-
Notifications
You must be signed in to change notification settings - Fork 2
/
default.nix
118 lines (101 loc) · 3.77 KB
/
default.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
{ generic, pkgs, lib, system }:
let
imagesJSON = lib.importJSON ./images.json;
fetchImage = image: pkgs.fetchurl {
inherit (image) hash;
url = "https://download.fedoraproject.org/pub/fedora/linux/releases/${image.name}";
};
images = lib.mapAttrs (k: v: fetchImage v) imagesJSON.${system};
makeVmTestForImage = image: { testScript, sharedDirs, diskSize ? null }: generic.makeVmTest {
inherit system testScript sharedDirs;
image = prepareFedoraImage {
inherit diskSize;
hostPkgs = pkgs;
originalImage = image;
};
};
resizeService = pkgs.writeText "resizeService" ''
[Service]
Type = oneshot
ExecStart = growpart /dev/sda 5
ExecStart = btrfs filesystem resize max /
[Install]
WantedBy = multi-user.target
'';
backdoor = pkgs.writeText "backdoor.service" ''
[Unit]
Requires = dev-hvc0.device dev-ttyS0.device mount-store.service
After = dev-hvc0.device dev-ttyS0.device mount-store.service
# Keep this unit active when we switch to rescue mode for instance
IgnoreOnIsolate = true
[Service]
ExecStart = /usr/bin/backdoorScript
KillSignal = SIGHUP
[Install]
WantedBy = multi-user.target
'';
prepareFedoraImage = { hostPkgs, originalImage, diskSize }:
let
pkgs = hostPkgs;
resultImg = "./image.qcow2";
# The nix store paths that need to be added to the nix DB for this node.
in
pkgs.runCommand "${originalImage.name}-nix-vm-test.qcow2" { } ''
# We will modify the VM image, so we need a mutable copy
install -m777 ${originalImage} ${resultImg}
# Copy the service files here, since otherwise they end up in the VM
# with their paths including the nix hash
cp ${backdoor} backdoor.service
cp ${generic.mountStore} mount-store.service
cp ${resizeService} resizeguest.service
cp ${generic.backdoorScript} backdoorScript
# Patching the patched shebang to a reasonable path: /bin/bash.
# Mic92 approves this.
sed -i 's/\/nix\/store\/.*/\/bin\/bash/g' backdoorScript
# virt-resize depends on qemu-img, which is part of the qemu
# derivation
${lib.optionalString (diskSize != null) ''
export PATH="${pkgs.qemu}/bin:$PATH"
qemu-img resize ${resultImg} ${diskSize}
''}
#export LIBGUESTFS_DEBUG=1 LIBGUESTFS_TRACE=1
${lib.concatStringsSep " \\\n" [
"${pkgs.guestfs-tools}/bin/virt-customize"
"-a ${resultImg}"
"--smp 2"
"--memsize 256"
"--no-network"
"--copy-in backdoorScript:/usr/bin"
"--copy-in backdoor.service:/etc/systemd/system"
"--copy-in mount-store.service:/etc/systemd/system"
"--copy-in resizeguest.service:/etc/systemd/system"
"--run"
(pkgs.writeShellScript "run-script" ''
# Clear the root password
passwd -d root
groupadd nixbld
# Don't spawn ttys on these devices, they are used for test instrumentation
systemctl mask serial-getty@ttyS0.service
systemctl mask serial-getty@hvc0.service
# We have no network in the test VMs, avoid an error on bootup
systemctl mask ssh.service
systemctl mask ssh.socket
# Retrieve guest interface conf via DHCP
cat << EOF >> /etc/systemd/network/80-ens4.network
[Match]
Name=ens4
[Network]
DHCP=yes
EOF
${lib.optionalString (diskSize != null) ''
systemctl enable resizeguest.service
''}
systemctl enable register-nix-paths.service
systemctl enable backdoor.service
'')
]};
cp ${resultImg} $out
'';
in {
inherit images prepareFedoraImage;
} // lib.mapAttrs (k: v: makeVmTestForImage v) images