mirror of
https://github.com/librephoenix/nixos-config
synced 2025-01-18 22:55:52 +05:30
Got my NixOS flake to run under WSL!
This commit is contained in:
parent
e877fd63bc
commit
0a71232a56
|
@ -43,6 +43,7 @@ I separate my configurations into [[./profiles][profiles]] (essentially system t
|
|||
- [[./profiles/personal][Personal]] - What I would run on a personal laptop/desktop
|
||||
- [[./profiles/work][Work]] - What I would run on a work laptop/desktop (if they let me bring my own OS :P)
|
||||
- [[./profiles/homelab][Homelab]] - What I would run on a server or homelab
|
||||
- [[./profiles/wsl][WSL]] - What I would run underneath Windows Subystem for Linux
|
||||
|
||||
My profile can be conveniently selected in [[./flake.nix][my flake.nix]] by setting the =profile= variable.
|
||||
|
||||
|
|
|
@ -6,6 +6,6 @@ Current profiles I have available are:
|
|||
- [[./personal][Personal]] - What I would run on a personal laptop/desktop*
|
||||
- [[./work][Work]] - What I would run on a work laptop/desktop (if they let me bring my own OS :P)
|
||||
- [[./homelab][Homelab]] - What I would run on a server or homelab
|
||||
- [[./wsl][WSL]] - What I would run inside WSL on Windows
|
||||
- [[./wsl][WSL]] - What I would run underneath Windows Subystem for Linux
|
||||
|
||||
*My [[./personal][personal]] and [[./work][work]] profiles are actually functionally identical (the [[./work][work]] profile is actually imported into the [[./personal][personal]] profile)! The only difference between them is that my [[./personal][personal]] profile has a few extra things like gaming and social apps.
|
||||
|
|
|
@ -1,3 +1,5 @@
|
|||
#+title: Trying to use a computer without Linux is hard
|
||||
|
||||
This is my =WSL= profile, which is a minimal installation I use on Windows underneath WSL. This is essentially just for Emacs, some useful CLI apps I can't live without (namely ranger), and LibreOffice, which runs strangely slow on Windows.
|
||||
This is my =WSL= profile, which is a minimal installation I use on Windows underneath WSL. This (obviously) requires [[https://github.com/nix-community/NixOS-WSL][NixOS-WSL]] to be installed. I essentially just use this for Emacs, some useful CLI apps I can't live without (namely ranger), and LibreOffice, which runs strangely slow on Windows (hmm, I wonder why? It's not like Microsoft has a competing office suite or anything...)
|
||||
|
||||
The [[./nixos-wsl][nixos-wsl]] directory is taken directly from [[https://github.com/nix-community/NixOS-WSL][NixOS-WSL]] and merely patched slightly to allow it to run with the unstable channel of nixpkgs.
|
||||
|
|
|
@ -3,9 +3,16 @@
|
|||
# and in the NixOS manual (accessible by running ‘nixos-help’).
|
||||
|
||||
{ config, lib, pkgs, blocklist-hosts, username, name, hostname, timezone, locale, wm, theme, ... }:
|
||||
|
||||
with lib;
|
||||
let
|
||||
nixos-wsl = import ./nixos-wsl;
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[ ../../system/hardware-configuration.nix
|
||||
[ #"${modulesPath}/profiles/minimal.nix"
|
||||
nixos-wsl.nixosModules.wsl
|
||||
#../../system/hardware-configuration.nix
|
||||
../../system/hardware/kernel.nix # Kernel config
|
||||
../../system/hardware/opengl.nix
|
||||
../../system/hardware/printing.nix
|
||||
|
@ -18,6 +25,20 @@
|
|||
../../system/style/stylix.nix
|
||||
];
|
||||
|
||||
wsl = {
|
||||
enable = true;
|
||||
automountPath = "/mnt";
|
||||
defaultUser = username;
|
||||
startMenuLaunchers = true;
|
||||
|
||||
# Enable native Docker support
|
||||
# docker-native.enable = true;
|
||||
|
||||
# Enable integration with Docker Desktop (needs to be installed)
|
||||
# docker-desktop.enable = true;
|
||||
|
||||
};
|
||||
|
||||
# Fix nix path
|
||||
nix.nixPath = [ "nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos"
|
||||
"nixos-config=$HOME/dotfiles/system/configuration.nix"
|
||||
|
@ -27,20 +48,20 @@
|
|||
# Experimental features
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
# Ensure nix flakes are enabled
|
||||
nix.package = pkgs.nixFlakes;
|
||||
nix.extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
# I'm sorry Stallman-taichou
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
# Kernel modules
|
||||
boot.kernelModules = [ "i2c-dev" "i2c-piix4" "cpufreq_powersave" ];
|
||||
|
||||
# Bootloader
|
||||
boot.loader.systemd-boot.enable = true;
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
boot.loader.efi.efiSysMountPoint = "/boot/efi";
|
||||
|
||||
# Networking
|
||||
networking.hostName = hostname; # Define your hostname.
|
||||
networking.networkmanager.enable = true; # Use networkmanager
|
||||
|
||||
# Timezone and locale
|
||||
time.timeZone = timezone; # time zone
|
||||
|
@ -89,6 +110,6 @@
|
|||
};
|
||||
|
||||
# It is ok to leave this unchanged for compatibility purposes
|
||||
system.stateVersion = "22.11";
|
||||
system.stateVersion = "22.05";
|
||||
|
||||
}
|
||||
|
|
|
@ -27,6 +27,7 @@
|
|||
# Core
|
||||
zsh
|
||||
git
|
||||
syncthing
|
||||
|
||||
# Office
|
||||
libreoffice-fresh-unwrapped
|
||||
|
@ -37,6 +38,8 @@
|
|||
nodePackages.ungit
|
||||
];
|
||||
|
||||
services.syncthing.enable = true;
|
||||
|
||||
xdg.enable = true;
|
||||
xdg.userDirs = {
|
||||
enable = true;
|
||||
|
|
202
profiles/wsl/nixos-wsl/LICENSE
Executable file
202
profiles/wsl/nixos-wsl/LICENSE
Executable file
|
@ -0,0 +1,202 @@
|
|||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [yyyy] [name of copyright owner]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
112
profiles/wsl/nixos-wsl/README.md
Executable file
112
profiles/wsl/nixos-wsl/README.md
Executable file
|
@ -0,0 +1,112 @@
|
|||
<h1 align=center>
|
||||
NixOS on WSL<br />
|
||||
<a href="https://matrix.to/#/#wsl:nixos.org"><img src="https://img.shields.io/matrix/wsl:nixos.org?server_fqdn=nixos.ems.host&logo=matrix" alt="Matrix Chat" /></a>
|
||||
<a href="https://github.com/NixOS/nixpkgs/tree/nixos-22.05"><img src="https://img.shields.io/badge/nixpkgs-22.05-brightgreen" alt="nixpkgs 22.05" /></a>
|
||||
<a href="https://github.com/nix-community/NixOS-WSL/releases"><img alt="Downloads" src="https://img.shields.io/github/downloads/nix-community/NixOS-WSL/total"></a>
|
||||
</h1>
|
||||
|
||||
A minimal root filesystem for running NixOS on WSL. It can be used with
|
||||
[DistroLauncher](https://github.com/microsoft/WSL-DistroLauncher) as
|
||||
`install.tar.gz` or as input to `wsl --import --version 2`.
|
||||
|
||||
## Quick start
|
||||
|
||||
First, [download the latest release\'s installer](https://github.com/nix-community/NixOS-WSL/releases/latest).
|
||||
|
||||
Then open up a Terminal, PowerShell or Command Prompt and run:
|
||||
|
||||
```sh
|
||||
wsl --import NixOS .\NixOS\ nixos-wsl-installer.tar.gz --version 2
|
||||
```
|
||||
|
||||
This sets up a new WSL distribution `NixOS` that is installed under
|
||||
`.\NixOS`. `nixos-wsl-installer.tar.gz` is the path to the file you
|
||||
downloaded earlier. You might need to change this path or change to the download directory first.
|
||||
|
||||
You can now run NixOS:
|
||||
|
||||
```sh
|
||||
wsl -d NixOS
|
||||
```
|
||||
|
||||
The installer will unpack the file system and subsequently start NixOS.
|
||||
A few warnings about file systems and locales will pop up. You can
|
||||
safely ignore them. After systemd has started, you should be greeted
|
||||
with a bash prompt inside your fresh NixOS installation.
|
||||
|
||||
If you want to make NixOS your default distribution, you can do so with
|
||||
|
||||
```sh
|
||||
wsl -s NixOS
|
||||
```
|
||||
|
||||
## Building your own system tarball
|
||||
|
||||
This requires access to a system that already has Nix installed. Please refer to the [Nix installation guide](https://nixos.org/guides/install-nix.html) if that\'s not the case.
|
||||
|
||||
If you have a flakes-enabled Nix, you can use the following command to
|
||||
build your own tarball instead of relying on a prebuilt one:
|
||||
|
||||
```cmd
|
||||
nix build github:nix-community/NixOS-WSL#nixosConfigurations.mysystem.config.system.build.installer
|
||||
```
|
||||
|
||||
Or, if you want to build with local changes, run inside your checkout:
|
||||
|
||||
```cmd
|
||||
nix build .#nixosConfigurations.mysystem.config.system.build.installer
|
||||
```
|
||||
|
||||
Without a flakes-enabled Nix, you can build a tarball using:
|
||||
|
||||
```cmd
|
||||
nix-build -A nixosConfigurations.mysystem.config.system.build.installer
|
||||
```
|
||||
|
||||
The resulting installer tarball can then be found under
|
||||
`./result/tarball/nixos-wsl-installer.tar.gz`.
|
||||
|
||||
You can also build a rootfs tarball without wrapping it in the installer
|
||||
by replacing `installer` with `tarball` in the above commands. The
|
||||
rootfs tarball can then be found under
|
||||
`./result/tarball/nixos-wsl-x86_64-linux.tar.gz`.
|
||||
|
||||
## Design
|
||||
|
||||
Getting NixOS to run under WSL requires some workarounds:
|
||||
|
||||
### systemd support
|
||||
|
||||
WSL comes with its own (non-substitutable) init system while NixOS uses
|
||||
systemd. Simply starting systemd later on does not work out of the box,
|
||||
because systemd as system instance refuses to start if it is not PID 1.
|
||||
This unfortunate combination is resolved in two ways:
|
||||
|
||||
- the user\'s default shell is replaced by a wrapper script that acts
|
||||
is init system and then drops to the actual shell
|
||||
- systemd is started in its own PID namespace; therefore, it is PID 1.
|
||||
The shell wrapper (see above) enters the systemd namespace before
|
||||
dropping to the shell.
|
||||
|
||||
### Installer
|
||||
|
||||
Usually WSL distributions ship as a tarball of their root file system.
|
||||
These tarballs however, can not contain any hard-links due to the way
|
||||
they are unpacked by WSL, resulting in an \"Unspecified Error\". By
|
||||
default some Nix-derivations will contain hard-links when they are
|
||||
built. This results in system tarballs that can not be imported into
|
||||
WSL. To circumvent this problem, the rootfs tarball is wrapped in that
|
||||
of a minimal distribution (the installer), that is packaged without any
|
||||
hard-links. When the installer system is started for the first time, it
|
||||
overwrites itself with the contents of the rootfs tarball.
|
||||
|
||||
## License
|
||||
|
||||
Apache License, Version 2.0. See `LICENSE` or <http://www.apache.org/licenses/LICENSE-2.0.html> for details.
|
||||
|
||||
## Further links
|
||||
|
||||
- [DistroLauncher](https://github.com/microsoft/WSL-DistroLauncher)
|
||||
- [A quick way into a systemd \"bottle\" for WSL](https://github.com/arkane-systems/genie)
|
||||
- [NixOS in Windows Store for Windows Subsystem for Linux](https://github.com/NixOS/nixpkgs/issues/30391)
|
||||
- [wsl2-hacks](https://github.com/shayne/wsl2-hacks)
|
13
profiles/wsl/nixos-wsl/default.nix
Executable file
13
profiles/wsl/nixos-wsl/default.nix
Executable file
|
@ -0,0 +1,13 @@
|
|||
(import
|
||||
(
|
||||
let
|
||||
lock = builtins.fromJSON (builtins.readFile ./flake.lock);
|
||||
in
|
||||
fetchTarball {
|
||||
url = "https://github.com/edolstra/flake-compat/archive/${lock.nodes.flake-compat.locked.rev}.tar.gz";
|
||||
sha256 = lock.nodes.flake-compat.locked.narHash;
|
||||
}
|
||||
)
|
||||
{
|
||||
src = ./.;
|
||||
}).defaultNix
|
59
profiles/wsl/nixos-wsl/flake.lock
Executable file
59
profiles/wsl/nixos-wsl/flake.lock
Executable file
|
@ -0,0 +1,59 @@
|
|||
{
|
||||
"nodes": {
|
||||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1650374568,
|
||||
"narHash": "sha256-Z+s0J8/r907g149rllvwhb4pKi8Wam5ij0st8PwAh+E=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "b4a34015c698c7793d592d66adbab377907a2be8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1659877975,
|
||||
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1660318005,
|
||||
"narHash": "sha256-g9WCa9lVUmOV6dYRbEPjv/TLOR5hamjeCcKExVGS3OQ=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "5c211b47aeadcc178c5320afd4e74c7eed5c389f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-22.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
56
profiles/wsl/nixos-wsl/flake.nix
Executable file
56
profiles/wsl/nixos-wsl/flake.nix
Executable file
|
@ -0,0 +1,56 @@
|
|||
{
|
||||
description = "NixOS WSL";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "nixpkgs/nixos-22.05";
|
||||
flake-utils.url = "github:numtide/flake-utils";
|
||||
|
||||
flake-compat = {
|
||||
url = "github:edolstra/flake-compat";
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = { self, nixpkgs, flake-utils, ... }:
|
||||
{
|
||||
|
||||
nixosModules.wsl = {
|
||||
imports = [
|
||||
./modules/build-tarball.nix
|
||||
./modules/docker-desktop.nix
|
||||
./modules/docker-native.nix
|
||||
./modules/installer.nix
|
||||
./modules/interop.nix
|
||||
./modules/wsl-distro.nix
|
||||
];
|
||||
};
|
||||
|
||||
nixosConfigurations.mysystem = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
./configuration.nix
|
||||
];
|
||||
};
|
||||
|
||||
} //
|
||||
flake-utils.lib.eachSystem
|
||||
(with flake-utils.lib.system; [ "x86_64-linux" "aarch64-linux" ])
|
||||
(system:
|
||||
let
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
in
|
||||
{
|
||||
checks.check-format = pkgs.runCommand "check-format"
|
||||
{
|
||||
buildInputs = with pkgs; [ nixpkgs-fmt ];
|
||||
} ''
|
||||
nixpkgs-fmt --check ${./.}
|
||||
mkdir $out # success
|
||||
'';
|
||||
|
||||
devShell = pkgs.mkShell {
|
||||
nativeBuildInputs = with pkgs; [ nixpkgs-fmt ];
|
||||
};
|
||||
}
|
||||
);
|
||||
}
|
97
profiles/wsl/nixos-wsl/modules/build-tarball.nix
Executable file
97
profiles/wsl/nixos-wsl/modules/build-tarball.nix
Executable file
|
@ -0,0 +1,97 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with builtins; with lib;
|
||||
let
|
||||
pkgs2storeContents = l: map (x: { object = x; symlink = "none"; }) l;
|
||||
|
||||
nixpkgs = lib.cleanSource pkgs.path;
|
||||
|
||||
channelSources = pkgs.runCommand "nixos-${config.system.nixos.version}"
|
||||
{ preferLocalBuild = true; }
|
||||
''
|
||||
mkdir -p $out
|
||||
cp -prd ${nixpkgs.outPath} $out/nixos
|
||||
chmod -R u+w $out/nixos
|
||||
if [ ! -e $out/nixos/nixpkgs ]; then
|
||||
ln -s . $out/nixos/nixpkgs
|
||||
fi
|
||||
echo -n ${toString config.system.nixos.revision} > $out/nixos/.git-revision
|
||||
echo -n ${toString config.system.nixos.versionSuffix} > $out/nixos/.version-suffix
|
||||
echo ${toString config.system.nixos.versionSuffix} | sed -e s/pre// > $out/nixos/svn-revision
|
||||
'';
|
||||
|
||||
preparer = pkgs.writeShellScriptBin "wsl-prepare" ''
|
||||
set -e
|
||||
|
||||
mkdir -m 0755 ./bin ./etc
|
||||
mkdir -m 1777 ./tmp
|
||||
|
||||
# WSL requires a /bin/sh - only temporary, NixOS's activate will overwrite
|
||||
ln -s ${config.users.users.root.shell} ./bin/sh
|
||||
|
||||
# WSL also requires a /bin/mount, otherwise the host fs isn't accessible
|
||||
ln -s /nix/var/nix/profiles/system/sw/bin/mount ./bin/mount
|
||||
|
||||
# Set system profile
|
||||
system=${config.system.build.toplevel}
|
||||
./$system/sw/bin/nix-store --store `pwd` --load-db < ./nix-path-registration
|
||||
rm ./nix-path-registration
|
||||
./$system/sw/bin/nix-env --store `pwd` -p ./nix/var/nix/profiles/system --set $system
|
||||
|
||||
# Set channel
|
||||
mkdir -p ./nix/var/nix/profiles/per-user/root
|
||||
./$system/sw/bin/nix-env --store `pwd` -p ./nix/var/nix/profiles/per-user/root/channels --set ${channelSources}
|
||||
mkdir -m 0700 -p ./root/.nix-defexpr
|
||||
ln -s /nix/var/nix/profiles/per-user/root/channels ./root/.nix-defexpr/channels
|
||||
|
||||
# It's now a NixOS!
|
||||
touch ./etc/NIXOS
|
||||
|
||||
# Write wsl.conf so that it is present when NixOS is started for the first time
|
||||
cp ${config.environment.etc."wsl.conf".source} ./etc/wsl.conf
|
||||
|
||||
${lib.optionalString config.wsl.tarball.includeConfig ''
|
||||
# Copy the system configuration
|
||||
mkdir -p ./etc/nixos/nixos-wsl
|
||||
cp -R ${lib.cleanSource ../.}/. ./etc/nixos/nixos-wsl
|
||||
mv ./etc/nixos/nixos-wsl/configuration.nix ./etc/nixos/configuration.nix
|
||||
# Patch the import path to avoid having a flake.nix in /etc/nixos
|
||||
sed -i 's|import \./default\.nix|import \./nixos-wsl|' ./etc/nixos/configuration.nix
|
||||
''}
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
|
||||
options.wsl.tarball = {
|
||||
includeConfig = mkOption {
|
||||
type = types.bool;
|
||||
default = true;
|
||||
description = "Whether or not to copy the system configuration into the tarball";
|
||||
};
|
||||
};
|
||||
|
||||
|
||||
config = mkIf config.wsl.enable {
|
||||
# These options make no sense without the wsl-distro module anyway
|
||||
|
||||
system.build.tarball = pkgs.callPackage "${nixpkgs}/nixos/lib/make-system-tarball.nix" {
|
||||
# No contents, structure will be added by prepare script
|
||||
contents = [ ];
|
||||
|
||||
fileName = "nixos-wsl-${pkgs.hostPlatform.system}";
|
||||
|
||||
storeContents = pkgs2storeContents [
|
||||
config.system.build.toplevel
|
||||
channelSources
|
||||
preparer
|
||||
];
|
||||
|
||||
extraCommands = "${preparer}/bin/wsl-prepare";
|
||||
|
||||
# Use gzip
|
||||
compressCommand = "gzip";
|
||||
compressionExtension = ".gz";
|
||||
};
|
||||
|
||||
};
|
||||
}
|
41
profiles/wsl/nixos-wsl/modules/docker-desktop.nix
Executable file
41
profiles/wsl/nixos-wsl/modules/docker-desktop.nix
Executable file
|
@ -0,0 +1,41 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with builtins; with lib; {
|
||||
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "wsl" "docker" ] [ "wsl" "docker-desktop" ])
|
||||
];
|
||||
|
||||
options.wsl.docker-desktop = with types; {
|
||||
enable = mkEnableOption "Docker Desktop integration";
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.wsl.docker-desktop;
|
||||
in
|
||||
mkIf (config.wsl.enable && cfg.enable) {
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker
|
||||
docker-compose
|
||||
];
|
||||
|
||||
systemd.services.docker-desktop-proxy = {
|
||||
description = "Docker Desktop proxy";
|
||||
script = ''
|
||||
${config.wsl.automountPath}/wsl/docker-desktop/docker-desktop-user-distro proxy --docker-desktop-root ${config.wsl.automountPath}/wsl/docker-desktop
|
||||
'';
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
RestartSec = "30s";
|
||||
};
|
||||
};
|
||||
|
||||
users.groups.docker.members = [
|
||||
config.wsl.defaultUser
|
||||
];
|
||||
|
||||
};
|
||||
|
||||
}
|
40
profiles/wsl/nixos-wsl/modules/docker-native.nix
Executable file
40
profiles/wsl/nixos-wsl/modules/docker-native.nix
Executable file
|
@ -0,0 +1,40 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with builtins; with lib; {
|
||||
|
||||
options.wsl.docker-native = with types; {
|
||||
enable = mkEnableOption "Native Docker integration in NixOS.";
|
||||
|
||||
addToDockerGroup = mkOption {
|
||||
type = bool;
|
||||
default = config.security.sudo.wheelNeedsPassword;
|
||||
description = ''
|
||||
Wether to add the default user to the docker group.
|
||||
|
||||
This is not recommended, if you have a password, because it essentially permits unauthenticated root access.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.wsl.docker-native;
|
||||
in
|
||||
mkIf (config.wsl.enable && cfg.enable) {
|
||||
nixpkgs.overlays = [
|
||||
(self: super: {
|
||||
docker = super.docker.override { iptables = pkgs.iptables-legacy; };
|
||||
})
|
||||
];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
docker
|
||||
docker-compose
|
||||
];
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
users.groups.docker.members = lib.mkIf cfg.addToDockerGroup [
|
||||
config.wsl.defaultUser
|
||||
];
|
||||
};
|
||||
}
|
73
profiles/wsl/nixos-wsl/modules/installer.nix
Executable file
73
profiles/wsl/nixos-wsl/modules/installer.nix
Executable file
|
@ -0,0 +1,73 @@
|
|||
{ config, lib, pkgs, ... }:
|
||||
with builtins; with lib; {
|
||||
|
||||
config = mkIf config.wsl.enable (
|
||||
let
|
||||
mkTarball = pkgs.callPackage "${lib.cleanSource pkgs.path}/nixos/lib/make-system-tarball.nix";
|
||||
|
||||
pkgs2storeContents = map (x: { object = x; symlink = "none"; });
|
||||
|
||||
rootfs = let tarball = config.system.build.tarball; in "${tarball}/tarball/${tarball.fileName}.tar${tarball.extension}";
|
||||
|
||||
installer = pkgs.writeScript "installer.sh" ''
|
||||
#!${pkgs.busybox}/bin/sh
|
||||
BASEPATH=$PATH
|
||||
export PATH=$BASEPATH:${pkgs.busybox}/bin # Add busybox to path
|
||||
|
||||
set -e
|
||||
cd /
|
||||
|
||||
echo "Unpacking root file system..."
|
||||
${pkgs.pv}/bin/pv ${rootfs} | tar xz
|
||||
|
||||
echo "Activating nix configuration..."
|
||||
/nix/var/nix/profiles/system/activate
|
||||
PATH=$BASEPATH:/run/current-system/sw/bin # Use packages from target system
|
||||
|
||||
echo "Cleaning up installer files..."
|
||||
nix-collect-garbage
|
||||
rm /nix-path-registration
|
||||
|
||||
echo "Optimizing store..."
|
||||
nix-store --optimize
|
||||
|
||||
# Don't package the shell here, it's contained in the rootfs
|
||||
exec ${builtins.unsafeDiscardStringContext config.users.users.root.shell} "$@"
|
||||
'';
|
||||
|
||||
# Set installer.sh as the root shell
|
||||
passwd = pkgs.writeText "passwd" ''
|
||||
root:x:0:0:System administrator:/root:${installer}
|
||||
'';
|
||||
in
|
||||
{
|
||||
|
||||
system.build.installer = mkTarball {
|
||||
fileName = "nixos-wsl-installer";
|
||||
compressCommand = "gzip";
|
||||
compressionExtension = ".gz";
|
||||
extraArgs = "--hard-dereference";
|
||||
|
||||
storeContents = with pkgs; pkgs2storeContents [
|
||||
installer
|
||||
];
|
||||
|
||||
contents = [
|
||||
{ source = config.environment.etc."wsl.conf".source; target = "/etc/wsl.conf"; }
|
||||
{ source = config.environment.etc."fstab".source; target = "/etc/fstab"; }
|
||||
{ source = passwd; target = "/etc/passwd"; }
|
||||
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/sh"; }
|
||||
{ source = "${pkgs.busybox}/bin/busybox"; target = "/bin/mount"; }
|
||||
];
|
||||
|
||||
extraCommands = pkgs.writeShellScript "prepare" ''
|
||||
export PATH=$PATH:${pkgs.coreutils}/bin
|
||||
mkdir -p bin
|
||||
ln -s /init bin/wslpath
|
||||
'';
|
||||
};
|
||||
|
||||
}
|
||||
);
|
||||
|
||||
}
|
88
profiles/wsl/nixos-wsl/modules/interop.nix
Executable file
88
profiles/wsl/nixos-wsl/modules/interop.nix
Executable file
|
@ -0,0 +1,88 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
|
||||
with builtins; with lib;
|
||||
{
|
||||
imports = [
|
||||
(mkRenamedOptionModule [ "wsl" "compatibility" "interopPreserveArgvZero" ] [ "wsl" "interop" "preserveArgvZero" ])
|
||||
];
|
||||
|
||||
options.wsl.interop = with types; {
|
||||
register = mkOption {
|
||||
type = bool;
|
||||
default = false; # Use the existing registration by default
|
||||
description = "Explicitly register the binfmt_misc handler for Windows executables";
|
||||
};
|
||||
|
||||
includePath = mkOption {
|
||||
type = bool;
|
||||
default = true;
|
||||
description = "Include Windows PATH in WSL PATH";
|
||||
};
|
||||
|
||||
preserveArgvZero = mkOption {
|
||||
type = nullOr bool;
|
||||
default = null;
|
||||
description = ''
|
||||
Register binfmt interpreter for Windows executables with 'preserves argv[0]' flag.
|
||||
|
||||
Default (null): autodetect, at some performance cost.
|
||||
To avoid the performance cost, set this to true for WSL Preview 0.58 and up,
|
||||
or to false for any older versions, including pre-Microsoft Store and Windows 10.
|
||||
'';
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.wsl.interop;
|
||||
in
|
||||
mkIf config.wsl.enable {
|
||||
|
||||
boot.binfmt.registrations = mkIf cfg.register {
|
||||
WSLInterop =
|
||||
let
|
||||
compat = cfg.preserveArgvZero;
|
||||
|
||||
# WSL Preview 0.58 and up registers the /init binfmt interp for Windows executable
|
||||
# with the "preserve argv[0]" flag, so if you run `./foo.exe`, the interp gets invoked
|
||||
# as `/init foo.exe ./foo.exe`.
|
||||
# argv[0] --^ ^-- actual path
|
||||
#
|
||||
# Older versions expect to be called without the argv[0] bit, simply as `/init ./foo.exe`.
|
||||
#
|
||||
# We detect that by running `/init /known-not-existing-path.exe` and checking the exit code:
|
||||
# the new style interp expects at least two arguments, so exits with exit code 1,
|
||||
# presumably meaning "parsing error"; the old style interp attempts to actually run
|
||||
# the executable, fails to find it, and exits with 255.
|
||||
compatWrapper = pkgs.writeShellScript "nixos-wsl-binfmt-hack" ''
|
||||
/init /nixos-wsl-does-not-exist.exe
|
||||
[ $? -eq 255 ] && shift
|
||||
exec /init "$@"
|
||||
'';
|
||||
|
||||
# use the autodetect hack if unset, otherwise call /init directly
|
||||
interpreter = if compat == null then compatWrapper else "/init";
|
||||
|
||||
# enable for the wrapper and autodetect hack
|
||||
preserveArgvZero = if compat == false then false else true;
|
||||
in
|
||||
{
|
||||
magicOrExtension = "MZ";
|
||||
fixBinary = true;
|
||||
wrapInterpreterInShell = false;
|
||||
inherit interpreter preserveArgvZero;
|
||||
};
|
||||
};
|
||||
|
||||
# Include Windows %PATH% in Linux $PATH.
|
||||
environment.extraInit = mkIf cfg.includePath ''PATH="$PATH:$WSLPATH"'';
|
||||
|
||||
warnings =
|
||||
let
|
||||
registrations = config.boot.binfmt.registrations;
|
||||
in
|
||||
optional (!(registrations ? WSLInterop) && (length (attrNames config.boot.binfmt.registrations)) != 0) "Having any binfmt registrations without re-registering WSLInterop (wsl.interop.register) will break running .exe files from WSL2";
|
||||
};
|
||||
|
||||
|
||||
}
|
139
profiles/wsl/nixos-wsl/modules/wsl-distro.nix
Executable file
139
profiles/wsl/nixos-wsl/modules/wsl-distro.nix
Executable file
|
@ -0,0 +1,139 @@
|
|||
{ lib, pkgs, config, ... }:
|
||||
|
||||
with builtins; with lib;
|
||||
{
|
||||
options.wsl = with types;
|
||||
let
|
||||
coercedToStr = coercedTo (oneOf [ bool path int ]) (toString) str;
|
||||
in
|
||||
{
|
||||
enable = mkEnableOption "support for running NixOS as a WSL distribution";
|
||||
automountPath = mkOption {
|
||||
type = str;
|
||||
default = "/mnt";
|
||||
description = "The path where windows drives are mounted (e.g. /mnt/c)";
|
||||
};
|
||||
automountOptions = mkOption {
|
||||
type = str;
|
||||
default = "metadata,uid=1000,gid=100";
|
||||
description = "Options to use when mounting windows drives";
|
||||
};
|
||||
defaultUser = mkOption {
|
||||
type = str;
|
||||
default = "nixos";
|
||||
description = "The name of the default user";
|
||||
};
|
||||
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
|
||||
wslConf = mkOption {
|
||||
type = attrsOf (attrsOf (oneOf [ str int bool ]));
|
||||
description = "Entries that are added to /etc/wsl.conf";
|
||||
};
|
||||
};
|
||||
|
||||
config =
|
||||
let
|
||||
cfg = config.wsl;
|
||||
syschdemd = import ../syschdemd.nix { inherit lib pkgs config; inherit (cfg) automountPath defaultUser; defaultUserHome = config.users.users.${cfg.defaultUser}.home; };
|
||||
in
|
||||
mkIf cfg.enable {
|
||||
|
||||
wsl.wslConf = {
|
||||
automount = {
|
||||
enabled = true;
|
||||
mountFsTab = true;
|
||||
root = "${cfg.automountPath}/";
|
||||
options = cfg.automountOptions;
|
||||
};
|
||||
network = {
|
||||
generateResolvConf = mkDefault true;
|
||||
generateHosts = mkDefault true;
|
||||
};
|
||||
};
|
||||
|
||||
# WSL is closer to a container than anything else
|
||||
boot.isContainer = true;
|
||||
|
||||
environment.noXlibs = lib.mkForce false; # override xlibs not being installed (due to isContainer) to enable the use of GUI apps
|
||||
hardware.opengl.enable = true; # Enable GPU acceleration
|
||||
|
||||
environment = {
|
||||
|
||||
etc = {
|
||||
"wsl.conf".text = generators.toINI { } cfg.wslConf;
|
||||
|
||||
# DNS settings are managed by WSL
|
||||
hosts.enable = !config.wsl.wslConf.network.generateHosts;
|
||||
"resolv.conf".enable = !config.wsl.wslConf.network.generateResolvConf;
|
||||
};
|
||||
|
||||
systemPackages = [
|
||||
(pkgs.runCommand "wslpath" { } ''
|
||||
mkdir -p $out/bin
|
||||
ln -s /init $out/bin/wslpath
|
||||
'')
|
||||
];
|
||||
};
|
||||
|
||||
networking.dhcpcd.enable = false;
|
||||
|
||||
users.users.${cfg.defaultUser} = {
|
||||
isNormalUser = true;
|
||||
uid = 1000;
|
||||
extraGroups = [ "wheel" ]; # Allow the default user to use sudo
|
||||
};
|
||||
|
||||
users.users.root = {
|
||||
shell = "${syschdemd}/bin/syschdemd";
|
||||
# Otherwise WSL fails to login as root with "initgroups failed 5"
|
||||
extraGroups = [ "root" ];
|
||||
};
|
||||
|
||||
security.sudo = {
|
||||
extraConfig = ''
|
||||
Defaults env_keep+=INSIDE_NAMESPACE
|
||||
'';
|
||||
wheelNeedsPassword = mkDefault false; # The default user will not have a password by default
|
||||
};
|
||||
|
||||
system.activationScripts = {
|
||||
copy-launchers = mkIf cfg.startMenuLaunchers (
|
||||
stringAfter [ ] ''
|
||||
for x in applications icons; do
|
||||
echo "Copying /usr/share/$x"
|
||||
mkdir -p /usr/share/$x
|
||||
${pkgs.rsync}/bin/rsync -ar --delete $systemConfig/sw/share/$x/. /usr/share/$x
|
||||
done
|
||||
''
|
||||
);
|
||||
populateBin = stringAfter [ ] ''
|
||||
echo "setting up /bin..."
|
||||
ln -sf /init /bin/wslpath
|
||||
ln -sf ${pkgs.bashInteractive}/bin/bash /bin/sh
|
||||
ln -sf ${pkgs.util-linux}/bin/mount /bin/mount
|
||||
'';
|
||||
};
|
||||
|
||||
systemd = {
|
||||
# Disable systemd units that don't make sense on WSL
|
||||
services = {
|
||||
"serial-getty@ttyS0".enable = false;
|
||||
"serial-getty@hvc0".enable = false;
|
||||
"getty@tty1".enable = false;
|
||||
"autovt@".enable = false;
|
||||
firewall.enable = false;
|
||||
systemd-resolved.enable = false;
|
||||
systemd-udevd.enable = false;
|
||||
};
|
||||
|
||||
tmpfiles.rules = [
|
||||
# Don't remove the X11 socket
|
||||
"d /tmp/.X11-unix 1777 root root"
|
||||
];
|
||||
|
||||
# Don't allow emergency mode, because we don't have a console.
|
||||
enableEmergencyMode = false;
|
||||
};
|
||||
|
||||
warnings = (optional (config.systemd.services.systemd-resolved.enable && config.wsl.wslConf.network.generateResolvConf) "systemd-resolved is enabled, but resolv.conf is managed by WSL");
|
||||
};
|
||||
}
|
28
profiles/wsl/nixos-wsl/syschdemd.nix
Executable file
28
profiles/wsl/nixos-wsl/syschdemd.nix
Executable file
|
@ -0,0 +1,28 @@
|
|||
{ lib
|
||||
, pkgs
|
||||
, config
|
||||
, automountPath
|
||||
, defaultUser
|
||||
, defaultUserHome ? "/home/${defaultUser}"
|
||||
, ...
|
||||
}:
|
||||
|
||||
pkgs.substituteAll {
|
||||
name = "syschdemd";
|
||||
src = ./syschdemd.sh;
|
||||
dir = "bin";
|
||||
isExecutable = true;
|
||||
|
||||
buildInputs = with pkgs; [ daemonize ];
|
||||
|
||||
inherit defaultUser defaultUserHome;
|
||||
inherit (pkgs) daemonize;
|
||||
inherit (config.security) wrapperDir;
|
||||
fsPackagesPath = lib.makeBinPath config.system.fsPackages;
|
||||
|
||||
systemdWrapper = pkgs.writeShellScript "systemd-wrapper.sh" ''
|
||||
mount -t binfmt_misc binfmt_misc /proc/sys/fs/binfmt_misc || true
|
||||
mount --make-rshared ${automountPath}
|
||||
exec systemd
|
||||
'';
|
||||
}
|
78
profiles/wsl/nixos-wsl/syschdemd.sh
Executable file
78
profiles/wsl/nixos-wsl/syschdemd.sh
Executable file
|
@ -0,0 +1,78 @@
|
|||
#! @shell@
|
||||
|
||||
set -e
|
||||
|
||||
sw="/nix/var/nix/profiles/system/sw/bin"
|
||||
systemPath=$(${sw}/readlink -f /nix/var/nix/profiles/system)
|
||||
|
||||
function start_systemd {
|
||||
echo "Starting systemd..." >&2
|
||||
|
||||
PATH=/run/current-system/systemd/lib/systemd:@fsPackagesPath@ \
|
||||
LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive \
|
||||
@daemonize@/bin/daemonize /run/current-system/sw/bin/unshare -fp --mount-proc @systemdWrapper@
|
||||
|
||||
# Wait until systemd has been started to prevent a race condition from occuring
|
||||
while ! $sw/pgrep -xf systemd | $sw/tail -n1 >/run/systemd.pid; do
|
||||
$sw/sleep 1s
|
||||
done
|
||||
|
||||
# Wait for systemd to start services
|
||||
status=1
|
||||
while [[ $status -gt 0 ]]; do
|
||||
$sw/sleep 1
|
||||
status=0
|
||||
$sw/nsenter -t $(</run/systemd.pid) -p -m -- \
|
||||
$sw/systemctl is-system-running -q --wait 2>/dev/null ||
|
||||
status=$?
|
||||
done
|
||||
}
|
||||
|
||||
# Needs root to work
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "[ERROR] Requires root! :( Make sure the WSL default user is set to root" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ ! -e "/run/current-system" ]; then
|
||||
LANG="C.UTF-8" /nix/var/nix/profiles/system/activate
|
||||
fi
|
||||
|
||||
if [ ! -e "/run/systemd.pid" ]; then
|
||||
start_systemd
|
||||
fi
|
||||
|
||||
userShell=$($sw/getent passwd @defaultUser@ | $sw/cut -d: -f7)
|
||||
if [[ $# -gt 0 ]]; then
|
||||
# wsl seems to prefix with "-c"
|
||||
shift
|
||||
cmd="$@"
|
||||
else
|
||||
cmd="$userShell"
|
||||
fi
|
||||
|
||||
# Pass external environment but filter variables specific to root user.
|
||||
exportCmd="$(export -p | $sw/grep -vE ' (HOME|LOGNAME|SHELL|USER)='); export WSLPATH=\"$PATH\"; export INSIDE_NAMESPACE=true"
|
||||
|
||||
if [[ -z "${INSIDE_NAMESPACE:-}" ]]; then
|
||||
|
||||
# Test whether systemd is still alive if it was started previously
|
||||
if ! [ -d "/proc/$(</run/systemd.pid)" ]; then
|
||||
# Clear systemd pid if the process is not alive anymore
|
||||
$sw/rm /run/systemd.pid
|
||||
start_systemd
|
||||
fi
|
||||
|
||||
# If we are currently in /root, this is probably because the directory that WSL was started is inaccessible
|
||||
# cd to the user's home to prevent a warning about permission being denied on /root
|
||||
if [[ $PWD == "/root" ]]; then
|
||||
cd @defaultUserHome@
|
||||
fi
|
||||
|
||||
exec $sw/nsenter -t $(</run/systemd.pid) -p -m -- $sw/machinectl -q \
|
||||
--uid=@defaultUser@ shell .host /bin/sh -c \
|
||||
"cd \"$PWD\"; $exportCmd; source /etc/set-environment; exec $cmd"
|
||||
|
||||
else
|
||||
exec $cmd
|
||||
fi
|
Loading…
Reference in a new issue