From b4c1b4da9b9be31cf217474ad87966658337d103 Mon Sep 17 00:00:00 2001 From: Justin Barclay Date: Mon, 21 Aug 2023 16:10:53 -0700 Subject: [PATCH 1/2] Set up nix environment for building vms --- configuration.nix | 47 +++++++++++++++++++++++++++++++++ flake.lock | 64 +++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 66 +++++++++++++++++++++++++++++++++++++++++++++++ vmware.nix | 11 ++++++++ 4 files changed, 188 insertions(+) create mode 100644 configuration.nix create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 vmware.nix diff --git a/configuration.nix b/configuration.nix new file mode 100644 index 0000000..a13e54f --- /dev/null +++ b/configuration.nix @@ -0,0 +1,47 @@ +{ self, pkgs, ... }: { + nix = { + extraOptions = '' + experimental-features = nix-command flakes + ''; + settings = { + trusted-users = [ "root" "tidal" ]; + auto-optimise-store = true; + }; + }; + + networking.hostName = "Nix"; # Define your hostname. + + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + users.users.tidal = { + isNormalUser = true; + password = "tidal"; + extraGroups = [ "networkmanager" "wheel" "video" "kvm" ]; + }; + + environment = { + systemPackages = with pkgs; [ + # - Docker images + # - Tidal DB Analyzer + # - Healthchek + # - Hello World + # - Pip + # - jq + # - Python3 + docker + python311 + python311Packages.pip + nmap + jq + ]; + }; + + services.xserver.enable = true; + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + + services.dbus.enable = true; + virtualisation.docker.enable = true; +} diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..46f3970 --- /dev/null +++ b/flake.lock @@ -0,0 +1,64 @@ +{ + "nodes": { + "nixlib": { + "locked": { + "lastModified": 1689469483, + "narHash": "sha256-2SBhY7rZQ/iNCxe04Eqxlz9YK9KgbaTMBssq3/BgdWY=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "02fea408f27186f139153e1ae88f8ab2abd9c22c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixos-generators": { + "inputs": { + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1690133435, + "narHash": "sha256-YNZiefETggroaTLsLJG2M+wpF0pJPwiauKG4q48ddNU=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "b1171de4d362c022130c92d7c8adc4bf2b83d586", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1692447944, + "narHash": "sha256-fkJGNjEmTPvqBs215EQU4r9ivecV5Qge5cF/QDLVn3U=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d680ded26da5cf104dd2735a51e88d2d8f487b4d", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "nixos-generators": "nixos-generators", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..c779e37 --- /dev/null +++ b/flake.nix @@ -0,0 +1,66 @@ +{ + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixos-generators = { + url = "github:nix-community/nixos-generators"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + }; + outputs = { self, nixpkgs, nixos-generators, ... }: + let + pkgs = nixpkgs.legacyPackages.x86_64-linux; + in + { + packages.x86_64-linux = { + vbox = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + modules = [ + # you can include your own nixos configuration here, i.e. + ./configuration.nix + ]; + format = "virtualbox"; + }; + + # hack stolen from + # https://github.com/nix-community/nixos-generators/issues/128#issuecomment-1484084499 + vmware = + let + base = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + modules = [ + # you can include your own nixos configuration here, i.e. + ./configuration.nix + ./vmware.nix + ]; + format = "virtualbox"; + }; + vmx = "vmx-20"; + in + pkgs.runCommand "vbox" + { } '' + ova=${base}/*.ova + mkdir $out + # cp $ova "$out/unfixed.ova" # debug + ${pkgs.cot}/bin/cot --force --verbose edit-product $ova -p 'Some Info' -o nixos.ova + ${pkgs.cot}/bin/cot --force --verbose edit-hardware nixos.ova -v ${vmx} + tar xf nixos.ova + sed -i -E 's/^(\s*<(ovf:)?ProductSection)>\s*$/\1 ovf:required="false">/' *.ovf + sed -i -E "s/^(SHA1\(nixos.ovf\)=\s*).*$/\1$(sha1sum nixos.ovf | cut -d ' ' -f 1)/" *.mf + ${pkgs.ovftool}/bin/ovftool --lax --sourceType=OVF --targetType=OVA nixos.ovf $out/nixos.ova + # tar cf $out/nixos.ova *.ovf *.mf *.vmdk + ''; + + qemu = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + modules = [ + # you can include your own nixos configuration here, i.e. + ./configuration.nix + ]; + format = "vm"; + }; + }; + devShells.x86_64-linux.default = pkgs.mkShell { + buildInputs = [ pkgs.qemu pkgs.virtualbox pkgs.vmware-workstation pkgs.ovftool pkgs.cot ]; + }; + }; +} diff --git a/vmware.nix b/vmware.nix new file mode 100644 index 0000000..f4464c7 --- /dev/null +++ b/vmware.nix @@ -0,0 +1,11 @@ +{ self, pkgs, ... }: { + virtualbox = { + # see: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/virtualisation/virtualbox-image.nix + memorySize = 4000; # MiB + params = { + audio = "none"; + audioout = "off"; + }; + }; + virtualisation.vmware.guest.enable = true; +} From 817d29cb2cbe6088c9f6c08a6aa013075ce67fca Mon Sep 17 00:00:00 2001 From: Justin Barclay Date: Wed, 23 Aug 2023 18:55:14 -0700 Subject: [PATCH 2/2] Add support for tidal-tools, hyperv and azure images --- configuration.nix | 12 ++--- flake.lock | 116 ++++++++++++++++++++++++++++++++++++++++++++-- flake.nix | 32 ++++++++++++- 3 files changed, 145 insertions(+), 15 deletions(-) diff --git a/configuration.nix b/configuration.nix index a13e54f..4e812f6 100644 --- a/configuration.nix +++ b/configuration.nix @@ -1,4 +1,4 @@ -{ self, pkgs, ... }: { +{ self, pkgs, tidal-tools, ... }: { nix = { extraOptions = '' experimental-features = nix-command flakes @@ -13,7 +13,7 @@ # Pick only one of the below networking options. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. users.users.tidal = { isNormalUser = true; @@ -23,13 +23,7 @@ environment = { systemPackages = with pkgs; [ - # - Docker images - # - Tidal DB Analyzer - # - Healthchek - # - Hello World - # - Pip - # - jq - # - Python3 + tidal-tools.packages.x86_64-linux.default docker python311 python311Packages.pip diff --git a/flake.lock b/flake.lock index 46f3970..f87793e 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,42 @@ { "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1687709756, + "narHash": "sha256-Y5wKlQSkgEK2weWdOu4J3riRd+kV/VCgHsqLNTTWQ/0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "dbabf0ca0c0c4bce6ea5eaf65af5cb694d2082c7", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "gomod2nix": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "utils": "utils" + }, + "locked": { + "lastModified": 1677459247, + "narHash": "sha256-JbakfAiPYmCCV224yAMq/XO0udN5coWv/oazblMKdoY=", + "owner": "nix-community", + "repo": "gomod2nix", + "rev": "3cbf3a51fe32e2f57af4c52744e7228bab22983d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "gomod2nix", + "type": "github" + } + }, "nixlib": { "locked": { "lastModified": 1689469483, @@ -38,11 +75,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1692447944, - "narHash": "sha256-fkJGNjEmTPvqBs215EQU4r9ivecV5Qge5cF/QDLVn3U=", + "lastModified": 1692734709, + "narHash": "sha256-SCFnyHCyYjwEmgUsHDDuU0TsbVMKeU1vwkR+r7uS2Rg=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d680ded26da5cf104dd2735a51e88d2d8f487b4d", + "rev": "b85ed9dcbf187b909ef7964774f8847d554fab3b", "type": "github" }, "original": { @@ -52,10 +89,81 @@ "type": "github" } }, + "nixpkgs_2": { + "locked": { + "lastModified": 1658285632, + "narHash": "sha256-zRS5S/hoeDGUbO+L95wXG9vJNwsSYcl93XiD0HQBXLk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5342fc6fb59d0595d26883c3cadff16ce58e44f3", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, "root": { "inputs": { "nixos-generators": "nixos-generators", - "nixpkgs": "nixpkgs" + "nixpkgs": "nixpkgs", + "tidal-tools": "tidal-tools" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "tidal-tools": { + "inputs": { + "flake-utils": "flake-utils", + "gomod2nix": "gomod2nix", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1688714948, + "narHash": "sha256-VWmm8itcTgMlXZMtpDPc5BoQuaRDC6OjPVk+qPy7i3k=", + "ref": "main", + "rev": "34550d4abc304c1428465ab09b0f558c075f1c35", + "revCount": 1364, + "type": "git", + "url": "ssh://git@github.com/tidalmigrations/tidal-tools" + }, + "original": { + "ref": "main", + "rev": "34550d4abc304c1428465ab09b0f558c075f1c35", + "type": "git", + "url": "ssh://git@github.com/tidalmigrations/tidal-tools" + } + }, + "utils": { + "locked": { + "lastModified": 1653893745, + "narHash": "sha256-0jntwV3Z8//YwuOjzhV2sgJJPt+HY6KhU7VZUL0fKZQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ed9fb1935d260de5fe1c2f7ee0ebaae17ed2fa1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index c779e37..65b9a37 100644 --- a/flake.nix +++ b/flake.nix @@ -5,15 +5,40 @@ url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs"; }; + tidal-tools = { + url = "git+ssh://git@github.com/tidalmigrations/tidal-tools?ref=main&rev=34550d4abc304c1428465ab09b0f558c075f1c35"; + inputs.nixpkgs.follows = "nixpkgs"; + }; }; - outputs = { self, nixpkgs, nixos-generators, ... }: + outputs = { self, nixpkgs, nixos-generators, tidal-tools, ... }: let pkgs = nixpkgs.legacyPackages.x86_64-linux; in { packages.x86_64-linux = { - vbox = nixos-generators.nixosGenerate { + hyperv = nixos-generators.nixosGenerate { + specialArgs = { + tidal-tools = tidal-tools; + }; system = "x86_64-linux"; + modules = [ + ./configuration.nix + ]; + format = "hyperv"; + }; + azure = nixos-generators.nixosGenerate { + specialArgs = { + tidal-tools = tidal-tools; + }; + system = "x86_64-linux"; + modules = [ + ./configuration.nix + ]; + format = "azure"; + }; + vbox = nixos-generators.nixosGenerate { + system = " + x86_64-linux "; modules = [ # you can include your own nixos configuration here, i.e. ./configuration.nix @@ -57,6 +82,9 @@ ./configuration.nix ]; format = "vm"; + specialArgs = { + tidal-tools = tidal-tools; + }; }; }; devShells.x86_64-linux.default = pkgs.mkShell {