commit e14da5c1b828e370eed56c3169bc01bbab7ff712 · pyrox.dev/nixpkgs

+3

pkgs/tools/virtualization/distrobuilder/default.nix

··· 8 8 , gnutar 9 9 , squashfsTools 10 10 , debootstrap 11 + , callPackage 11 12 }: 12 13 13 14 let ··· 34 35 }; 35 36 36 37 buildInputs = bins; 38 + 39 + passthru.generator = callPackage ./generator.nix { inherit src version; }; 37 40 38 41 # tests require a local keyserver (mkg20001/nixpkgs branch distrobuilder-with-tests) but gpg is currently broken in tests 39 42 doCheck = false;

+19

pkgs/tools/virtualization/distrobuilder/generator.nix

··· 1 + { stdenvNoCC, lib, src, version, makeWrapper, coreutils, findutils, gnugrep, systemd }: 2 + 3 + stdenvNoCC.mkDerivation { 4 + name = "distrobuilder-nixos-generator"; 5 + 6 + inherit src version; 7 + 8 + patches = [ 9 + ./nixos-generator.patch 10 + ]; 11 + 12 + dontBuild = true; 13 + nativeBuildInputs = [ makeWrapper ]; 14 + 15 + installPhase = '' 16 + install -D -m 0555 distrobuilder/lxc.generator $out/lib/systemd/system-generators/lxc 17 + wrapProgram $out/lib/systemd/system-generators/lxc --prefix PATH : ${lib.makeBinPath [coreutils findutils gnugrep systemd]}:${systemd}/lib/systemd 18 + ''; 19 + }

+113

pkgs/tools/virtualization/distrobuilder/nixos-generator.patch

··· 1 + diff --git a/distrobuilder/lxc.generator b/distrobuilder/lxc.generator 2 + index 0ad81d1..69dbfe7 100644 3 + --- a/distrobuilder/lxc.generator 4 + +++ b/distrobuilder/lxc.generator 5 + @@ -25,16 +25,6 @@ is_incus_vm() { 6 + [ -e /dev/virtio-ports/org.linuxcontainers.incus ] 7 + } 8 + 9 + -# is_in_path succeeds if the given file exists in on of the paths 10 + -is_in_path() { 11 + - # Don't use $PATH as that may not include all relevant paths 12 + - for path in /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin; do 13 + - [ -e "${path}/$1" ] && return 0 14 + - done 15 + - 16 + - return 1 17 + -} 18 + - 19 + ## Fix functions 20 + # fix_ro_paths avoids udevd issues with /sys and /proc being writable 21 + fix_ro_paths() { 22 + @@ -45,35 +35,6 @@ BindReadOnlyPaths=/sys /proc 23 + EOF 24 + } 25 + 26 + -# fix_nm_link_state forces the network interface to a DOWN state ahead of NetworkManager starting up 27 + -fix_nm_link_state() { 28 + - [ -e "/sys/class/net/$1" ] || return 0 29 + - ip_path= 30 + - if [ -f /sbin/ip ]; then 31 + - ip_path=/sbin/ip 32 + - elif [ -f /bin/ip ]; then 33 + - ip_path=/bin/ip 34 + - else 35 + - return 0 36 + - fi 37 + - cat <<-EOF > /run/systemd/system/network-device-down.service 38 + -[Unit] 39 + -Description=Turn off network device 40 + -Before=NetworkManager.service 41 + -Before=systemd-networkd.service 42 + -[Service] 43 + -# do not turn off if there is a default route to 169.254.0.1, i.e. the device is a routed nic 44 + -ExecCondition=/bin/sh -c '! /usr/bin/grep -qs 00000000.0100FEA9 /proc/net/route' 45 + -ExecStart=-${ip_path} link set $1 down 46 + -Type=oneshot 47 + -RemainAfterExit=true 48 + -[Install] 49 + -WantedBy=default.target 50 + -EOF 51 + - mkdir -p /run/systemd/system/default.target.wants 52 + - ln -sf /run/systemd/system/network-device-down.service /run/systemd/system/default.target.wants/network-device-down.service 53 + -} 54 + - 55 + # fix_systemd_override_unit generates a unit specific override 56 + fix_systemd_override_unit() { 57 + dropin_dir="/run/systemd/${1}.d" 58 + @@ -112,16 +73,7 @@ fix_systemd_mask() { 59 + # fix_systemd_udev_trigger overrides the systemd-udev-trigger.service to match the latest version 60 + # of the file which uses "ExecStart=-" instead of "ExecStart=". 61 + fix_systemd_udev_trigger() { 62 + - cmd= 63 + - if [ -f /usr/bin/udevadm ]; then 64 + - cmd=/usr/bin/udevadm 65 + - elif [ -f /sbin/udevadm ]; then 66 + - cmd=/sbin/udevadm 67 + - elif [ -f /bin/udevadm ]; then 68 + - cmd=/bin/udevadm 69 + - else 70 + - return 0 71 + - fi 72 + + cmd=udevadm 73 + 74 + mkdir -p /run/systemd/system/systemd-udev-trigger.service.d 75 + cat <<-EOF > /run/systemd/system/systemd-udev-trigger.service.d/zzz-lxc-override.conf 76 + @@ -145,24 +97,12 @@ EOF 77 + } 78 + 79 + ## Main logic 80 + -# Nothing to do in Incus VM but deployed in case it is later converted to a container 81 + -is_incus_vm || is_lxd_vm && exit 0 82 + 83 + # Exit immediately if not an Incus/LXC container 84 + is_lxc_container || exit 0 85 + 86 + -# Check for NetworkManager 87 + -nm_exists=0 88 + - 89 + -is_in_path NetworkManager && nm_exists=1 90 + - 91 + # Determine systemd version 92 + -for path in /usr/lib/systemd/systemd /lib/systemd/systemd; do 93 + - [ -x "${path}" ] || continue 94 + - 95 + - systemd_version="$("${path}" --version | head -n1 | cut -d' ' -f2)" 96 + - break 97 + -done 98 + +systemd_version="$(systemd --version | head -n1 | cut -d' ' -f2)" 99 + 100 + # Determine distro name and release 101 + ID="" 102 + @@ -222,11 +162,6 @@ ACTION=="add|change|move", ENV{ID_NET_DRIVER}=="veth", ENV{INTERFACE}=="eth[0-9] 103 + EOF 104 + fi 105 + 106 + -# Workarounds for NetworkManager in containers 107 + -if [ "${nm_exists}" -eq 1 ]; then 108 + - fix_nm_link_state eth0 109 + -fi 110 + - 111 + # Allow masking units created by the lxc system-generator. 112 + for d in /etc/systemd/system /usr/lib/systemd/system /lib/systemd/system; do 113 + if ! [ -d "${d}" ]; then