tjh.dev / nixpkgs
nixpkgs mirror (for testing) github.com/NixOS/nixpkgs
nix
fork atom

nixos/xen: simplify package options

Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>

Fernando Rodrigues 251dc99c f5e6e7ac

+147 -146
+147 -146
nixos/modules/virtualisation/xen-dom0.nix
··· 8 }: 9 10 let 11 cfg = config.virtualisation.xen; 12 13 xenBootBuilder = pkgs.writeShellApplication { ··· 51 gnused 52 jq 53 ]) 54 - ++ lib.lists.optionals (cfg.efi.bootBuilderVerbosity == "info") ( 55 with pkgs; 56 [ 57 bat ··· 65 # We disable SC2016 because we don't want to expand the regexes in the sed commands. 66 excludeShellChecks = [ "SC2016" ]; 67 68 - text = builtins.readFile ./xen-boot-builder.sh; 69 }; 70 in 71 72 { 73 - imports = with lib.modules; [ 74 (mkRemovedOptionModule 75 [ 76 "virtualisation" ··· 152 153 options.virtualisation.xen = { 154 155 - enable = lib.options.mkEnableOption "the Xen Project Hypervisor, a virtualisation technology defined as a *type-1 hypervisor*, which allows multiple virtual machines, known as *domains*, to run concurrently on the physical machine. NixOS runs as the privileged *Domain 0*. This option requires a reboot into a Xen kernel to take effect"; 156 157 - debug = lib.options.mkEnableOption "Xen debug features for Domain 0. This option enables some hidden debugging tests and features, and should not be used in production"; 158 159 - trace = lib.options.mkOption { 160 - type = lib.types.bool; 161 default = cfg.debug; 162 - defaultText = lib.options.literalExpression "false"; 163 example = true; 164 description = "Whether to enable Xen debug tracing and logging for Domain 0."; 165 }; 166 167 - package = lib.options.mkOption { 168 - type = lib.types.package; 169 - default = pkgs.xen; 170 - defaultText = lib.options.literalExpression "pkgs.xen"; 171 - example = lib.options.literalExpression "pkgs.xen-slim"; 172 - description = '' 173 - The package used for Xen Project Hypervisor. 174 - ''; 175 - relatedPackages = [ 176 - "xen" 177 - "xen-slim" 178 - ]; 179 - }; 180 181 qemu = { 182 - package = lib.options.mkOption { 183 - type = lib.types.package; 184 - default = pkgs.xen; 185 - defaultText = lib.options.literalExpression "pkgs.xen"; 186 - example = lib.options.literalExpression "pkgs.qemu_xen"; 187 - description = '' 188 - The package with QEMU binaries that runs in Domain 0 189 - and virtualises the unprivileged domains. 190 - ''; 191 - relatedPackages = [ 192 - "xen" 193 - { 194 - name = "qemu_xen"; 195 - comment = "For use with `pkgs.xen-slim`."; 196 - } 197 - ]; 198 }; 199 - pidFile = lib.options.mkOption { 200 - type = lib.types.path; 201 default = "/run/xen/qemu-dom0.pid"; 202 example = "/var/run/xen/qemu-dom0.pid"; 203 description = "Path to the QEMU PID file."; 204 }; 205 }; 206 207 - bootParams = lib.options.mkOption { 208 default = [ ]; 209 example = '' 210 [ ··· 187 "vga=ask" 188 ] 189 ''; 190 - type = lib.types.listOf lib.types.str; 191 description = '' 192 Xen Command Line parameters passed to Domain 0 at boot time. 193 Note: these are different from `boot.kernelParams`. See ··· 196 }; 197 198 efi = { 199 - bootBuilderVerbosity = lib.options.mkOption { 200 - type = lib.types.enum [ 201 "default" 202 "info" 203 "debug" ··· 221 ''; 222 }; 223 224 - path = lib.options.mkOption { 225 - type = lib.types.path; 226 default = "${cfg.package.boot}/${cfg.package.efi}"; 227 - defaultText = lib.options.literalExpression "\${config.virtualisation.xen.package.boot}/\${config.virtualisation.xen.package.efi}"; 228 - example = lib.options.literalExpression "\${config.virtualisation.xen.package}/boot/efi/efi/nixos/xen-\${config.virtualisation.xen.package.version}.efi"; 229 description = '' 230 Path to xen.efi. `pkgs.xen` is patched to install the xen.efi file 231 on `$boot/boot/xen.efi`, but an unpatched Xen build may install it ··· 237 }; 238 239 dom0Resources = { 240 - maxVCPUs = lib.options.mkOption { 241 default = 0; 242 example = 4; 243 - type = lib.types.ints.unsigned; 244 description = '' 245 Amount of virtual CPU cores allocated to Domain 0 on boot. 246 If set to 0, all cores are assigned to Domain 0, and ··· 248 ''; 249 }; 250 251 - memory = lib.options.mkOption { 252 default = 0; 253 example = 512; 254 - type = lib.types.ints.unsigned; 255 description = '' 256 Amount of memory (in MiB) allocated to Domain 0 on boot. 257 If set to 0, all memory is assigned to Domain 0, and ··· 259 ''; 260 }; 261 262 - maxMemory = lib.options.mkOption { 263 default = cfg.dom0Resources.memory; 264 - defaultText = lib.options.literalExpression "config.virtualisation.xen.dom0Resources.memory"; 265 example = 1024; 266 - type = lib.types.ints.unsigned; 267 description = '' 268 Maximum amount of memory (in MiB) that Domain 0 can 269 dynamically allocate to itself. Does nothing if set ··· 274 }; 275 276 domains = { 277 - extraConfig = lib.options.mkOption { 278 - type = lib.types.lines; 279 default = ""; 280 example = '' 281 XENDOMAINS_SAVE=/persist/xen/save ··· 291 }; 292 293 store = { 294 - path = lib.options.mkOption { 295 - type = lib.types.path; 296 default = "${cfg.package}/bin/oxenstored"; 297 - defaultText = lib.options.literalExpression "\${config.virtualisation.xen.package}/bin/oxenstored"; 298 - example = lib.options.literalExpression "\${config.virtualisation.xen.package}/bin/xenstored"; 299 description = '' 300 Path to the Xen Store Daemon. This option is useful to 301 switch between the legacy C-based Xen Store Daemon, and 302 the newer OCaml-based Xen Store Daemon, `oxenstored`. 303 ''; 304 }; 305 - type = lib.options.mkOption { 306 - type = lib.types.enum [ 307 "c" 308 "ocaml" 309 ]; 310 - default = if (lib.strings.hasSuffix "oxenstored" cfg.store.path) then "ocaml" else "c"; 311 internal = true; 312 readOnly = true; 313 description = "Helper internal option that determines the type of the Xen Store Daemon based on cfg.store.path."; 314 }; 315 - settings = lib.options.mkOption { 316 default = { }; 317 example = { 318 enableMerge = false; ··· 327 The OCaml-based Xen Store Daemon configuration. This 328 option does nothing with the C-based `xenstored`. 329 ''; 330 - type = lib.types.submodule { 331 options = { 332 - pidFile = lib.options.mkOption { 333 default = "/run/xen/xenstored.pid"; 334 example = "/var/run/xen/xenstored.pid"; 335 - type = lib.types.path; 336 description = "Path to the Xen Store Daemon PID file."; 337 }; 338 - testEAGAIN = lib.options.mkOption { 339 default = cfg.debug; 340 - defaultText = lib.options.literalExpression "config.virtualisation.xen.debug"; 341 example = true; 342 - type = lib.types.bool; 343 visible = false; 344 description = "Randomly fail a transaction with EAGAIN. This option is used for debugging purposes only."; 345 }; 346 - enableMerge = lib.options.mkOption { 347 default = true; 348 example = false; 349 - type = lib.types.bool; 350 description = "Whether to enable transaction merge support."; 351 }; 352 conflict = { 353 - burstLimit = lib.options.mkOption { 354 default = 5.0; 355 example = 15.0; 356 - type = lib.types.addCheck ( 357 - lib.types.float 358 // { 359 name = "nonnegativeFloat"; 360 description = "nonnegative floating point number, meaning >=0"; ··· 372 domain's requests are ignored. 373 ''; 374 }; 375 - maxHistorySeconds = lib.options.mkOption { 376 default = 5.0e-2; 377 example = 1.0; 378 - type = lib.types.addCheck ( 379 - lib.types.float // { description = "nonnegative floating point number, meaning >=0"; } 380 - ) (n: n >= 0); 381 description = '' 382 Limits applied to domains whose writes cause other domains' transaction 383 commits to fail. Must include decimal point. ··· 387 is the minimum pause-time during which a domain will be ignored. 388 ''; 389 }; 390 - rateLimitIsAggregate = lib.options.mkOption { 391 default = true; 392 example = false; 393 - type = lib.types.bool; 394 description = '' 395 If the conflict.rateLimitIsAggregate option is `true`, then after each 396 tick one point of conflict-credit is given to just one domain: the ··· 411 }; 412 }; 413 perms = { 414 - enable = lib.options.mkOption { 415 default = true; 416 example = false; 417 - type = lib.types.bool; 418 description = "Whether to enable the node permission system."; 419 }; 420 - enableWatch = lib.options.mkOption { 421 default = true; 422 example = false; 423 - type = lib.types.bool; 424 description = '' 425 Whether to enable the watch permission system. 426 ··· 435 }; 436 }; 437 quota = { 438 - enable = lib.options.mkOption { 439 default = true; 440 example = false; 441 - type = lib.types.bool; 442 description = "Whether to enable the quota system."; 443 }; 444 - maxEntity = lib.options.mkOption { 445 default = 1000; 446 example = 1024; 447 - type = lib.types.ints.positive; 448 description = "Entity limit for transactions."; 449 }; 450 - maxSize = lib.options.mkOption { 451 default = 2048; 452 example = 4096; 453 - type = lib.types.ints.positive; 454 description = "Size limit for transactions."; 455 }; 456 - maxWatch = lib.options.mkOption { 457 default = 100; 458 example = 256; 459 - type = lib.types.ints.positive; 460 description = "Maximum number of watches by the Xenstore Watchdog."; 461 }; 462 - transaction = lib.options.mkOption { 463 default = 10; 464 example = 50; 465 - type = lib.types.ints.positive; 466 description = "Maximum number of transactions."; 467 }; 468 - maxRequests = lib.options.mkOption { 469 default = 1024; 470 example = 1024; 471 - type = lib.types.ints.positive; 472 description = "Maximum number of requests per transaction."; 473 }; 474 - maxPath = lib.options.mkOption { 475 default = 1024; 476 example = 1024; 477 - type = lib.types.ints.positive; 478 description = "Path limit for the quota system."; 479 }; 480 - maxOutstanding = lib.options.mkOption { 481 default = 1024; 482 example = 1024; 483 - type = lib.types.ints.positive; 484 description = "Maximum outstanding requests, i.e. in-flight requests / domain."; 485 }; 486 - maxWatchEvents = lib.options.mkOption { 487 default = 1024; 488 example = 2048; 489 - type = lib.types.ints.positive; 490 description = "Maximum number of outstanding watch events per watch."; 491 }; 492 }; 493 - persistent = lib.options.mkOption { 494 default = false; 495 example = true; 496 - type = lib.types.bool; 497 description = "Whether to activate the filed base backend."; 498 }; 499 xenstored = { 500 log = { 501 - file = lib.options.mkOption { 502 default = "/var/log/xen/xenstored.log"; 503 example = "/dev/null"; 504 - type = lib.types.path; 505 description = "Path to the Xen Store log file."; 506 }; 507 - level = lib.options.mkOption { 508 default = if cfg.trace then "debug" else null; 509 - defaultText = lib.options.literalExpression "if (config.virtualisation.xen.trace == true) then \"debug\" else null"; 510 example = "error"; 511 - type = lib.types.nullOr ( 512 - lib.types.enum [ 513 - "debug" 514 - "info" 515 - "warn" 516 - "error" 517 - ] 518 - ); 519 description = "Logging level for the Xen Store."; 520 }; 521 # The hidden options below have no upstream documentation whatsoever. 522 # The nb* options appear to alter the log rotation behaviour, and 523 # the specialOps option appears to affect the Xenbus logging logic. 524 - nbFiles = lib.options.mkOption { 525 default = 10; 526 example = 16; 527 - type = lib.types.int; 528 visible = false; 529 description = "Set `xenstored-log-nb-files`."; 530 }; 531 }; 532 accessLog = { 533 - file = lib.options.mkOption { 534 default = "/var/log/xen/xenstored-access.log"; 535 example = "/var/log/security/xenstored-access.log"; 536 - type = lib.types.path; 537 description = "Path to the Xen Store access log file."; 538 }; 539 - nbLines = lib.options.mkOption { 540 default = 13215; 541 example = 16384; 542 - type = lib.types.int; 543 visible = false; 544 description = "Set `access-log-nb-lines`."; 545 }; 546 - nbChars = lib.options.mkOption { 547 default = 180; 548 example = 256; 549 - type = lib.types.int; 550 visible = false; 551 description = "Set `acesss-log-nb-chars`."; 552 }; 553 - specialOps = lib.options.mkOption { 554 default = false; 555 example = true; 556 - type = lib.types.bool; 557 visible = false; 558 description = "Set `access-log-special-ops`."; 559 }; 560 }; 561 xenfs = { 562 - kva = lib.options.mkOption { 563 default = "/proc/xen/xsd_kva"; 564 example = cfg.store.settings.xenstored.xenfs.kva; 565 - type = lib.types.path; 566 visible = false; 567 description = '' 568 Path to the Xen Store Daemon KVA location inside the XenFS pseudo-filesystem. 569 While it is possible to alter this value, some drivers may be hardcoded to follow the default paths. 570 ''; 571 }; 572 - port = lib.options.mkOption { 573 default = "/proc/xen/xsd_port"; 574 example = cfg.store.settings.xenstored.xenfs.port; 575 - type = lib.types.path; 576 visible = false; 577 description = '' 578 Path to the Xen Store Daemon userspace port inside the XenFS pseudo-filesystem. ··· 579 }; 580 }; 581 }; 582 - ringScanInterval = lib.options.mkOption { 583 default = 20; 584 example = 30; 585 - type = lib.types.addCheck ( 586 - lib.types.int 587 // { 588 name = "nonzeroInt"; 589 description = "nonzero signed integer, meaning !=0"; ··· 603 604 ## Implementation ## 605 606 - config = lib.modules.mkIf cfg.enable { 607 assertions = [ 608 { 609 assertion = pkgs.stdenv.hostPlatform.isx86_64; ··· 640 ]; 641 642 virtualisation.xen.bootParams = 643 - lib.lists.optionals cfg.trace [ 644 "loglvl=all" 645 "guest_loglvl=all" 646 ] 647 ++ 648 - lib.lists.optional (cfg.dom0Resources.memory != 0) 649 "dom0_mem=${toString cfg.dom0Resources.memory}M${ 650 - lib.strings.optionalString ( 651 cfg.dom0Resources.memory != cfg.dom0Resources.maxMemory 652 ) ",max:${toString cfg.dom0Resources.maxMemory}M" 653 }" 654 - ++ lib.lists.optional ( 655 cfg.dom0Resources.maxVCPUs != 0 656 ) "dom0_max_vcpus=${toString cfg.dom0Resources.maxVCPUs}"; 657 ··· 702 703 # See the `xenBootBuilder` script in the main `let...in` statement of this file. 704 loader.systemd-boot.extraInstallCommands = '' 705 - ${lib.meta.getExe xenBootBuilder} ${cfg.efi.bootBuilderVerbosity} 706 ''; 707 }; 708 ··· 745 746 XENSTORED="${cfg.store.path}" 747 QEMU_XEN="${cfg.qemu.package}/${cfg.qemu.package.qemu-system-i386}" 748 - ${lib.strings.optionalString cfg.trace '' 749 XENSTORED_TRACE=yes 750 XENCONSOLED_TRACE=all 751 ''} ··· 757 ''; 758 } 759 # The OCaml-based Xen Store Daemon requires /etc/xen/oxenstored.conf to start. 760 - // lib.attrsets.optionalAttrs (cfg.store.type == "ocaml") { 761 "xen/oxenstored.conf".text = '' 762 pid-file = ${cfg.store.settings.pidFile} 763 - test-eagain = ${lib.trivial.boolToString cfg.store.settings.testEAGAIN} 764 merge-activate = ${toString cfg.store.settings.enableMerge} 765 conflict-burst-limit = ${toString cfg.store.settings.conflict.burstLimit} 766 conflict-max-history-seconds = ${toString cfg.store.settings.conflict.maxHistorySeconds} ··· 776 quota-path-max = ${toString cfg.store.settings.quota.maxPath} 777 quota-maxoutstanding = ${toString cfg.store.settings.quota.maxOutstanding} 778 quota-maxwatchevents = ${toString cfg.store.settings.quota.maxWatchEvents} 779 - persistent = ${lib.trivial.boolToString cfg.store.settings.persistent} 780 xenstored-log-file = ${cfg.store.settings.xenstored.log.file} 781 xenstored-log-level = ${ 782 if isNull cfg.store.settings.xenstored.log.level then ··· 788 access-log-file = ${cfg.store.settings.xenstored.accessLog.file} 789 access-log-nb-lines = ${toString cfg.store.settings.xenstored.accessLog.nbLines} 790 acesss-log-nb-chars = ${toString cfg.store.settings.xenstored.accessLog.nbChars} 791 - access-log-special-ops = ${lib.trivial.boolToString cfg.store.settings.xenstored.accessLog.specialOps} 792 ring-scan-interval = ${toString cfg.store.settings.ringScanInterval} 793 xenstored-kva = ${cfg.store.settings.xenstored.xenfs.kva} 794 xenstored-port = ${cfg.store.settings.xenstored.xenfs.port} ··· 871 }; 872 }; 873 }; 874 - meta.maintainers = lib.teams.xen.members; 875 }
··· 8 }: 9 10 let 11 + inherit (builtins) readFile; 12 + inherit (lib.modules) mkRemovedOptionModule mkRenamedOptionModule mkIf; 13 + inherit (lib.options) 14 + mkOption 15 + mkEnableOption 16 + literalExpression 17 + mkPackageOption 18 + ; 19 + inherit (lib.types) 20 + listOf 21 + str 22 + ints 23 + lines 24 + enum 25 + path 26 + submodule 27 + addCheck 28 + float 29 + bool 30 + int 31 + nullOr 32 + ; 33 + inherit (lib.lists) optional optionals; 34 + inherit (lib.strings) hasSuffix optionalString; 35 + inherit (lib.meta) getExe; 36 + inherit (lib.attrsets) optionalAttrs; 37 + inherit (lib.trivial) boolToString; 38 + inherit (lib.teams.xen) members; 39 + 40 cfg = config.virtualisation.xen; 41 42 xenBootBuilder = pkgs.writeShellApplication { ··· 22 gnused 23 jq 24 ]) 25 + ++ optionals (cfg.efi.bootBuilderVerbosity == "info") ( 26 with pkgs; 27 [ 28 bat ··· 36 # We disable SC2016 because we don't want to expand the regexes in the sed commands. 37 excludeShellChecks = [ "SC2016" ]; 38 39 + text = readFile ./xen-boot-builder.sh; 40 }; 41 in 42 43 { 44 + imports = [ 45 (mkRemovedOptionModule 46 [ 47 "virtualisation" ··· 123 124 options.virtualisation.xen = { 125 126 + enable = mkEnableOption "the Xen Project Hypervisor, a virtualisation technology defined as a *type-1 hypervisor*, which allows multiple virtual machines, known as *domains*, to run concurrently on the physical machine. NixOS runs as the privileged *Domain 0*. This option requires a reboot into a Xen kernel to take effect"; 127 128 + debug = mkEnableOption "Xen debug features for Domain 0. This option enables some hidden debugging tests and features, and should not be used in production"; 129 130 + trace = mkOption { 131 + type = bool; 132 default = cfg.debug; 133 + defaultText = literalExpression "false"; 134 example = true; 135 description = "Whether to enable Xen debug tracing and logging for Domain 0."; 136 }; 137 138 + package = mkPackageOption pkgs "Xen Hypervisor" { default = [ "xen" ]; }; 139 140 qemu = { 141 + package = mkPackageOption pkgs "QEMU (with Xen Hypervisor support)" { 142 + default = [ "qemu_xen" ]; 143 }; 144 + pidFile = mkOption { 145 + type = path; 146 default = "/run/xen/qemu-dom0.pid"; 147 example = "/var/run/xen/qemu-dom0.pid"; 148 description = "Path to the QEMU PID file."; 149 }; 150 }; 151 152 + bootParams = mkOption { 153 default = [ ]; 154 example = '' 155 [ ··· 184 "vga=ask" 185 ] 186 ''; 187 + type = listOf str; 188 description = '' 189 Xen Command Line parameters passed to Domain 0 at boot time. 190 Note: these are different from `boot.kernelParams`. See ··· 193 }; 194 195 efi = { 196 + bootBuilderVerbosity = mkOption { 197 + type = enum [ 198 "default" 199 "info" 200 "debug" ··· 218 ''; 219 }; 220 221 + path = mkOption { 222 + type = path; 223 default = "${cfg.package.boot}/${cfg.package.efi}"; 224 + defaultText = literalExpression "\${config.virtualisation.xen.package.boot}/\${config.virtualisation.xen.package.efi}"; 225 + example = literalExpression "\${config.virtualisation.xen.package}/boot/efi/efi/nixos/xen-\${config.virtualisation.xen.package.version}.efi"; 226 description = '' 227 Path to xen.efi. `pkgs.xen` is patched to install the xen.efi file 228 on `$boot/boot/xen.efi`, but an unpatched Xen build may install it ··· 234 }; 235 236 dom0Resources = { 237 + maxVCPUs = mkOption { 238 default = 0; 239 example = 4; 240 + type = ints.unsigned; 241 description = '' 242 Amount of virtual CPU cores allocated to Domain 0 on boot. 243 If set to 0, all cores are assigned to Domain 0, and ··· 245 ''; 246 }; 247 248 + memory = mkOption { 249 default = 0; 250 example = 512; 251 + type = ints.unsigned; 252 description = '' 253 Amount of memory (in MiB) allocated to Domain 0 on boot. 254 If set to 0, all memory is assigned to Domain 0, and ··· 256 ''; 257 }; 258 259 + maxMemory = mkOption { 260 default = cfg.dom0Resources.memory; 261 + defaultText = literalExpression "config.virtualisation.xen.dom0Resources.memory"; 262 example = 1024; 263 + type = ints.unsigned; 264 description = '' 265 Maximum amount of memory (in MiB) that Domain 0 can 266 dynamically allocate to itself. Does nothing if set ··· 271 }; 272 273 domains = { 274 + extraConfig = mkOption { 275 + type = lines; 276 default = ""; 277 example = '' 278 XENDOMAINS_SAVE=/persist/xen/save ··· 288 }; 289 290 store = { 291 + path = mkOption { 292 + type = path; 293 default = "${cfg.package}/bin/oxenstored"; 294 + defaultText = literalExpression "\${config.virtualisation.xen.package}/bin/oxenstored"; 295 + example = literalExpression "\${config.virtualisation.xen.package}/bin/xenstored"; 296 description = '' 297 Path to the Xen Store Daemon. This option is useful to 298 switch between the legacy C-based Xen Store Daemon, and 299 the newer OCaml-based Xen Store Daemon, `oxenstored`. 300 ''; 301 }; 302 + type = mkOption { 303 + type = enum [ 304 "c" 305 "ocaml" 306 ]; 307 + default = if (hasSuffix "oxenstored" cfg.store.path) then "ocaml" else "c"; 308 internal = true; 309 readOnly = true; 310 description = "Helper internal option that determines the type of the Xen Store Daemon based on cfg.store.path."; 311 }; 312 + settings = mkOption { 313 default = { }; 314 example = { 315 enableMerge = false; ··· 324 The OCaml-based Xen Store Daemon configuration. This 325 option does nothing with the C-based `xenstored`. 326 ''; 327 + type = submodule { 328 options = { 329 + pidFile = mkOption { 330 default = "/run/xen/xenstored.pid"; 331 example = "/var/run/xen/xenstored.pid"; 332 + type = path; 333 description = "Path to the Xen Store Daemon PID file."; 334 }; 335 + testEAGAIN = mkOption { 336 default = cfg.debug; 337 + defaultText = literalExpression "config.virtualisation.xen.debug"; 338 example = true; 339 + type = bool; 340 visible = false; 341 description = "Randomly fail a transaction with EAGAIN. This option is used for debugging purposes only."; 342 }; 343 + enableMerge = mkOption { 344 default = true; 345 example = false; 346 + type = bool; 347 description = "Whether to enable transaction merge support."; 348 }; 349 conflict = { 350 + burstLimit = mkOption { 351 default = 5.0; 352 example = 15.0; 353 + type = addCheck ( 354 + float 355 // { 356 name = "nonnegativeFloat"; 357 description = "nonnegative floating point number, meaning >=0"; ··· 369 domain's requests are ignored. 370 ''; 371 }; 372 + maxHistorySeconds = mkOption { 373 default = 5.0e-2; 374 example = 1.0; 375 + type = addCheck (float // { description = "nonnegative floating point number, meaning >=0"; }) ( 376 + n: n >= 0 377 + ); 378 description = '' 379 Limits applied to domains whose writes cause other domains' transaction 380 commits to fail. Must include decimal point. ··· 384 is the minimum pause-time during which a domain will be ignored. 385 ''; 386 }; 387 + rateLimitIsAggregate = mkOption { 388 default = true; 389 example = false; 390 + type = bool; 391 description = '' 392 If the conflict.rateLimitIsAggregate option is `true`, then after each 393 tick one point of conflict-credit is given to just one domain: the ··· 408 }; 409 }; 410 perms = { 411 + enable = mkOption { 412 default = true; 413 example = false; 414 + type = bool; 415 description = "Whether to enable the node permission system."; 416 }; 417 + enableWatch = mkOption { 418 default = true; 419 example = false; 420 + type = bool; 421 description = '' 422 Whether to enable the watch permission system. 423 ··· 432 }; 433 }; 434 quota = { 435 + enable = mkOption { 436 default = true; 437 example = false; 438 + type = bool; 439 description = "Whether to enable the quota system."; 440 }; 441 + maxEntity = mkOption { 442 default = 1000; 443 example = 1024; 444 + type = ints.positive; 445 description = "Entity limit for transactions."; 446 }; 447 + maxSize = mkOption { 448 default = 2048; 449 example = 4096; 450 + type = ints.positive; 451 description = "Size limit for transactions."; 452 }; 453 + maxWatch = mkOption { 454 default = 100; 455 example = 256; 456 + type = ints.positive; 457 description = "Maximum number of watches by the Xenstore Watchdog."; 458 }; 459 + transaction = mkOption { 460 default = 10; 461 example = 50; 462 + type = ints.positive; 463 description = "Maximum number of transactions."; 464 }; 465 + maxRequests = mkOption { 466 default = 1024; 467 example = 1024; 468 + type = ints.positive; 469 description = "Maximum number of requests per transaction."; 470 }; 471 + maxPath = mkOption { 472 default = 1024; 473 example = 1024; 474 + type = ints.positive; 475 description = "Path limit for the quota system."; 476 }; 477 + maxOutstanding = mkOption { 478 default = 1024; 479 example = 1024; 480 + type = ints.positive; 481 description = "Maximum outstanding requests, i.e. in-flight requests / domain."; 482 }; 483 + maxWatchEvents = mkOption { 484 default = 1024; 485 example = 2048; 486 + type = ints.positive; 487 description = "Maximum number of outstanding watch events per watch."; 488 }; 489 }; 490 + persistent = mkOption { 491 default = false; 492 example = true; 493 + type = bool; 494 description = "Whether to activate the filed base backend."; 495 }; 496 xenstored = { 497 log = { 498 + file = mkOption { 499 default = "/var/log/xen/xenstored.log"; 500 example = "/dev/null"; 501 + type = path; 502 description = "Path to the Xen Store log file."; 503 }; 504 + level = mkOption { 505 default = if cfg.trace then "debug" else null; 506 + defaultText = literalExpression "if (config.virtualisation.xen.trace == true) then \"debug\" else null"; 507 example = "error"; 508 + type = nullOr (enum [ 509 + "debug" 510 + "info" 511 + "warn" 512 + "error" 513 + ]); 514 description = "Logging level for the Xen Store."; 515 }; 516 # The hidden options below have no upstream documentation whatsoever. 517 # The nb* options appear to alter the log rotation behaviour, and 518 # the specialOps option appears to affect the Xenbus logging logic. 519 + nbFiles = mkOption { 520 default = 10; 521 example = 16; 522 + type = int; 523 visible = false; 524 description = "Set `xenstored-log-nb-files`."; 525 }; 526 }; 527 accessLog = { 528 + file = mkOption { 529 default = "/var/log/xen/xenstored-access.log"; 530 example = "/var/log/security/xenstored-access.log"; 531 + type = path; 532 description = "Path to the Xen Store access log file."; 533 }; 534 + nbLines = mkOption { 535 default = 13215; 536 example = 16384; 537 + type = int; 538 visible = false; 539 description = "Set `access-log-nb-lines`."; 540 }; 541 + nbChars = mkOption { 542 default = 180; 543 example = 256; 544 + type = int; 545 visible = false; 546 description = "Set `acesss-log-nb-chars`."; 547 }; 548 + specialOps = mkOption { 549 default = false; 550 example = true; 551 + type = bool; 552 visible = false; 553 description = "Set `access-log-special-ops`."; 554 }; 555 }; 556 xenfs = { 557 + kva = mkOption { 558 default = "/proc/xen/xsd_kva"; 559 example = cfg.store.settings.xenstored.xenfs.kva; 560 + type = path; 561 visible = false; 562 description = '' 563 Path to the Xen Store Daemon KVA location inside the XenFS pseudo-filesystem. 564 While it is possible to alter this value, some drivers may be hardcoded to follow the default paths. 565 ''; 566 }; 567 + port = mkOption { 568 default = "/proc/xen/xsd_port"; 569 example = cfg.store.settings.xenstored.xenfs.port; 570 + type = path; 571 visible = false; 572 description = '' 573 Path to the Xen Store Daemon userspace port inside the XenFS pseudo-filesystem. ··· 578 }; 579 }; 580 }; 581 + ringScanInterval = mkOption { 582 default = 20; 583 example = 30; 584 + type = addCheck ( 585 + int 586 // { 587 name = "nonzeroInt"; 588 description = "nonzero signed integer, meaning !=0"; ··· 602 603 ## Implementation ## 604 605 + config = mkIf cfg.enable { 606 assertions = [ 607 { 608 assertion = pkgs.stdenv.hostPlatform.isx86_64; ··· 639 ]; 640 641 virtualisation.xen.bootParams = 642 + optionals cfg.trace [ 643 "loglvl=all" 644 "guest_loglvl=all" 645 ] 646 ++ 647 + optional (cfg.dom0Resources.memory != 0) 648 "dom0_mem=${toString cfg.dom0Resources.memory}M${ 649 + optionalString ( 650 cfg.dom0Resources.memory != cfg.dom0Resources.maxMemory 651 ) ",max:${toString cfg.dom0Resources.maxMemory}M" 652 }" 653 + ++ optional ( 654 cfg.dom0Resources.maxVCPUs != 0 655 ) "dom0_max_vcpus=${toString cfg.dom0Resources.maxVCPUs}"; 656 ··· 701 702 # See the `xenBootBuilder` script in the main `let...in` statement of this file. 703 loader.systemd-boot.extraInstallCommands = '' 704 + ${getExe xenBootBuilder} ${cfg.efi.bootBuilderVerbosity} 705 ''; 706 }; 707 ··· 744 745 XENSTORED="${cfg.store.path}" 746 QEMU_XEN="${cfg.qemu.package}/${cfg.qemu.package.qemu-system-i386}" 747 + ${optionalString cfg.trace '' 748 XENSTORED_TRACE=yes 749 XENCONSOLED_TRACE=all 750 ''} ··· 756 ''; 757 } 758 # The OCaml-based Xen Store Daemon requires /etc/xen/oxenstored.conf to start. 759 + // optionalAttrs (cfg.store.type == "ocaml") { 760 "xen/oxenstored.conf".text = '' 761 pid-file = ${cfg.store.settings.pidFile} 762 + test-eagain = ${boolToString cfg.store.settings.testEAGAIN} 763 merge-activate = ${toString cfg.store.settings.enableMerge} 764 conflict-burst-limit = ${toString cfg.store.settings.conflict.burstLimit} 765 conflict-max-history-seconds = ${toString cfg.store.settings.conflict.maxHistorySeconds} ··· 775 quota-path-max = ${toString cfg.store.settings.quota.maxPath} 776 quota-maxoutstanding = ${toString cfg.store.settings.quota.maxOutstanding} 777 quota-maxwatchevents = ${toString cfg.store.settings.quota.maxWatchEvents} 778 + persistent = ${boolToString cfg.store.settings.persistent} 779 xenstored-log-file = ${cfg.store.settings.xenstored.log.file} 780 xenstored-log-level = ${ 781 if isNull cfg.store.settings.xenstored.log.level then ··· 787 access-log-file = ${cfg.store.settings.xenstored.accessLog.file} 788 access-log-nb-lines = ${toString cfg.store.settings.xenstored.accessLog.nbLines} 789 acesss-log-nb-chars = ${toString cfg.store.settings.xenstored.accessLog.nbChars} 790 + access-log-special-ops = ${boolToString cfg.store.settings.xenstored.accessLog.specialOps} 791 ring-scan-interval = ${toString cfg.store.settings.ringScanInterval} 792 xenstored-kva = ${cfg.store.settings.xenstored.xenfs.kva} 793 xenstored-port = ${cfg.store.settings.xenstored.xenfs.port} ··· 870 }; 871 }; 872 }; 873 + meta.maintainers = members; 874 }