Conversation
github-actions
bot
added
6.topic: nixos
ofborg
bot
added
10.rebuild-darwin: 0
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
c4e69df to
55c2d09
Compare
There was a problem hiding this comment.
i see many changes of the kind that would also be suggested by the tool shellcheck - did you run that tool on the result and got the inspiration for the tool from there?
Maybe we could have shellcheck run over the output automatically?
(In that case it might also help if the script would be less concatenated from nix snippets)
There was a problem hiding this comment.
Yes, I run shellcheck on the result/bin/run-machine-vm script and applied the changes to the Nix code.
I guess It could be added as a checkPhase to the writer functions (writeShellScript, etc.), but I'm not sure what the performance penality would be.
There was a problem hiding this comment.
shellcheck is usually pretty fast but the problem I with adding that is that we probably need to disable some checks and also add a lot more ignore comments at false positives.
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
55c2d09 to
21f3338
Compare
|
Fixed guest fowarding and added assertions for common mistakes. |
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
21f3338 to
9723b04
Compare
|
I fixed another bug introduced with the qemu-common renaming. |
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
9723b04 to
1eabb67
Compare
|
Fixed a typo. |
piegamesde
left a comment
piegamesde
left a comment
There was a problem hiding this comment.
I tried it out and it indeed fixes #134318. Also the changes of the default values are deeply appreciated. I only reviewed the first commits in detail though.
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
1eabb67 to
c0743c9
Compare
|
@ofborg test simple |
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
c0743c9 to
9a57525
Compare
github-actions
bot
added
8.has: changelog
|
Rebased and added a release note. Also, I enabled the documentation of these options in the manual, by default. |
- Fix shell quoting issues - Fix unsafe cd in run-machine-vm script
The current name is misleading: it doesn't contain cli arguments, but several constants and utility functions related to qemu. This commit also removes the use of `with import ...` for clarity.
rnhmjoj
force-pushed
the
qemu-restoration
branch
from
9a57525 to
bd3cb03
Compare
|
Rebased againd a fixed a couple of conflict. |
nrdxp
left a comment
nrdxp
left a comment
There was a problem hiding this comment.
Overall looks like a very nice and welcome clean up, especially the type additions. None of my remarks are hard blockers I'd say. Good work!
| ${qemu}/bin/qemu-img create -f qcow2 -F qcow2 -b ${bootDisk}/disk.img "$TMPDIR/disk.img" || exit 1 | ||
|
|
||
| NIX_EFI_VARS=$(readlink -f ''${NIX_EFI_VARS:-${cfg.efiVars}}) | ||
| NIX_EFI_VARS=$(readlink -f "''${NIX_EFI_VARS:-${cfg.efiVars}}") | ||
|
|
||
| ${if cfg.useEFIBoot then '' | ||
| ${lib.optionalString cfg.useEFIBoot | ||
| '' | ||
| # VM needs writable EFI vars | ||
| if ! test -e "$NIX_EFI_VARS"; then | ||
| cp ${bootDisk}/efi-vars.fd "$NIX_EFI_VARS" || exit 1 | ||
| chmod 0644 "$NIX_EFI_VARS" || exit 1 | ||
| fi | ||
| '' else ""} | ||
| '' else ""} | ||
| ''} | ||
| ''} | ||
|
|
||
| cd $TMPDIR | ||
| idx=0 | ||
| cd "$TMPDIR" || exit 1 |
There was a problem hiding this comment.
Might it be better to use a simple set -e on the script rather than all these explicit exits?
|
|
||
| <warning><para> | ||
| If the NixOS firewall on the virtual machine is enabled, you also | ||
| have to open the guest ports to enable the traffic between host and |
There was a problem hiding this comment.
could we not open the same firewall ports ourselves using a gatekeeping option that some modules have, i.e. openPorts?
|
Might it be better to use a simple `set -e` on the script rather than
all these explicit exits?
Good idea, I've opened a new PR: #139844
could we not open the same firewall ports ourselves using a
gatekeeping option that some modules have, i.e. `openPorts`?
Yes, it should be doable. However, NixOS VM are normally used to test a
real setup, including the firewall configuration, so such an option
should be off by default.
|
|
Did you break unstable-small again? From our Hydra (don't mind the weird name of nixpkgs): Probably because of this file: |
|
It seems |
The way `networkingOptions` works seems to have change following NixOS/nixpkgs#127933.
7 participants
Motivation for this change
The NixOS QEMU module has always been in pretty degraded
state: most of the options are not type-checked or
documented (I think the reason is that the module is not
in the manual, can we fix this too?). Manipulating the
qemu.optionsis painful andqemu.networkingOptionsmakes a very good footgun. Lots of options are hard-coded
and it's not clear how to override them1.
So, here I try to clean up things a bit and adding some
higher-level options for
The change is quite big but I tried to break into smaller commits.
Things done
virtualisation.resolutionnixos-rebuild build-vmnixos-build-vmsnixosTests