WiP! nixosConfigurations, tor
This commit is contained in:
parent
90369c1963
commit
26dc2e400b
|
@ -6,7 +6,44 @@
|
||||||
modules = [
|
modules = [
|
||||||
genodepkgs.nixosModules.x86_64
|
genodepkgs.nixosModules.x86_64
|
||||||
genodepkgs.nixosModules.nova
|
genodepkgs.nixosModules.nova
|
||||||
|
|
||||||
(import ./tor-relay.nix)
|
(import ./tor-relay.nix)
|
||||||
|
|
||||||
|
({ config, pkgs, ... }: {
|
||||||
|
system.build.libvirtDomain = with pkgs;
|
||||||
|
stdenv.mkDerivation {
|
||||||
|
name = config.system.name + ".libvirt";
|
||||||
|
|
||||||
|
# nativeBuildInputs = with pkgs.buildPackages; [ libvirt ];
|
||||||
|
|
||||||
|
buildCommand = ''
|
||||||
|
mkdir -p $out
|
||||||
|
virtXml=$out/libvirt-domain.xml
|
||||||
|
cat > $virtXml << EOF
|
||||||
|
<?xml version="1.0"?>
|
||||||
|
<domain type="qemu">
|
||||||
|
<name>${config.system.name}</name>
|
||||||
|
<memory>${toString config.virtualisation.memorySize}</memory>
|
||||||
|
<vcpu>${toString config.virtualisation.cores}</vcpu>
|
||||||
|
<os>
|
||||||
|
<type arch="x86_64" machine="pc">hvm</type>
|
||||||
|
<kernel>${config.virtualisation.qemu.kernel}</kernel>
|
||||||
|
<initrd>${config.virtualisation.qemu.initrd}</initrd>
|
||||||
|
<cmdline>${config.virtualisation.qemu.cmdline}</cmdline>
|
||||||
|
</os>
|
||||||
|
<devices>
|
||||||
|
<emulator>qemu-system-x86_64</emulator>
|
||||||
|
<interface type="network">
|
||||||
|
<source network="default"/>
|
||||||
|
</interface>
|
||||||
|
</devices>
|
||||||
|
</domain>
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# virt-xml-validate $virtXml
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
})
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -39,6 +39,12 @@ in {
|
||||||
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
|
"-initrd '${pkgs.genodePackages.NOVA}/hypervisor-x86_64 arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf'"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
virtualisation.qemu.kernel = "${pkgs.genodePackages.bender}/share/bender/bender";
|
||||||
|
|
||||||
|
virtualisation.qemu.initrd = "${pkgs.genodePackages.NOVA}/hypervisor-x86_64";
|
||||||
|
|
||||||
|
virtualisation.qemu.cmdline = "arg=iommu logmem novpid serial,${config.genode.boot.image}/image.elf";
|
||||||
|
|
||||||
boot.loader.grub.extraEntries = ''
|
boot.loader.grub.extraEntries = ''
|
||||||
menuentry 'Genode on NOVA' {
|
menuentry 'Genode on NOVA' {
|
||||||
insmod multiboot2
|
insmod multiboot2
|
||||||
|
|
|
@ -144,7 +144,6 @@ let
|
||||||
-name ${config.system.name} \
|
-name ${config.system.name} \
|
||||||
-m ${toString config.virtualisation.memorySize} \
|
-m ${toString config.virtualisation.memorySize} \
|
||||||
-smp ${toString config.virtualisation.cores} \
|
-smp ${toString config.virtualisation.cores} \
|
||||||
-device virtio-rng-pci \
|
|
||||||
${concatStringsSep " " config.virtualisation.qemu.networkingOptions} \
|
${concatStringsSep " " config.virtualisation.qemu.networkingOptions} \
|
||||||
-virtfs local,path=/nix/store,security_model=none,mount_tag=store \
|
-virtfs local,path=/nix/store,security_model=none,mount_tag=store \
|
||||||
-virtfs local,path=$TMPDIR/xchg,security_model=none,mount_tag=xchg \
|
-virtfs local,path=$TMPDIR/xchg,security_model=none,mount_tag=xchg \
|
||||||
|
@ -404,6 +403,23 @@ in {
|
||||||
Enable the Qemu guest agent.
|
Enable the Qemu guest agent.
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
kernel = mkOption {
|
||||||
|
type = types.path;
|
||||||
|
description = "Guest kernel.";
|
||||||
|
};
|
||||||
|
|
||||||
|
initrd = mkOption {
|
||||||
|
type = types.path;
|
||||||
|
description = "Guest initrd.";
|
||||||
|
};
|
||||||
|
|
||||||
|
cmdline = mkOption {
|
||||||
|
type = types.str;
|
||||||
|
description = "Command line options to pass to guest.";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
virtualisation.useBootLoader = mkOption {
|
virtualisation.useBootLoader = mkOption {
|
||||||
|
@ -506,16 +522,6 @@ in {
|
||||||
|
|
||||||
# FIXME: Consolidate this one day.
|
# FIXME: Consolidate this one day.
|
||||||
virtualisation.qemu.options = mkMerge [
|
virtualisation.qemu.options = mkMerge [
|
||||||
(mkIf (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) [
|
|
||||||
"-usb"
|
|
||||||
"-device usb-tablet,bus=usb-bus.0"
|
|
||||||
])
|
|
||||||
(mkIf (pkgs.stdenv.isAarch32 || pkgs.stdenv.isAarch64) [
|
|
||||||
"-device virtio-gpu-pci"
|
|
||||||
"-device usb-ehci,id=usb0"
|
|
||||||
"-device usb-kbd"
|
|
||||||
"-device usb-tablet"
|
|
||||||
])
|
|
||||||
(mkIf cfg.useEFIBoot [
|
(mkIf cfg.useEFIBoot [
|
||||||
"-drive if=pflash,format=raw,unit=0,readonly,file=${efiFirmware}"
|
"-drive if=pflash,format=raw,unit=0,readonly,file=${efiFirmware}"
|
||||||
"-drive if=pflash,format=raw,unit=1,file=$NIX_EFI_VARS"
|
"-drive if=pflash,format=raw,unit=1,file=$NIX_EFI_VARS"
|
||||||
|
|
Loading…
Reference in New Issue