else/clan-munix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[BREAKING] Switch to virtgpu-based D-Bus tunneling

Browse source 
This introduces support for drag&drop and printing portals, and later
camera/screencasting should be possible as well. However we break
backwards compatibility with already built closures because the
nixosModule needs to be changed.

In the next commit, the runtime environment related services will be
removed from the nixosModule to prevent unnecessary future breakage.
This commit is contained in:
Val Packett 2026-02-27 02:51:07 -03:00
parent e00609ce73
commit 604ebc1356
4 changed files with 30 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

14
flake.lock generated
View file

@ -40,17 +40,17 @@
"muvm-src": { "muvm-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1769336998, "lastModified": 1772176363,
"narHash": "sha256-ZFtAYwr3AaD8WsDmXJ6eU12UojzfMm50UBWmWIXstl0=", "narHash": "sha256-aSWulv3ml4XmMYnFOkZCd2YBLIY0Rr8CUHK1NDYk5jw=",
"owner": "valpackett", "owner": "valpackett",
"repo": "muvm", "repo": "muvm",
"rev": "ae7dbd49aac04e9732a14a424572e99a81eb1298", "rev": "c68742bcedb96deb6f23ed5a83188022d1cdf71d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "valpackett", "owner": "valpackett",
"repo": "muvm", "repo": "muvm",
"rev": "ae7dbd49aac04e9732a14a424572e99a81eb1298", "rev": "c68742bcedb96deb6f23ed5a83188022d1cdf71d",
"type": "github" "type": "github"
} }
}, },
@ -89,10 +89,10 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1770365107, "lastModified": 1772183103,
"narHash": "sha256-rp2hDKF3pwHN0lBr09ckMNaMSJnwNolQmiad8C7u41Q=", "narHash": "sha256-9jbqBtaLUdOeT95PVUMz45JdUpVeJ25ZYZHEOQn9XsI=",
"ref": "main", "ref": "main",
"rev": "26261306592f6173fb844083b396bebf8140cb2b", "rev": "c42eaef55440e2594677ede5279bd8c3eaf128f2",
"shallow": true, "shallow": true,
"type": "git", "type": "git",
"url": "https://git.clan.lol/clan/sidebus" "url": "https://git.clan.lol/clan/sidebus"

6
flake.nix
View file

@ -16,7 +16,7 @@
# To override with local checkouts during development, use the --override-input CLI flag! # To override with local checkouts during development, use the --override-input CLI flag!
muvm-src = { muvm-src = {
url = "github:valpackett/muvm/ae7dbd49aac04e9732a14a424572e99a81eb1298"; # v0.5.0+custom-init url = "github:valpackett/muvm/c68742bcedb96deb6f23ed5a83188022d1cdf71d"; # v0.5.0+custom-init+dbus
flake = false; flake = false;
}; };
libkrun-src = { libkrun-src = {
@ -49,7 +49,7 @@
flake = { flake = {
nixosModules.testvm = nixpkgs.lib.modules.importApply ./nixosModules/testvm.nix { }; nixosModules.testvm = nixpkgs.lib.modules.importApply ./nixosModules/testvm.nix { };
nixosModules.default = nixpkgs.lib.modules.importApply ./nixosModules/default.nix { nixosModules.default = nixpkgs.lib.modules.importApply ./nixosModules/default.nix {
inherit self sidebus; inherit self;
}; };
templates.musictest = { templates.musictest = {
@ -124,8 +124,6 @@
sidebus-broker = sidebus.packages.${system}.sidebus-broker; sidebus-broker = sidebus.packages.${system}.sidebus-broker;
}; };
sidebus-agent = sidebus.packages.${system}.sidebus-agent;
wl-cross-domain-proxy = pkgs.callPackage ./packages/wl-cross-domain-proxy { }; wl-cross-domain-proxy = pkgs.callPackage ./packages/wl-cross-domain-proxy { };
}; };

26
munix
View file

@ -10,6 +10,7 @@ MICROVM_UID=1337
MICROVM_GID=1337 MICROVM_GID=1337
BWRAP_ARGS=() BWRAP_ARGS=()
MUVM_ARGS=() MUVM_ARGS=()
SIDEBUS_ARGS=()
GPU=1 GPU=1
WAYLAND=1 WAYLAND=1
PIPEWIRE=1 PIPEWIRE=1
@ -31,10 +32,10 @@ while [ "$#" -gt 0 ]; do
--no-pipewire) PIPEWIRE=0; shift 1;; --no-pipewire) PIPEWIRE=0; shift 1;;
--no-env-defaults) ENV_DEFAULTS=0; shift 1;; --no-env-defaults) ENV_DEFAULTS=0; shift 1;;
--x11) X11=1; shift 1;; --x11) X11=1; shift 1;;
-b|--bind) BWRAP_ARGS+=("--bind" "$2" "$3"); shift 3;; -b|--bind) BWRAP_ARGS+=("--bind" "$2" "$3"); SIDEBUS_ARGS+=("--path-mapping" "$3=$2"); shift 3;;
--ro-bind) BWRAP_ARGS+=("--ro-bind" "$2" "$3"); shift 3;; --ro-bind) BWRAP_ARGS+=("--ro-bind" "$2" "$3"); SIDEBUS_ARGS+=("--path-mapping" "$3=$2"); shift 3;;
-e|--expose) BWRAP_ARGS+=("--bind" "$2" "$2"); shift 2;; -e|--expose) BWRAP_ARGS+=("--bind" "$2" "$2"); SIDEBUS_ARGS+=("--path-mapping" "$2=$2"); shift 2;;
--ro-expose) BWRAP_ARGS+=("--ro-bind" "$2" "$2"); shift 2;; --ro-expose) BWRAP_ARGS+=("--ro-bind" "$2" "$2"); SIDEBUS_ARGS+=("--path-mapping" "$2=$2"); shift 2;;
-p|--publish) USING_PUBLISH=1; MUVM_ARGS+=("--publish=$2"); shift 2;; -p|--publish) USING_PUBLISH=1; MUVM_ARGS+=("--publish=$2"); shift 2;;
--host-opengl-driver) HOST_OPENGL_DRIVER="$2"; shift 2;; --host-opengl-driver) HOST_OPENGL_DRIVER="$2"; shift 2;;
--munix-bin-dir) SCRIPT_PATH="$2"; shift 2;; --munix-bin-dir) SCRIPT_PATH="$2"; shift 2;;
@ -186,12 +187,20 @@ trap cleanup EXIT INT TERM
HOST_RUNTIME_DIR="$XDG_RUNTIME_DIR/munix.$$" HOST_RUNTIME_DIR="$XDG_RUNTIME_DIR/munix.$$"
mkdir -p $HOST_RUNTIME_DIR mkdir -p $HOST_RUNTIME_DIR
rm $HOST_RUNTIME_DIR/* rm $HOST_RUNTIME_DIR/*
sidebus-broker --guest-mountpoint /mnt/munix-doc-portal/doc --runtime-dir "$HOST_RUNTIME_DIR" --unix-path "$HOST_RUNTIME_DIR/port.sock" >/dev/null 2>&1 & mkdir -p "$HOST_RUNTIME_DIR/home"
RUST_LOG=debug sidebus-broker \
--path-mapping "/home=$HOST_RUNTIME_DIR/home" \
"${SIDEBUS_ARGS[@]}" \
--guest-mountpoint /mnt/munix-doc-portal/doc \
--runtime-dir "$HOST_RUNTIME_DIR" \
--unix-path "$HOST_RUNTIME_DIR/port.sock" & # >/dev/null 2>&1 &
BG_PIDS+=("$!") BG_PIDS+=("$!")
while [ ! -S "$HOST_RUNTIME_DIR/port.sock" ]; do sleep 0.1; done while [ ! -S "$HOST_RUNTIME_DIR/port.sock" ]; do sleep 0.1; done
BWRAP_ARGS+=( BWRAP_ARGS=( # prepend home mount before other mounts to not override custom bind mounts under /home
--bind "$HOST_RUNTIME_DIR/home" /home
"${BWRAP_ARGS[@]}"
--bind "$HOST_RUNTIME_DIR" /mnt/munix-doc-portal --bind "$HOST_RUNTIME_DIR" /mnt/munix-doc-portal
--bind "$HOST_RUNTIME_DIR/port.sock" "$XDG_RUNTIME_DIR/krun/socket/port-50000" --setenv "RUTABAGA_DBUS_CLIENT_SOCKET" /mnt/munix-doc-portal/port.sock
) )
if [ "$ENV_DEFAULTS" -eq 1 ]; then if [ "$ENV_DEFAULTS" -eq 1 ]; then
MUVM_ARGS+=( MUVM_ARGS+=(
@ -221,6 +230,7 @@ bwrap --unshare-all --share-net \
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-remote \ --ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-remote \
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-configure-network \ --ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-configure-network \
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-pwbridge \ --ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-pwbridge \
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-dbusbridge \
--symlink "$MICROVM_CLOSURE/etc" /etc \ --symlink "$MICROVM_CLOSURE/etc" /etc \
--symlink "$MICROVM_CLOSURE/sw/bin/sh" /bin/sh \ --symlink "$MICROVM_CLOSURE/sw/bin/sh" /bin/sh \
--symlink "$MICROVM_CLOSURE/sw/bin/env" /usr/bin/env \ --symlink "$MICROVM_CLOSURE/sw/bin/env" /usr/bin/env \
@ -232,7 +242,7 @@ bwrap --unshare-all --share-net \
--setenv PATH "/run/munix/muvm:/run/munix/passt:$MICROVM_CLOSURE/sw/bin" \ --setenv PATH "/run/munix/muvm:/run/munix/passt:$MICROVM_CLOSURE/sw/bin" \
"${BWRAP_ARGS[@]}" \ "${BWRAP_ARGS[@]}" \
muvm \ muvm \
--custom-init-cmdline "/opt/bin/micro-activate $MICROVM_CLOSURE/sw/sbin/init --log-target=console systemd.set_credential=sidebus.port:50000" \ --custom-init-cmdline "/opt/bin/micro-activate $MICROVM_CLOSURE/sw/sbin/init --log-target=console" \
"${MUVM_ARGS[@]}" \ "${MUVM_ARGS[@]}" \
-e container=munix \ -e container=munix \
-e MICROVM_CLOSURE="$MICROVM_CLOSURE" \ -e MICROVM_CLOSURE="$MICROVM_CLOSURE" \

7
nixosModules/default.nix
View file

@ -1,6 +1,5 @@
{ {
self, self,
sidebus,
}: }:
{ {
pkgs, pkgs,
@ -282,16 +281,16 @@ in
Group = "appvm"; Group = "appvm";
}; };
}; };
systemd.services.sidebus-agent = { systemd.services.session-bus-bridge = {
enable = true; enable = true;
description = "D-Bus session bus"; description = "D-Bus session bus";
wantedBy = ["microvm.target"]; wantedBy = ["microvm.target"];
requires = ["session-bus.socket" "session-bus.service"]; requires = ["session-bus.socket" "session-bus.service"];
after = ["session-bus.service"]; after = ["session-bus.service"];
serviceConfig = { serviceConfig = {
ImportCredential = "sidebus.port";
Environment = ["DBUS_SESSION_BUS_ADDRESS=unix:path=${runtimeDir}/dbus.sock"]; Environment = ["DBUS_SESSION_BUS_ADDRESS=unix:path=${runtimeDir}/dbus.sock"];
ExecStart = "${sidebus.packages.${system}.sidebus-agent}/bin/sidebus-agent"; ExecStartPre = "+/run/current-system/sw/bin/chmod 0666 /dev/dri/card0 /dev/dri/renderD128";
ExecStart = "/opt/bin/muvm-dbusbridge";
User = "appvm"; User = "appvm";
Group = "appvm"; Group = "appvm";
}; };