[BREAKING] Provide runtime environment systemd services from munix

These services evolve as munix evolves, so they should not be part of the system closures themselves. Mount them into /run/systemd instead. (Yes, making /run/systemd/system a symlink to RO files is unfortunate, that could be changed in the future. FS prep code is annoying too..)
2026-03-06 04:53:30 -03:00 · 2026-03-06 04:53:30 -03:00 · 38a96b79b3
commit 38a96b79b3
parent 604ebc1356
18 changed files with 125 additions and 112 deletions
--- a/nixosModules/default.nix
+++ b/nixosModules/default.nix
@ -9,12 +9,6 @@
  ...
 }:
 let
-  useTTY = {
-    TTYPath = "/dev/hvc0";
-    StandardOutput = "tty";
-    StandardInput = "tty";
-    StandardError = "tty";
-  };
  runtimeDir = "/run/vm-user";
  system = pkgs.stdenv.hostPlatform.system;
 in
@ -171,95 +165,6 @@ in

    systemd.settings.Manager.DefaultEnvironment = "XDG_RUNTIME_DIR=${runtimeDir}";

-    systemd.services.muvm-remote = {
-      enable = true;
-      description = "microVM Application runner";
-      onFailure = [ "exit.target" ];
-      onSuccess = [ "exit.target" ];
-      wants = [ "sockets.target" ];
-      after = [ "sockets.target" ];
-      wantedBy = [ "microvm.target" ];
-      serviceConfig = {
-        Type = "exec";
-        PassEnvironment = [
-          "MESA_LOADER_DRIVER_OVERRIDE"
-          "MUVM_REMOTE_CONFIG"
-          # "KRUN_CONFIG"
-
-          "TERM"
-          "XDG_SESSION_TYPE"
-          "SDL_VIDEODRIVER"
-          "QT_QPA_PLATFORM"
-          "_JAVA_AWT_WM_NONREPARENTING"
-          "ELECTRON_OZONE_PLATFORM_HINT"
-          "GTK_USE_PORTAL"
-          "QT_QPA_PLATFORMTHEME"
-        ];
-        Environment = [
-          "WAYLAND_DISPLAY=wayland-1"
-          "DBUS_SESSION_BUS_ADDRESS=unix:path=${runtimeDir}/dbus.sock"
-          "PATH=/run/current-system/sw/bin"
-        ];
-        User = "appvm";
-        Group = "appvm";
-        ExecStartPre = "+/run/current-system/sw/bin/chown appvm:appvm ${runtimeDir}";
-        ExecStart = "/opt/bin/muvm-remote";
-        ExecStopPost = ''+${pkgs.python3}/bin/python -c "import os,fcntl,struct;print(os.getenv('EXIT_STATUS', '1'));fcntl.ioctl(os.open('/', os.O_RDONLY), 0x7602, int(os.getenv('EXIT_STATUS', '1')))"'';
-      }
-      // useTTY;
-    };
-
-    systemd.services.muvm-configure-network = {
-      enable = true;
-      description = "microVM Network configuration";
-      wantedBy = [ "microvm.target" ];
-      serviceConfig.Type = "oneshot";
-      serviceConfig.ExecStart = "/opt/bin/muvm-configure-network";
-    };
-
-    systemd.sockets.muvm-pwbridge = {
-      enable = true;
-      description = "PipeWire cross-domain proxy socket";
-      wantedBy = [ "microvm.target" ];
-      partOf = [ "muvm-pwbridge.service" ];
-      listenStreams = [ "${runtimeDir}/pipewire-0" ];
-      socketConfig = {
-        SocketUser = "appvm";
-        SocketGroup = "appvm";
-      };
-    };
-    systemd.services.muvm-pwbridge = {
-      enable = true;
-      description = "PipeWire cross-domain proxy";
-      requires = [ "muvm-pwbridge.socket" ];
-      serviceConfig.Type = "exec";
-      serviceConfig.ExecStart = "/opt/bin/muvm-pwbridge";
-    };
-
-    systemd.sockets.wayland-proxy = {
-      enable = true;
-      description = "Wayland cross-domain proxy socket";
-      wantedBy = [ "microvm.target" ];
-      partOf = [ "wayland-proxy.service" ];
-      listenStreams = [ "${runtimeDir}/wayland-1" ];
-      socketConfig = {
-        SocketUser = "appvm";
-        SocketGroup = "appvm";
-        FileDescriptorName = "wayland";
-      };
-    };
-    systemd.services.wayland-proxy = {
-      enable = true;
-      description = "Wayland cross-domain proxy";
-      requires = [ "wayland-proxy.socket" ];
-      serviceConfig = {
-        ExecStartPre = "+/run/current-system/sw/bin/chmod 0666 /dev/dri/card0 /dev/dri/renderD128";
-        ExecStart = "${self.packages.${system}.wl-cross-domain-proxy}/bin/wl-cross-domain-proxy --listen-fd --filter-global wp_presentation";
-        User = "appvm";
-        Group = "appvm";
-      };
-    };
-
    systemd.sockets.session-bus = {
      enable = true;
      description = "D-Bus session bus socket";
@ -281,20 +186,6 @@ in
        Group = "appvm";
      };
    };
-    systemd.services.session-bus-bridge = {
-      enable = true;
-      description = "D-Bus session bus";
-      wantedBy = ["microvm.target"];
-      requires = ["session-bus.socket" "session-bus.service"];
-      after = ["session-bus.service"];
-      serviceConfig = {
-        Environment = ["DBUS_SESSION_BUS_ADDRESS=unix:path=${runtimeDir}/dbus.sock"];
-        ExecStartPre = "+/run/current-system/sw/bin/chmod 0666 /dev/dri/card0 /dev/dri/renderD128";
-        ExecStart = "/opt/bin/muvm-dbusbridge";
-        User = "appvm";
-        Group = "appvm";
-      };
-    };

    hardware.graphics.enable = true;
    hardware.graphics.package = self.packages.${system}.mesa;