nix: interactive nixos vm

This is useful for quickly spinning up an ephemeral hakurei environment for testing changes or reproducing vm test failures. Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-08-05 21:31:36 +09:00 · 2025-08-05 21:31:36 +09:00 · 72a931a71a
commit 72a931a71a
parent 9a25542c6d
5 changed files with 191 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -30,3 +30,6 @@ go.work.sum

 # release
 /dist/hakurei-*
+
+# interactive nixos vm
+nixos.qcow2
--- a/flake.nix
+++ b/flake.nix
@ -159,6 +159,53 @@
          default = pkgs.mkShell { buildInputs = hakurei.targetPkgs; };
          withPackage = pkgs.mkShell { buildInputs = [ hakurei ] ++ hakurei.targetPkgs; };

+          vm =
+            let
+              nixos = nixpkgs.lib.nixosSystem {
+                inherit system;
+                modules = [
+                  {
+                    environment = {
+                      systemPackages = [
+                        (pkgs.buildFHSEnv {
+                          pname = "hakurei-fhs";
+                          inherit (hakurei) version;
+                          targetPkgs = _: hakurei.targetPkgs;
+                          extraOutputsToInstall = [ "dev" ];
+                          profile = ''
+                            export PKG_CONFIG_PATH="/usr/share/pkgconfig:$PKG_CONFIG_PATH"
+                          '';
+                        })
+                      ];
+
+                      hakurei =
+                        let
+                          # this is used for interactive vm testing during development, where tests might be broken
+                          package = self.packages.${pkgs.system}.hakurei.override {
+                            buildGoModule = previousArgs: pkgs.pkgsStatic.buildGoModule (previousArgs // { doCheck = false; });
+                          };
+                        in
+                        {
+                          inherit package;
+                          hsuPackage = self.packages.${pkgs.system}.hsu.override { hakurei = package; };
+                        };
+                    };
+                  }
+
+                  ./test/interactive/configuration.nix
+                  ./test/interactive/vm.nix
+                  ./test/interactive/hakurei.nix
+
+                  self.nixosModules.hakurei
+                  self.inputs.home-manager.nixosModules.home-manager
+                ];
+              };
+            in
+            pkgs.mkShell {
+              buildInputs = [ nixos.config.system.build.vm ];
+              shellHook = "exec run-nixos-vm $@";
+            };
+
          generateDoc =
            let
              inherit (pkgs) lib;
--- a/test/interactive/configuration.nix
+++ b/test/interactive/configuration.nix
@ -0,0 +1,60 @@
+{ pkgs, ... }:
+{
+  system.stateVersion = "23.05";
+
+  users.users = {
+    alice = {
+      isNormalUser = true;
+      description = "Alice Foobar";
+      password = "foobar";
+      uid = 1000;
+      extraGroups = [ "wheel" ];
+    };
+    untrusted = {
+      isNormalUser = true;
+      description = "Untrusted user";
+      password = "foobar";
+      uid = 1001;
+    };
+  };
+
+  home-manager.users.alice.home.stateVersion = "24.11";
+
+  security = {
+    sudo.wheelNeedsPassword = false;
+    rtkit.enable = true;
+  };
+
+  services = {
+    getty.autologinUser = "alice";
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+      jack.enable = true;
+    };
+  };
+
+  environment.variables = {
+    SWAYSOCK = "/tmp/sway-ipc.sock";
+    WLR_RENDERER = "pixman";
+  };
+
+  programs = {
+    sway.enable = true;
+
+    bash.loginShellInit = ''
+      if [ "$(tty)" = "/dev/tty1" ]; then
+        set -e
+
+        mkdir -p ~/.config/sway
+        (sed s/Mod4/Mod1/ /etc/sway/config &&
+        echo 'output * bg ${pkgs.nixos-artwork.wallpapers.simple-light-gray.gnomeFilePath} fill') > ~/.config/sway/config
+
+        sway --validate
+        systemd-cat --identifier=session sway && touch /tmp/sway-exit-ok
+      fi
+    '';
+  };
+}
--- a/test/interactive/hakurei.nix
+++ b/test/interactive/hakurei.nix
@ -0,0 +1,25 @@
+{ pkgs, ... }:
+{
+  environment.hakurei = {
+    enable = true;
+    stateDir = "/var/lib/hakurei";
+    users.alice = 0;
+    apps = {
+      "cat.gensokyo.extern.foot.noEnablements" = {
+        name = "ne-foot";
+        identity = 1;
+        shareUid = true;
+        verbose = true;
+        share = pkgs.foot;
+        packages = [ pkgs.foot ];
+        command = "foot";
+        capability = {
+          dbus = false;
+          pulse = false;
+        };
+      };
+    };
+
+    extraHomeConfig.home.stateVersion = "23.05";
+  };
+}
--- a/test/interactive/vm.nix
+++ b/test/interactive/vm.nix
@ -0,0 +1,55 @@
+{
+  virtualisation.vmVariant.virtualisation = {
+    memorySize = 4096;
+    qemu.options = [
+      "-vga none -device virtio-gpu-pci"
+      "-smp 8"
+    ];
+
+    mountHostNixStore = true;
+    writableStore = true;
+    writableStoreUseTmpfs = false;
+
+    sharedDirectories = {
+      cwd = {
+        target = "/mnt/.ro-cwd";
+        source = ''"$OLDPWD"'';
+        securityModel = "none";
+      };
+    };
+
+    fileSystems = {
+      "/mnt/.ro-cwd".options = [
+        "ro"
+        "noatime"
+      ];
+      "/mnt/cwd".overlay = {
+        lowerdir = [ "/mnt/.ro-cwd" ];
+        upperdir = "/tmp/.cwd/upper";
+        workdir = "/tmp/.cwd/work";
+      };
+
+      "/mnt/src".overlay = {
+        lowerdir = [ ../.. ];
+        upperdir = "/tmp/.src/upper";
+        workdir = "/tmp/.src/work";
+      };
+    };
+  };
+
+  systemd.services = {
+    logrotate-checkconf.enable = false;
+    hakurei-src-fix-ownership = {
+      wantedBy = [ "multi-user.target" ];
+      wants = [ "mnt-src.mount" ];
+      after = [ "mnt-src.mount" ];
+      serviceConfig = {
+        Type = "oneshot";
+        RemainAfterExit = true;
+      };
+      script = ''
+        chown -R alice:users /mnt/src/
+      '';
+    };
+  };
+}