|
106 | 106 | }; |
107 | 107 | } // |
108 | 108 | # wrap self.nixosConfigurations in executable packages |
109 | | - builtins.foldl' (result: systemName: |
110 | | - let |
111 | | - nixos = self.nixosConfigurations.${systemName}; |
112 | | - name = builtins.replaceStrings [ "${system}-" ] [ "" ] systemName; |
113 | | - inherit (nixos.config.microvm) hypervisor; |
114 | | - in |
115 | | - if nixos.pkgs.stdenv.hostPlatform.system == nixpkgs.lib.replaceString "-darwin" "-linux" system |
116 | | - then result // { |
117 | | - "${name}" = nixos.config.microvm.runner.${hypervisor}; |
118 | | - } |
119 | | - else result |
120 | | - ) {} (builtins.attrNames self.nixosConfigurations); |
| 109 | + nixpkgs.lib.listToAttrs ( |
| 110 | + nixpkgs.lib.concatMap (configName: |
| 111 | + let |
| 112 | + config = self.nixosConfigurations.${configName}; |
| 113 | + packageName = builtins.replaceStrings [ "${system}-" ] [ "" ] configName; |
| 114 | + # Check if this config's guest system matches our current build system |
| 115 | + # (accounting for darwin hosts building linux guests) |
| 116 | + guestSystem = config.pkgs.stdenv.hostPlatform.system; |
| 117 | + buildSystem = nixpkgs.lib.replaceString "-darwin" "-linux" system; |
| 118 | + in |
| 119 | + if guestSystem == buildSystem |
| 120 | + then [{ |
| 121 | + name = packageName; |
| 122 | + value = config.config.microvm.runner.${config.config.microvm.hypervisor}; |
| 123 | + }] |
| 124 | + else [] |
| 125 | + ) (builtins.attrNames self.nixosConfigurations) |
| 126 | + ); |
121 | 127 |
|
122 | 128 | # Takes too much memory in `nix flake show` |
123 | 129 | # checks = import ./checks { inherit self nixpkgs system; }; |
|
158 | 164 | ]; |
159 | 165 | hypervisorsWithUserNet = [ "qemu" "kvmtool" "vfkit" ]; |
160 | 166 | hypervisorsDarwinOnly = [ "vfkit" ]; |
| 167 | + hypervisorsWithTap = builtins.filter |
| 168 | + # vfkit supports networking, but does not support tap |
| 169 | + (hv: hv != "vfkit") |
| 170 | + self.lib.hypervisorsWithNetwork; |
| 171 | + |
| 172 | + isDarwinOnly = hypervisor: builtins.elem hypervisor hypervisorsDarwinOnly; |
| 173 | + isDarwinSystem = system: nixpkgs.lib.hasSuffix "-darwin" system; |
| 174 | + hypervisorSupportsSystem = hypervisor: system: |
| 175 | + # Darwin-only hypervisors only work on darwin, others work everywhere |
| 176 | + !(isDarwinOnly hypervisor && !(isDarwinSystem system)); |
| 177 | + |
161 | 178 | makeExample = { system, hypervisor, config ? {} }: |
162 | 179 | nixpkgs.lib.nixosSystem { |
163 | 180 | system = nixpkgs.lib.replaceString "-darwin" "-linux" system; |
|
216 | 233 | config |
217 | 234 | ]; |
218 | 235 | }; |
219 | | - in |
220 | | - (builtins.foldl' (results: system: |
221 | | - builtins.foldl' ({ result, n }: hypervisor: |
222 | | - let |
223 | | - # Skip darwin-only hypervisors on Linux systems |
224 | | - isDarwinOnly = builtins.elem hypervisor hypervisorsDarwinOnly; |
225 | | - isDarwinSystem = nixpkgs.lib.hasSuffix "-darwin" system; |
226 | | - shouldSkip = isDarwinOnly && !isDarwinSystem; |
227 | | - in |
228 | | - if shouldSkip then { inherit result n; } |
229 | | - else { |
230 | | - result = result // { |
231 | | - "${system}-${hypervisor}-example" = makeExample { |
232 | | - inherit system hypervisor; |
233 | | - }; |
234 | | - } // |
235 | | - # Skip tap example for darwin-only hypervisors (vfkit doesn't support tap) |
236 | | - nixpkgs.lib.optionalAttrs (builtins.elem hypervisor self.lib.hypervisorsWithNetwork && !isDarwinOnly) { |
237 | | - "${system}-${hypervisor}-example-with-tap" = makeExample { |
238 | | - inherit system hypervisor; |
239 | | - config = _: { |
240 | | - microvm.interfaces = [ { |
241 | | - type = "tap"; |
242 | | - id = "vm-${builtins.substring 0 4 hypervisor}"; |
243 | | - mac = "02:00:00:01:01:0${toString n}"; |
244 | | - } ]; |
245 | | - networking = { |
246 | | - interfaces.eth0.useDHCP = true; |
247 | | - firewall.allowedTCPPorts = [ 22 ]; |
248 | | - }; |
249 | | - services.openssh = { |
250 | | - enable = true; |
251 | | - settings.PermitRootLogin = "yes"; |
252 | | - }; |
| 236 | + |
| 237 | + basicExamples = nixpkgs.lib.flatten ( |
| 238 | + builtins.map (system: |
| 239 | + builtins.map (hypervisor: { |
| 240 | + name = "${system}-${hypervisor}-example"; |
| 241 | + value = makeExample { inherit system hypervisor; }; |
| 242 | + shouldInclude = hypervisorSupportsSystem hypervisor system; |
| 243 | + }) self.lib.hypervisors |
| 244 | + ) systems |
| 245 | + ); |
| 246 | + |
| 247 | + tapExamples = nixpkgs.lib.flatten ( |
| 248 | + builtins.map (system: |
| 249 | + nixpkgs.lib.imap1 (idx: hypervisor: { |
| 250 | + name = "${system}-${hypervisor}-example-with-tap"; |
| 251 | + value = makeExample { |
| 252 | + inherit system hypervisor; |
| 253 | + config = _: { |
| 254 | + microvm.interfaces = [ { |
| 255 | + type = "tap"; |
| 256 | + id = "vm-${builtins.substring 0 4 hypervisor}"; |
| 257 | + mac = "02:00:00:01:01:0${toString idx}"; |
| 258 | + } ]; |
| 259 | + networking = { |
| 260 | + interfaces.eth0.useDHCP = true; |
| 261 | + firewall.allowedTCPPorts = [ 22 ]; |
| 262 | + }; |
| 263 | + services.openssh = { |
| 264 | + enable = true; |
| 265 | + settings.PermitRootLogin = "yes"; |
253 | 266 | }; |
254 | 267 | }; |
255 | 268 | }; |
256 | | - n = n + 1; |
257 | | - } |
258 | | - ) results self.lib.hypervisors |
259 | | - ) { result = {}; n = 1; } systems).result; |
| 269 | + shouldInclude = builtins.elem hypervisor hypervisorsWithTap |
| 270 | + && hypervisorSupportsSystem hypervisor system; |
| 271 | + }) self.lib.hypervisors |
| 272 | + ) systems |
| 273 | + ); |
| 274 | + |
| 275 | + included = builtins.filter (ex: ex.shouldInclude) (basicExamples ++ tapExamples); |
| 276 | + in |
| 277 | + builtins.listToAttrs (builtins.map ({ name, value, ... }: { inherit name value; }) included); |
260 | 278 | }; |
261 | 279 | } |
0 commit comments