisation.host.pkgs.stdenv.hostPlatform != pkgs.stdenv.hostPlatform;
         description = "Whether to mount the user's nix profile.";
       };
 

share/nixos-shell.nix

@@ -1,39 +1,47 @@
 { nixpkgs ? <nixpkgs>
-, system ? builtins.currentSystem
+, guestSystem ? builtins.currentSystem
+, hostSystem ? builtins.currentSystem
 , configuration ? <nixos-config>
-
 , flakeStr ? null # flake as named on the command line
 , flakeUri ? null
 , flakeAttr ? null
 }:
 let
-  lib = flake.inputs.nixpkgs.lib or (import nixpkgs { }).lib;
+  hasFlake = flakeUri != null;
 
   defaultTo = default: e: if e == null then default else e;
 
-  getFlakeOutput = path: lib.attrByPath path null flake.outputs;
-
-  mkShellSystem = config: import "${if !(flakeUri == null) then (toString flake.inputs.nixpkgs) else (toString nixpkgs)}/nixos/lib/eval-config.nix" {
-    inherit system;
-    modules = [
-      config
-      ./modules/nixos-shell.nix
-      ./modules/nixos-shell-config.nix
-    ];
-  };
-
   flake = builtins.getFlake flakeUri;
 
-  flakeSystem = defaultTo
-    (getFlakeOutput [ "nixosConfigurations" "${flakeAttr}" ])
-    (getFlakeOutput [ "packages" "${system}" "nixosConfigurations" "${flakeAttr}" ]);
-
-  flakeModule = getFlakeOutput [ "nixosModules" "${flakeAttr}" ];
+  getFlakeOutput = path: flake.inputs.nixpkgs.lib.attrByPath path null flake.outputs;
 
   nixosShellModules = [
+    ({lib, ...}: lib.optionalAttrs (guestSystem != hostSystem) {
+      virtualisation.host.pkgs = if hasFlake then
+        flake.inputs.nixpkgs.legacyPackages.${hostSystem}
+      else
+        import nixpkgs { system = hostSystem; };
+    })
     ./modules/nixos-shell.nix
     ./modules/nixos-shell-config.nix
   ];
+
+  nixpkgsPath = if hasFlake then
+    flake.inputs.nixpkgs
+  else
+    nixpkgs;
+
+  mkShellSystem = config: import "${toString nixpkgsPath}/nixos/lib/eval-config.nix" {
+    system = guestSystem;
+    modules = [ config ] ++ nixosShellModules;
+  };
+
+  flakeSystem = defaultTo
+    (getFlakeOutput [ "nixosConfigurations" flakeAttr ])
+    (getFlakeOutput [ "packages" guestSystem "nixosConfigurations" flakeAttr ]);
+
+  flakeModule = getFlakeOutput [ "nixosModules" "${flakeAttr}" ];
+
 in
 if flakeUri != null then
   if flakeSystem != null then