Merge pull request #46 from welteki/flake-support

Flake support

Author: Mic92

Makefile

@@ -23,4 +23,6 @@ test-efi:
 
 install:
 	$(INSTALL) -D bin/nixos-shell $(DESTDIR)$(PREFIX)/bin/nixos-shell
-	$(INSTALL) -D share/nixos-shell/nixos-shell.nix $(DESTDIR)$(PREFIX)/share/nixos-shell/nixos-shell.nix
+	$(INSTALL) -D share/modules/nixos-shell.nix $(DESTDIR)$(PREFIX)/share/modules/nixos-shell.nix
+	$(INSTALL) -D share/modules/nixos-shell-config.nix $(DESTDIR)$(PREFIX)/share/modules/nixos-shell-config.nix
+	$(INSTALL) -D share/nixos-shell.nix $(DESTDIR)$(PREFIX)/share/nixos-shell.nix

README.md

@@ -31,6 +31,27 @@ Instead of `vm.nix`, `nixos-shell` also accepts other modules on the command lin
 $ nixos-shell some-nix-module.nix
 ```
 
+You can also start a vm from a flake's `nixosConfigurations` using the `--flake` flag.
+
+```console
+$ nixos-shell --flake github:Mic92/nixos-shell#vm-forward
+```
+
+This will run the `vm-forward` example.
+
+> Note: system configurations have to be made overridable with `lib.makeOverridable` to use them with `nixos-shell`
+>```nix
+>{
+>  nixosConfigurations = let
+>    lib = nixpkgs.lib;
+>  in {
+>    vm = lib.makeOverridable lib.nixosSystem {
+>      # ...
+>    };
+>  };
+>}
+>```
+
 ## Terminating the virtual machine
 
 Type `Ctrl-a x` to exit the virtual machine.

bin/nixos-shell

@@ -3,9 +3,11 @@
 set -euo pipefail
 
 script_dir="$(dirname "$(readlink -f "$0")")"
+flake_uri=
+flake_attr=
 
 usage() {
-  echo "USAGE: $0 [--builders builders] [--fallback] [-I path]
+  echo "USAGE: $0 [--builders builders] [--flake uri] [--fallback] [-I path]
 [--impure] [--keep-going | -k] [--keep-failed | -K]
 [--no-net] [--option name value] [--repair]
 [--refresh] [--show-trace] [--verbose | -v | -vv | -vvv | -vvvv | -vvvvv]
@@ -24,6 +26,13 @@ while [[ $# -gt 0 ]]; do
     usage
     exit
     ;;
+  --flake)
+    flake="$(echo "$1" | awk -F '#' '{ print $1; }')"
+
+    flake_uri="$(nix flake metadata --extra-experimental-features "nix-command flakes"  --json -- "$flake" | jq -r .url)"
+    flake_attr="$(echo "$1" | awk -F'#' '{ print $2; }')"
+    shift
+    ;;
   -I|--builders)
     j="$1"; shift 1
     extraBuildFlags+=("$i" "$j")
@@ -42,7 +51,6 @@ while [[ $# -gt 0 ]]; do
   esac
 done
 
-export QEMU_NIXOS_CONFIG="$(readlink -f "$nixos_config")"
 unset NIXOS_CONFIG
 
 tempdir=$(mktemp -d)
@@ -51,8 +59,19 @@ cleanup() {
 }
 trap cleanup EXIT SIGINT SIGQUIT ERR
 
-nix-build '<nixpkgs/nixos>' -A vm -k \
-  -I "nixos-config=${script_dir}/../share/nixos-shell/nixos-shell.nix" \
+if [[ -z "$flake_uri" ]]; then
+  extraBuildFlags+=(
+    -I "nixos-config=$nixos_config"
+  )
+else
+  extraBuildFlags+=(
+     --extra-experimental-features "flakes"
+    --argstr flakeUri "$flake_uri"
+    --argstr flakeAttr "${flake_attr:-"vm"}"
+  )
+fi
+
+nix-build "${script_dir}/../share/nixos-shell.nix" -A "config.system.build.vm" -k \
   -o "${tempdir}/result" \
   "${extraBuildFlags[@]}"
   "$@"

default.nix

@@ -11,8 +11,12 @@ stdenv.mkDerivation {
                  baseNameOf path != ".direnv" &&
                  baseNameOf path != "result"
     ) ./.;
-  buildInputs = [ bash ];
+  nativeBuildInputs = [ makeWrapper ];
   preConfigure = ''
     export PREFIX=$out
   '';
+  postInstall = ''
+    wrapProgram $out/bin/nixos-shell \
+      --prefix PATH : ${lib.makeBinPath [ jq coreutils gawk ]}
+  '';
 }

flake.nix

@@ -8,8 +8,29 @@
   outputs = inp:
   let
     lib = inp.nixpkgs.lib;
+
+    inherit (lib) mapAttrs' removeSuffix makeOverridable nixosSystem mapAttrs;
+
+    vms = mapAttrs' (file: _: {
+      name = removeSuffix ".nix" file;
+      value = import (./examples + "/${file}");
+    }) (builtins.readDir ./examples);
+
+    mkSystem = pkgs: config: makeOverridable nixosSystem {
+      system = "x86_64-linux";
+      modules = [ config  inp.self.nixosModules.nixos-shell ];
+    };
+
     supportedSystems = [ "x86_64-linux" ];
   in
+  {
+    nixosConfigurations = mapAttrs (_name: config: mkSystem inp.nixpkgs config) vms;
+
+    nixosModules.nixos-shell = import ./share/modules/nixos-shell.nix;
+  }
+
+  //
+
   lib.foldl' lib.recursiveUpdate {} (lib.forEach supportedSystems (system: rec {
 
     packages."${system}".nixos-shell = import ./default.nix {

share/modules/nixos-shell-config.nix

@@ -0,0 +1,131 @@
+{ lib, options, config, pkgs, ... }:
+
+let
+  cfg = config.nixos-shell;
+
+  mkVMDefault = lib.mkOverride 900;
+in {
+  config =
+    let
+      user = builtins.getEnv "USER";
+      shell' = builtins.baseNameOf (builtins.getEnv "SHELL");
+
+      # fish seems to do funky stuff: https://github.com/Mic92/nixos-shell/issues/42
+      shell = if shell' == "fish" then "bash" else shell';
+    in
+    lib.mkMerge [
+      # Enable the module of the user's shell for some sensible defaults.
+      (lib.mkIf (options.programs ? ${shell}.enable && shell != "bash") {
+        programs.${shell}.enable = mkVMDefault true;
+      })
+
+      (lib.mkIf (pkgs ? ${shell}) {
+        users.extraUsers.root.shell = mkVMDefault pkgs.${shell};
+      })
+
+      (
+        let
+          home = builtins.getEnv "HOME";
+        in
+        lib.mkIf (home != "" && cfg.mounts.mountHome) {
+          users.extraUsers.root.home = lib.mkVMOverride home;
+        }
+      )
+
+      # Allow passwordless ssh login with the user's key if it exists.
+      (
+        let
+          keys = map (key: "${builtins.getEnv "HOME"}/.ssh/${key}")
+            [ "id_rsa.pub" "id_ecdsa.pub" "id_ed25519.pub" ];
+        in
+        {
+          users.users.root.openssh.authorizedKeys.keyFiles = lib.filter builtins.pathExists keys;
+        }
+      )
+
+      {
+        # Allow the user to login as root without password.
+        users.extraUsers.root.initialHashedPassword = "";
+
+        # see https://wiki.qemu.org/Documentation/9psetup#Performance_Considerations
+        # == 100M
+        # FIXME? currently 500K seems to be the limit?
+        virtualisation.msize = mkVMDefault 104857600;
+
+        services =
+          let
+            service = if lib.versionAtLeast (lib.versions.majorMinor lib.version) "20.09" then "getty" else "mingetty";
+          in
+          {
+            ${service}.helpLine = ''
+              Log in as "root" with an empty password.
+              If you are connect via serial console:
+              Type Ctrl-a c to switch to the qemu console
+              and `quit` to stop the VM.
+            '';
+          };
+
+        virtualisation = {
+          graphics = mkVMDefault false;
+          memorySize = mkVMDefault 700;
+
+          qemu.consoles = lib.mkIf (!config.virtualisation.graphics) [ "tty0" "hvc0" ];
+
+          qemu.options =
+            let
+              nixProfile = "/nix/var/nix/profiles/per-user/${user}/profile/";
+            in
+            lib.optionals (!config.virtualisation.graphics) [
+              "-serial null"
+              "-device virtio-serial"
+              "-chardev stdio,mux=on,id=char0,signal=off"
+              "-mon chardev=char0,mode=readline"
+              "-device virtconsole,chardev=char0,nr=0"
+            ] ++
+            lib.optional cfg.mounts.mountHome "-virtfs local,path=/home,security_model=none,mount_tag=home" ++
+            lib.optional (cfg.mounts.mountNixProfile && builtins.pathExists nixProfile) "-virtfs local,path=${nixProfile},security_model=none,mount_tag=nixprofile" ++
+            lib.mapAttrsToList (target: mount: "-virtfs local,path=${builtins.toString mount.target},security_model=none,mount_tag=${mount.tag}") cfg.mounts.extraMounts;
+        };
+
+        # build-vm overrides our filesystem settings in nixos-config
+        boot.initrd.postMountCommands =
+          (lib.optionalString cfg.mounts.mountHome ''
+            mkdir -p $targetRoot/home/
+            mount -t 9p home $targetRoot/home/ -o trans=virtio,version=9p2000.L,cache=${cfg.mounts.cache},msize=${toString config.virtualisation.msize}
+          '') +
+          (lib.optionalString (user != "" && cfg.mounts.mountNixProfile) ''
+            mkdir -p $targetRoot/nix/var/nix/profiles/per-user/${user}/profile/
+            mount -t 9p nixprofile $targetRoot/nix/var/nix/profiles/per-user/${user}/profile/ -o trans=virtio,version=9p2000.L,cache=${cfg.mounts.cache},msize=${toString config.virtualisation.msize}
+          '') +
+          builtins.concatStringsSep " " (lib.mapAttrsToList
+            (target: mount: ''
+              mkdir -p $targetRoot/${target}
+              mount -t 9p ${mount.tag} $targetRoot/${target} -o trans=virtio,version=9p2000.L,cache=${mount.cache},msize=${toString config.virtualisation.msize}
+            '')
+            cfg.mounts.extraMounts);
+
+        environment = {
+          systemPackages = with pkgs; [
+            xterm # for resize command
+          ];
+
+          loginShellInit =
+            let
+              pwd = builtins.getEnv "PWD";
+              term = builtins.getEnv "TERM";
+              path = builtins.getEnv "PATH";
+            in
+            ''
+              # fix terminal size
+              eval "$(resize)"
+
+              ${lib.optionalString (pwd != "") "cd '${pwd}' 2>/dev/null"}
+              ${lib.optionalString (term != "") "export TERM='${term}'"}
+              ${lib.optionalString (path != "") "export PATH=\"${path}:$PATH\""}
+            '';
+        };
+
+        networking.firewall.enable = mkVMDefault false;
+      }
+    ];
+}

share/modules/nixos-shell.nix

@@ -0,0 +1,62 @@
+{ lib, options, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    "${toString modulesPath}/virtualisation/qemu-vm.nix"
+  ];
+  
+  options.nixos-shell = with lib; {
+    mounts = let
+      cache = mkOption {
+        type = types.enum ["none" "loose" "fscache" "mmap"];
+        default = "loose"; # bad idea? Well, at least it is fast!1!!
+        description = "9p caching policy";
+      };
+    in {
+      mountHome = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Whether to mount <filename>/home</filename>.";
+      };
+
+      mountNixProfile = mkOption {
+        type = types.bool;
+        default = true;
+        description = "Whether to mount the user's nix profile.";
+      };
+
+      inherit cache;
+
+      extraMounts = mkOption {
+        type = types.attrsOf (types.coercedTo
+          types.path (target: {
+            inherit target;
+          })
+          (types.submodule ({ config, ... }: {
+            options = {
+              target = mkOption {
+                type = types.path;
+                description = "Target on the guest.";
+              };
+
+              inherit cache;
+
+              tag = mkOption {
+                type = types.str;
+                internal = true;
+              };
+            };
+
+            config.tag = lib.mkDefault (
+              builtins.substring 0 31 ( # tags must be shorter than 32 bytes
+                "a" + # tags must not begin with a digit
+                builtins.hashString "md5" config._module.args.name
+              )
+            );
+          }))
+        );
+        default = {};
+      };
+    };
+  };
+}

share/nixos-shell.nix

@@ -0,0 +1,36 @@
+{ nixpkgs ? <nixpkgs>
+, system ? builtins.currentSystem
+, configuration ? <nixos-config>
+
+, flakeUri ? null
+, flakeAttr ? null
+}:
+let
+  nixos-shell = import ./modules/nixos-shell.nix;
+  nixos-shell-config = import ./modules/nixos-shell-config.nix;
+
+  flake = builtins.getFlake flakeUri;
+  flakeSystem = flake.outputs.packages."${system}".nixosConfigurations."${flakeAttr}" or flake.outputs.nixosConfigurations."${flakeAttr}";
+in
+if flakeUri != null then
+  flakeSystem.override
+    (attrs: {
+      modules =
+        let
+          nixosShellModules =
+            if flakeSystem ? options.nixos-shell then
+              [ nixos-shell-config ]
+            else
+              [ nixos-shell nixos-shell-config ];
+        in
+        attrs.modules ++ nixosShellModules;
+    })
+else
+  import "${toString nixpkgs}/nixos/lib/eval-config.nix" {
+    inherit system;
+    modules = [
+      configuration
+      nixos-shell
+      nixos-shell-config
+    ];
+  }