From b14ef72bf0374970cbd90818209393733f7912d0 Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Mon, 30 Dec 2024 00:13:17 +0900
Subject: [PATCH] cmd/fpkg/start: prepare nixGL before start

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 cmd/fpkg/install.go |  11 +++--
 cmd/fpkg/start.go   | 105 ++++++++++++++++++++++++++++++++------------
 2 files changed, 84 insertions(+), 32 deletions(-)

diff --git a/cmd/fpkg/install.go b/cmd/fpkg/install.go
index 9bbb34e..0abb51f 100644
--- a/cmd/fpkg/install.go
+++ b/cmd/fpkg/install.go
@@ -155,7 +155,7 @@ func actionInstall(args []string) {
 		"rm -rf .local/state/{nix,home-manager}",
 		// run activation script
 		bundle.ActivationPackage + "/activate",
-	}, false, app, pathSet, dropShellActivate, cleanup)
+	}, false, func(config *fst.Config) *fst.Config { return config }, app, pathSet, dropShellActivate, cleanup)
 
 	/*
 		Installation complete. Write metadata to block re-installs or downgrades.
@@ -184,8 +184,11 @@ func actionInstall(args []string) {
 	cleanup()
 }
 
-func withNixDaemon(action string, command []string, net bool, app *bundleInfo, pathSet *appPathSet, dropShell bool, beforeFail func()) {
-	fortifyAppDropShell(&fst.Config{
+func withNixDaemon(
+	action string, command []string, net bool, updateConfig func(config *fst.Config) *fst.Config,
+	app *bundleInfo, pathSet *appPathSet, dropShell bool, beforeFail func(),
+) {
+	fortifyAppDropShell(updateConfig(&fst.Config{
 		ID: app.ID,
 		Command: []string{shell, "-lc", "rm -f /nix/var/nix/daemon-socket/socket && " +
 			// start nix-daemon
@@ -223,7 +226,7 @@ func withNixDaemon(action string, command []string, net bool, app *bundleInfo, p
 				{Ensure: true, Path: pathSet.baseDir, Read: true, Write: true, Execute: true},
 			},
 		},
-	}, dropShell, beforeFail)
+	}), dropShell, beforeFail)
 }
 
 func withCacheDir(action string, command []string, workDir string, app *bundleInfo, pathSet *appPathSet, dropShell bool, beforeFail func()) {
diff --git a/cmd/fpkg/start.go b/cmd/fpkg/start.go
index 372ca70..ae9c87e 100644
--- a/cmd/fpkg/start.go
+++ b/cmd/fpkg/start.go
@@ -10,8 +10,12 @@ import (
 
 func actionStart(args []string) {
 	set := flag.NewFlagSet("start", flag.ExitOnError)
-	var dropShell bool
+	var (
+		dropShell      bool
+		dropShellNixGL bool
+	)
 	set.BoolVar(&dropShell, "s", false, "Drop to a shell")
+	set.BoolVar(&dropShellNixGL, "sg", false, "Drop to a shell on nixGL build")
 
 	// Ignore errors; set is set for ExitOnError.
 	_ = set.Parse(args)
@@ -21,14 +25,47 @@ func actionStart(args []string) {
 	if len(args) < 1 {
 		fmsg.Fatal("invalid argument")
 	}
+
+	/*
+		Parse app metadata.
+	*/
+
 	id := args[0]
 	pathSet := pathSetByApp(id)
 	app := loadBundleInfo(pathSet.metaPath, func() {})
-
 	if app.ID != id {
 		fmsg.Fatalf("app %q claims to have identifier %q", id, app.ID)
 	}
 
+	/*
+		Prepare nixGL.
+	*/
+
+	if app.GPU {
+		withNixDaemon("nix-gl", []string{
+			"ln -sf $(nix build --impure " +
+				"--no-link --print-out-paths " +
+				"--override-input nixpkgs path:/etc/nixpkgs " +
+				"path:" + app.NixGL +
+				")/bin/nixGL /nix/.nixGL",
+		}, true, func(config *fst.Config) *fst.Config {
+			config.Confinement.Sandbox.Filesystem = append(config.Confinement.Sandbox.Filesystem, []*fst.FilesystemConfig{
+				{Src: "/etc/resolv.conf"},
+				{Src: "/sys/block"},
+				{Src: "/sys/bus"},
+				{Src: "/sys/class"},
+				{Src: "/sys/dev"},
+				{Src: "/sys/devices"},
+			}...)
+			appendGPUFilesystem(config)
+			return config
+		}, app, pathSet, dropShellNixGL, func() {})
+	}
+
+	/*
+		Create app configuration.
+	*/
+
 	command := make([]string, 1, len(args))
 	if !dropShell {
 		command[0] = app.Launcher
@@ -82,35 +119,47 @@ func actionStart(args []string) {
 		},
 	}
 
-	if app.GPU {
-		config.Confinement.Sandbox.Filesystem = append(config.Confinement.Sandbox.Filesystem,
-			// flatpak commit 763a686d874dd668f0236f911de00b80766ffe79
-			&fst.FilesystemConfig{Src: "/dev/dri", Device: true},
-			// mali
-			&fst.FilesystemConfig{Src: "/dev/mali", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/mali0", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/umplock", Device: true},
-			// nvidia
-			&fst.FilesystemConfig{Src: "/dev/nvidiactl", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia-modeset", Device: true},
-			// nvidia OpenCL/CUDA
-			&fst.FilesystemConfig{Src: "/dev/nvidia-uvm", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia-uvm-tools", Device: true},
+	/*
+		Expose GPU devices.
+	*/
 
-			// flatpak commit d2dff2875bb3b7e2cd92d8204088d743fd07f3ff
-			&fst.FilesystemConfig{Src: "/dev/nvidia0", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia1", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia2", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia3", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia4", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia5", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia6", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia7", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia8", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia9", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia10", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia11", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia12", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia13", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia14", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia15", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia16", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia17", Device: true},
-			&fst.FilesystemConfig{Src: "/dev/nvidia18", Device: true}, &fst.FilesystemConfig{Src: "/dev/nvidia19", Device: true},
-		)
+	if app.GPU {
+		appendGPUFilesystem(config)
 	}
 
+	/*
+		Spawn app.
+	*/
+
 	fortifyApp(config, func() {})
 	fmsg.Exit(0)
 }
+
+func appendGPUFilesystem(config *fst.Config) {
+	config.Confinement.Sandbox.Filesystem = append(config.Confinement.Sandbox.Filesystem, []*fst.FilesystemConfig{
+		// flatpak commit 763a686d874dd668f0236f911de00b80766ffe79
+		{Src: "/dev/dri", Device: true},
+		// mali
+		{Src: "/dev/mali", Device: true},
+		{Src: "/dev/mali0", Device: true},
+		{Src: "/dev/umplock", Device: true},
+		// nvidia
+		{Src: "/dev/nvidiactl", Device: true},
+		{Src: "/dev/nvidia-modeset", Device: true},
+		// nvidia OpenCL/CUDA
+		{Src: "/dev/nvidia-uvm", Device: true},
+		{Src: "/dev/nvidia-uvm-tools", Device: true},
+
+		// flatpak commit d2dff2875bb3b7e2cd92d8204088d743fd07f3ff
+		{Src: "/dev/nvidia0", Device: true}, {Src: "/dev/nvidia1", Device: true},
+		{Src: "/dev/nvidia2", Device: true}, {Src: "/dev/nvidia3", Device: true},
+		{Src: "/dev/nvidia4", Device: true}, {Src: "/dev/nvidia5", Device: true},
+		{Src: "/dev/nvidia6", Device: true}, {Src: "/dev/nvidia7", Device: true},
+		{Src: "/dev/nvidia8", Device: true}, {Src: "/dev/nvidia9", Device: true},
+		{Src: "/dev/nvidia10", Device: true}, {Src: "/dev/nvidia11", Device: true},
+		{Src: "/dev/nvidia12", Device: true}, {Src: "/dev/nvidia13", Device: true},
+		{Src: "/dev/nvidia14", Device: true}, {Src: "/dev/nvidia15", Device: true},
+		{Src: "/dev/nvidia16", Device: true}, {Src: "/dev/nvidia17", Device: true},
+		{Src: "/dev/nvidia18", Device: true}, {Src: "/dev/nvidia19", Device: true},
+	}...)
+}