diff options
| author | nzbr <mail@nzbr.de> | 2023-09-29 23:25:53 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-09-29 23:25:53 +0200 |
| commit | 8735bdfa5fdfa6e90d944ff9f5f806668b53eacb (patch) | |
| tree | 64148d00bbc6f8e1d7ba099cfbf31123113db2f8 /modules | |
| parent | e7d93d0f478b6fbb47c00d03449dc3d08b90abb7 (diff) | |
| parent | ff1413aa34c525bf01145b40b99acfb7868ab285 (diff) | |
Merge pull request #295 from nix-community/prep-release
New release preparation
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/build-tarball.nix | 177 | ||||
| -rw-r--r-- | modules/default.nix | 12 | ||||
| -rw-r--r-- | modules/docker-desktop.nix (renamed from modules/docker/docker-desktop.nix) | 0 | ||||
| -rw-r--r-- | modules/docker/default.nix | 6 | ||||
| -rw-r--r-- | modules/docker/native.nix | 34 | ||||
| -rw-r--r-- | modules/installer.nix | 72 | ||||
| -rw-r--r-- | modules/interop.nix | 58 | ||||
| -rw-r--r-- | modules/recovery.nix | 4 | ||||
| -rw-r--r-- | modules/systemd/default.nix | 4 | ||||
| -rw-r--r-- | modules/systemd/syschdemd/syschdemd.sh | 2 | ||||
| -rw-r--r-- | modules/wsl-conf.nix | 2 | ||||
| -rw-r--r-- | modules/wsl-distro.nix | 7 |
12 files changed, 104 insertions, 274 deletions
diff --git a/modules/build-tarball.nix b/modules/build-tarball.nix index d2e5231..f48c9ce 100644 --- a/modules/build-tarball.nix +++ b/modules/build-tarball.nix @@ -1,112 +1,95 @@ { config, pkgs, lib, ... }: with builtins; with lib; let - cfg = config.wsl.tarball; - - pkgs2storeContents = l: map (x: { object = x; symlink = "none"; }) l; - - nixpkgs = lib.cleanSource pkgs.path; - - channelSources = pkgs.runCommand "nixos-${config.system.nixos.version}" - { preferLocalBuild = true; } - '' - mkdir -p $out - cp -prd ${nixpkgs.outPath} $out/nixos - chmod -R u+w $out/nixos - if [ ! -e $out/nixos/nixpkgs ]; then - ln -s . $out/nixos/nixpkgs - fi - echo -n ${toString config.system.nixos.revision} > $out/nixos/.git-revision - echo -n ${toString config.system.nixos.versionSuffix} > $out/nixos/.version-suffix - echo ${toString config.system.nixos.versionSuffix} | sed -e s/pre// > $out/nixos/svn-revision - ''; - - preparer = pkgs.writeShellScriptBin "wsl-prepare" ('' - set -e - - mkdir -m 0755 ./bin ./etc - mkdir -m 1777 ./tmp - - # WSL requires a /bin/sh - only temporary, NixOS's activate will overwrite - ln -s ${config.users.users.root.shell} ./bin/sh - - # WSL also requires a /bin/mount, otherwise the host fs isn't accessible - ln -s /nix/var/nix/profiles/system/sw/bin/mount ./bin/mount - - # Set system profile - system=${config.system.build.toplevel} - ./$system/sw/bin/nix-store --store `pwd` --load-db < ./nix-path-registration - rm ./nix-path-registration - ./$system/sw/bin/nix-env --store `pwd` -p ./nix/var/nix/profiles/system --set $system - - # Set channel - mkdir -p ./nix/var/nix/profiles/per-user/root - ./$system/sw/bin/nix-env --store `pwd` -p ./nix/var/nix/profiles/per-user/root/channels --set ${channelSources} - mkdir -m 0700 -p ./root/.nix-defexpr - ln -s /nix/var/nix/profiles/per-user/root/channels ./root/.nix-defexpr/channels - - # It's now a NixOS! - touch ./etc/NIXOS - - # Write wsl.conf so that it is present when NixOS is started for the first time - cp ${config.environment.etc."wsl.conf".source} ./etc/wsl.conf - - '' + lib.optionalString cfg.includeConfig '' - ${if cfg.configPath == null then '' - # Copy the system configuration - mkdir -p ./etc/nixos/nixos-wsl - cp -R ${lib.cleanSource ../.}/. ./etc/nixos/nixos-wsl - mv ./etc/nixos/nixos-wsl/configuration.nix ./etc/nixos/configuration.nix - # Patch the import path to avoid having a flake.nix in /etc/nixos - sed -i 's|import \./default\.nix|import \./nixos-wsl|' ./etc/nixos/configuration.nix - '' else '' - mkdir -p ./etc/nixos - cp -R ${lib.cleanSource cfg.configPath}/. ./etc/nixos - ''} - chmod -R u+w etc/nixos - ''); + cfg = config.wsl; -in -{ - - options.wsl.tarball = { - includeConfig = mkOption { - type = types.bool; - default = true; - description = "Whether or not to copy the system configuration into the tarball"; - }; - - configPath = mkOption { - type = types.nullOr types.path; - default = null; - description = "Path to system configuration which is copied into the tarball"; - }; - }; + defaultConfig = pkgs.writeText "default-configuration.nix" '' + # Edit this configuration file to define what should be installed on + # your system. Help is available in the configuration.nix(5) man page, on + # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + # NixOS-WSL specific options are documented on the NixOS-WSL repository: + # https://github.com/nix-community/NixOS-WSL - config = mkIf config.wsl.enable { - # These options make no sense without the wsl-distro module anyway + { config, lib, pkgs, ... }: - system.build.tarball = pkgs.callPackage "${nixpkgs}/nixos/lib/make-system-tarball.nix" { - - contents = [ - { source = config.users.users.root.shell; target = "/nix/nixos-wsl/entrypoint"; } + { + imports = [ + # include NixOS-WSL modules + <nixos-wsl/modules> ]; - fileName = "nixos-wsl-${pkgs.hostPlatform.system}"; + wsl.enable = true; + wsl.defaultUser = "nixos"; + ${cfg.extraTarballConfig} + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It's perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "${config.system.nixos.release}"; # Did you read the comment? + } + ''; +in +{ + options.wsl.extraTarballConfig = mkOption { + type = types.str; + internal = true; + default = ""; + }; - storeContents = pkgs2storeContents [ - config.system.build.toplevel - channelSources - preparer - ]; + # These options make no sense without the wsl-distro module anyway + config = mkIf cfg.enable { + system.build.tarballBuilder = pkgs.writeShellApplication { + name = "nixos-wsl-tarball-builder"; - extraCommands = "${preparer}/bin/wsl-prepare"; + runtimeInputs = [ + pkgs.coreutils + pkgs.gnutar + pkgs.nixos-install-tools + config.nix.package + ]; - # Use gzip - compressCommand = "gzip"; - compressionExtension = ".gz"; + text = '' + if ! [ $EUID -eq 0 ]; then + echo "This script must be run as root!" + exit 1 + fi + + out=''${1:-nixos-wsl.tar.gz} + + root=$(mktemp -p "''${TMPDIR:-/tmp}" -d nixos-wsl-tarball.XXXXXXXXXX) + # FIXME: fails in CI for some reason, but we don't really care because it's CI + trap 'rm -rf "$root" || true' INT TERM EXIT + + chmod o+rx "$root" + + echo "[NixOS-WSL] Installing..." + nixos-install \ + --root "$root" \ + --no-root-passwd \ + --system ${config.system.build.toplevel} \ + --substituters "" + + echo "[NixOS-WSL] Adding channel..." + nixos-enter --root "$root" --command 'nix-channel --add https://github.com/nix-community/NixOS-WSL/archive/refs/heads/main.tar.gz nixos-wsl' + + echo "[NixOS-WSL] Adding default config..." + install -Dm644 ${defaultConfig} "$root/etc/nixos/configuration.nix" + + echo "[NixOS-WSL] Compressing..." + tar -C "$root" \ + -cz \ + --sort=name \ + --mtime='@1' \ + --owner=0 \ + --group=0 \ + --numeric-owner \ + . \ + > "$out" + ''; }; - }; } diff --git a/modules/default.nix b/modules/default.nix index 0278634..08a612a 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,13 +1,19 @@ -{ ... }: { +{ lib, ... }: { imports = [ ./build-tarball.nix - ./docker - ./installer.nix + ./docker-desktop.nix ./interop.nix ./recovery.nix ./systemd ./version.nix ./wsl-conf.nix ./wsl-distro.nix + + (lib.mkRemovedOptionModule [ "wsl" "docker-native" ] + "Additional workarounds are no longer required for Docker to work. Please use the standard `virtualisation.docker` NixOS options.") + (lib.mkRemovedOptionModule [ "wsl" "interop" "preserveArgvZero" ] + "wsl.interop.preserveArgvZero is now always enabled, as used by modern WSL versions.") + (lib.mkRemovedOptionModule [ "wsl" "tarball" ] + "The tarball is now always generated with a default configuration.nix.") ]; } diff --git a/modules/docker/docker-desktop.nix b/modules/docker-desktop.nix index e2ae076..e2ae076 100644 --- a/modules/docker/docker-desktop.nix +++ b/modules/docker-desktop.nix diff --git a/modules/docker/default.nix b/modules/docker/default.nix deleted file mode 100644 index 176b95b..0000000 --- a/modules/docker/default.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ ... }: { - imports = [ - ./docker-desktop.nix - ./native.nix - ]; -} diff --git a/modules/docker/native.nix b/modules/docker/native.nix deleted file mode 100644 index 88f48d9..0000000 --- a/modules/docker/native.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, ... }: -with builtins; with lib; { - - options.wsl.docker-native = with types; { - enable = mkEnableOption "Native Docker integration in NixOS."; - - addToDockerGroup = mkOption { - type = bool; - default = config.security.sudo.wheelNeedsPassword; - description = '' - Wether to add the default user to the docker group. - - This is not recommended, if you have a password, because it essentially permits unauthenticated root access. - ''; - }; - }; - - config = - let - cfg = config.wsl.docker-native; - in - mkIf (config.wsl.enable && cfg.enable) { - environment.systemPackages = with pkgs; [ - docker-compose - ]; - - virtualisation.docker.package = (pkgs.docker.override { iptables = pkgs.iptables-legacy; }); - virtualisation.docker.enable = true; - - users.groups.docker.members = lib.mkIf cfg.addToDockerGroup [ - config.wsl.defaultUser - ]; - }; -} diff --git a/modules/installer.nix b/modules/installer.nix deleted file mode 100644 index 74cd7b2..0000000 --- a/modules/installer.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ config, lib, pkgs, ... }: -with builtins; with lib; { - - config = mkIf config.wsl.enable ( - let - mkTarball = pkgs.callPackage "${lib.cleanSource pkgs.path}/nixos/lib/make-system-tarball.nix"; - - pkgs2storeContents = map (x: { object = x; symlink = "none"; }); - - rootfs = let tarball = config.system.build.tarball; in "${tarball}/tarball/${tarball.fileName}.tar${tarball.extension}"; - - installer = pkgs.writeScript "installer.sh" '' - #!${pkgs.busybox}/bin/sh - BASEPATH=$PATH - export PATH=$BASEPATH:${pkgs.busybox}/bin # Add busybox to path - - set -e - cd / - - echo "Unpacking root file system..." - ${pkgs.pv}/bin/pv ${rootfs} | tar xz - - echo "Activating nix configuration..." - LANG="C.UTF-8" /nix/var/nix/profiles/system/activate - PATH=$BASEPATH:/run/current-system/sw/bin # Use packages from target system - - echo "Cleaning up installer files..." - nix-collect-garbage - rm /nix-path-registration - - echo "Optimizing store..." - nix-store --optimize - - # Don't package the shell here, it's contained in the rootfs - exec ${builtins.unsafeDiscardStringContext config.users.users.root.shell} "$@" - ''; - - # Set installer.sh as the root shell - passwd = pkgs.writeText "passwd" '' - root:x:0:0:System administrator:/root:${installer} - ''; - in - { - - system.build.installer = mkTarball { - fileName = "nixos-wsl-installer"; - compressCommand = "gzip"; - compressionExtension = ".gz"; - extraArgs = "--hard-dereference"; - - storeContents = pkgs2storeContents [ installer ]; - - contents = [ - { source = config.environment.etc."wsl.conf".source; target = "/etc/wsl.conf"; } - { source = config.environment.etc."fstab".source; target = "/etc/fstab"; } - { source = passwd; target = "/etc/passwd"; } - { source = "${pkgs.busybox}/bin/busybox"; target = "/bin/sh"; } - { source = "${pkgs.busybox}/bin/busybox"; target = "/bin/mount"; } - { source = "${installer}"; target = "/nix/nixos-wsl/entrypoint"; } - ]; - - extraCommands = pkgs.writeShellScript "prepare" '' - export PATH=$PATH:${pkgs.coreutils}/bin - mkdir -p bin - ln -s /init bin/wslpath - ''; - }; - - } - ); - -} diff --git a/modules/interop.nix b/modules/interop.nix index d055d4b..bcd3040 100644 --- a/modules/interop.nix +++ b/modules/interop.nix @@ -1,11 +1,7 @@ -{ lib, pkgs, config, ... }: +{ lib, config, ... }: with builtins; with lib; { - imports = [ - (mkRenamedOptionModule [ "wsl" "compatibility" "interopPreserveArgvZero" ] [ "wsl" "interop" "preserveArgvZero" ]) - ]; - options.wsl.interop = with types; { register = mkOption { type = bool; @@ -18,18 +14,6 @@ with builtins; with lib; default = true; description = "Include Windows PATH in WSL PATH"; }; - - preserveArgvZero = mkOption { - type = nullOr bool; - default = null; - description = '' - Register binfmt interpreter for Windows executables with 'preserves argv[0]' flag. - - Default (null): autodetect, at some performance cost. - To avoid the performance cost, set this to true for WSL Preview 0.58 and up, - or to false for any older versions, including pre-Microsoft Store and Windows 10. - ''; - }; }; config = @@ -39,39 +23,13 @@ with builtins; with lib; mkIf config.wsl.enable { boot.binfmt.registrations = mkIf cfg.register { - WSLInterop = - let - compat = cfg.preserveArgvZero; - - # WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable - # with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked - # as `/init foo.exe ./foo.exe`. - # argv[0] --^ ^-- actual path - # - # Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`. - # - # We detect that by running `/init /known-not-existing-path.exe` and checking the exit code: - # the new style interp expects at least two arguments, so exits with exit code 1, - # presumably meaning "parsing error"; the old style interp attempts to actually run - # the executable, fails to find it, and exits with 255. - compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" '' - /init /nixos-wsl-does-not-exist.exe - [ $? -eq 255 ] && shift - exec /init "$@" - ''; - - # use the autodetect hack if unset, otherwise call /init directly - interpreter = if compat == null then compatWrapper else "/init"; - - # enable for the wrapper and autodetect hack - preserveArgvZero = if compat == false then false else true; - in - { - magicOrExtension = "MZ"; - fixBinary = true; - wrapInterpreterInShell = false; - inherit interpreter preserveArgvZero; - }; + WSLInterop = { + magicOrExtension = "MZ"; + fixBinary = true; + wrapInterpreterInShell = false; + interpreter = "/init"; + preserveArgvZero = true; + }; }; warnings = diff --git a/modules/recovery.nix b/modules/recovery.nix index ec29da6..2352d51 100644 --- a/modules/recovery.nix +++ b/modules/recovery.nix @@ -1,7 +1,5 @@ -{ config, pkgs, lib, ... }: -with lib; +{ config, pkgs, ... }: let - nixos-enter' = config.system.build.nixos-enter.overrideAttrs (_: { runtimeShell = "/bin/bash"; }); diff --git a/modules/systemd/default.nix b/modules/systemd/default.nix index c6c2337..9199bcb 100644 --- a/modules/systemd/default.nix +++ b/modules/systemd/default.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, ... }: +{ config, lib, ... }: with lib; { imports = [ @@ -9,7 +9,7 @@ with lib; { options.wsl = with types; { nativeSystemd = mkOption { type = bool; - default = false; + default = true; description = "Use native WSL systemd support"; }; }; diff --git a/modules/systemd/syschdemd/syschdemd.sh b/modules/systemd/syschdemd/syschdemd.sh index fa0ffe5..75f10aa 100644 --- a/modules/systemd/syschdemd/syschdemd.sh +++ b/modules/systemd/syschdemd/syschdemd.sh @@ -38,6 +38,8 @@ run_in_namespace() { } start_systemd() { + mount --bind --make-private $rundir $rundir + daemonize \ -o $rundir/stdout \ -e $rundir/stderr \ diff --git a/modules/wsl-conf.nix b/modules/wsl-conf.nix index 0058f29..877041a 100644 --- a/modules/wsl-conf.nix +++ b/modules/wsl-conf.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, config, ... }: +{ lib, config, ... }: with lib; { imports = [ diff --git a/modules/wsl-distro.nix b/modules/wsl-distro.nix index 0b7648d..f2279e3 100644 --- a/modules/wsl-distro.nix +++ b/modules/wsl-distro.nix @@ -1,4 +1,4 @@ -{ lib, pkgs, config, options, ... }: +{ lib, pkgs, config, ... }: with builtins; with lib; @@ -132,11 +132,6 @@ in config.wsl.extraBin )} ''); - # TODO: This is only needed for the docker tests, it can be removed when they are moved to something else - update-entrypoint.text = '' - mkdir -p /nix/nixos-wsl - ln -sfn ${config.users.users.root.shell} /nix/nixos-wsl/entrypoint - ''; }; # require people to use lib.mkForce to make it harder to brick their installation |