[BREAKING] Switch to virtgpu-based D-Bus tunneling
This introduces support for drag&drop and printing portals, and later camera/screencasting should be possible as well. However we break backwards compatibility with already built closures because the nixosModule needs to be changed. In the next commit, the runtime environment related services will be removed from the nixosModule to prevent unnecessary future breakage.
This commit is contained in:
Val Packett
parent
e00609ce73
commit
604ebc1356
4 changed files with 30 additions and 23 deletions
14
flake.lock
generated
14
flake.lock
generated
|
|
@ -40,17 +40,17 @@
|
|||
"muvm-src": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1769336998,
|
||||
"narHash": "sha256-ZFtAYwr3AaD8WsDmXJ6eU12UojzfMm50UBWmWIXstl0=",
|
||||
"lastModified": 1772176363,
|
||||
"narHash": "sha256-aSWulv3ml4XmMYnFOkZCd2YBLIY0Rr8CUHK1NDYk5jw=",
|
||||
"owner": "valpackett",
|
||||
"repo": "muvm",
|
||||
"rev": "ae7dbd49aac04e9732a14a424572e99a81eb1298",
|
||||
"rev": "c68742bcedb96deb6f23ed5a83188022d1cdf71d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "valpackett",
|
||||
"repo": "muvm",
|
||||
"rev": "ae7dbd49aac04e9732a14a424572e99a81eb1298",
|
||||
"rev": "c68742bcedb96deb6f23ed5a83188022d1cdf71d",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
|
|
@ -89,10 +89,10 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1770365107,
|
||||
"narHash": "sha256-rp2hDKF3pwHN0lBr09ckMNaMSJnwNolQmiad8C7u41Q=",
|
||||
"lastModified": 1772183103,
|
||||
"narHash": "sha256-9jbqBtaLUdOeT95PVUMz45JdUpVeJ25ZYZHEOQn9XsI=",
|
||||
"ref": "main",
|
||||
"rev": "26261306592f6173fb844083b396bebf8140cb2b",
|
||||
"rev": "c42eaef55440e2594677ede5279bd8c3eaf128f2",
|
||||
"shallow": true,
|
||||
"type": "git",
|
||||
"url": "https://git.clan.lol/clan/sidebus"
|
||||
|
|
|
|||
|
|
@ -16,7 +16,7 @@
|
|||
|
||||
# To override with local checkouts during development, use the --override-input CLI flag!
|
||||
muvm-src = {
|
||||
url = "github:valpackett/muvm/ae7dbd49aac04e9732a14a424572e99a81eb1298"; # v0.5.0+custom-init
|
||||
url = "github:valpackett/muvm/c68742bcedb96deb6f23ed5a83188022d1cdf71d"; # v0.5.0+custom-init+dbus
|
||||
flake = false;
|
||||
};
|
||||
libkrun-src = {
|
||||
|
|
@ -49,7 +49,7 @@
|
|||
flake = {
|
||||
nixosModules.testvm = nixpkgs.lib.modules.importApply ./nixosModules/testvm.nix { };
|
||||
nixosModules.default = nixpkgs.lib.modules.importApply ./nixosModules/default.nix {
|
||||
inherit self sidebus;
|
||||
inherit self;
|
||||
};
|
||||
|
||||
templates.musictest = {
|
||||
|
|
@ -124,8 +124,6 @@
|
|||
sidebus-broker = sidebus.packages.${system}.sidebus-broker;
|
||||
};
|
||||
|
||||
sidebus-agent = sidebus.packages.${system}.sidebus-agent;
|
||||
|
||||
wl-cross-domain-proxy = pkgs.callPackage ./packages/wl-cross-domain-proxy { };
|
||||
};
|
||||
|
||||
|
|
|
|||
26
munix
26
munix
|
|
@ -10,6 +10,7 @@ MICROVM_UID=1337
|
|||
MICROVM_GID=1337
|
||||
BWRAP_ARGS=()
|
||||
MUVM_ARGS=()
|
||||
SIDEBUS_ARGS=()
|
||||
GPU=1
|
||||
WAYLAND=1
|
||||
PIPEWIRE=1
|
||||
|
|
@ -31,10 +32,10 @@ while [ "$#" -gt 0 ]; do
|
|||
--no-pipewire) PIPEWIRE=0; shift 1;;
|
||||
--no-env-defaults) ENV_DEFAULTS=0; shift 1;;
|
||||
--x11) X11=1; shift 1;;
|
||||
-b|--bind) BWRAP_ARGS+=("--bind" "$2" "$3"); shift 3;;
|
||||
--ro-bind) BWRAP_ARGS+=("--ro-bind" "$2" "$3"); shift 3;;
|
||||
-e|--expose) BWRAP_ARGS+=("--bind" "$2" "$2"); shift 2;;
|
||||
--ro-expose) BWRAP_ARGS+=("--ro-bind" "$2" "$2"); shift 2;;
|
||||
-b|--bind) BWRAP_ARGS+=("--bind" "$2" "$3"); SIDEBUS_ARGS+=("--path-mapping" "$3=$2"); shift 3;;
|
||||
--ro-bind) BWRAP_ARGS+=("--ro-bind" "$2" "$3"); SIDEBUS_ARGS+=("--path-mapping" "$3=$2"); shift 3;;
|
||||
-e|--expose) BWRAP_ARGS+=("--bind" "$2" "$2"); SIDEBUS_ARGS+=("--path-mapping" "$2=$2"); shift 2;;
|
||||
--ro-expose) BWRAP_ARGS+=("--ro-bind" "$2" "$2"); SIDEBUS_ARGS+=("--path-mapping" "$2=$2"); shift 2;;
|
||||
-p|--publish) USING_PUBLISH=1; MUVM_ARGS+=("--publish=$2"); shift 2;;
|
||||
--host-opengl-driver) HOST_OPENGL_DRIVER="$2"; shift 2;;
|
||||
--munix-bin-dir) SCRIPT_PATH="$2"; shift 2;;
|
||||
|
|
@ -186,12 +187,20 @@ trap cleanup EXIT INT TERM
|
|||
HOST_RUNTIME_DIR="$XDG_RUNTIME_DIR/munix.$$"
|
||||
mkdir -p $HOST_RUNTIME_DIR
|
||||
rm $HOST_RUNTIME_DIR/*
|
||||
sidebus-broker --guest-mountpoint /mnt/munix-doc-portal/doc --runtime-dir "$HOST_RUNTIME_DIR" --unix-path "$HOST_RUNTIME_DIR/port.sock" >/dev/null 2>&1 &
|
||||
mkdir -p "$HOST_RUNTIME_DIR/home"
|
||||
RUST_LOG=debug sidebus-broker \
|
||||
--path-mapping "/home=$HOST_RUNTIME_DIR/home" \
|
||||
"${SIDEBUS_ARGS[@]}" \
|
||||
--guest-mountpoint /mnt/munix-doc-portal/doc \
|
||||
--runtime-dir "$HOST_RUNTIME_DIR" \
|
||||
--unix-path "$HOST_RUNTIME_DIR/port.sock" & # >/dev/null 2>&1 &
|
||||
BG_PIDS+=("$!")
|
||||
while [ ! -S "$HOST_RUNTIME_DIR/port.sock" ]; do sleep 0.1; done
|
||||
BWRAP_ARGS+=(
|
||||
BWRAP_ARGS=( # prepend home mount before other mounts to not override custom bind mounts under /home
|
||||
--bind "$HOST_RUNTIME_DIR/home" /home
|
||||
"${BWRAP_ARGS[@]}"
|
||||
--bind "$HOST_RUNTIME_DIR" /mnt/munix-doc-portal
|
||||
--bind "$HOST_RUNTIME_DIR/port.sock" "$XDG_RUNTIME_DIR/krun/socket/port-50000"
|
||||
--setenv "RUTABAGA_DBUS_CLIENT_SOCKET" /mnt/munix-doc-portal/port.sock
|
||||
)
|
||||
if [ "$ENV_DEFAULTS" -eq 1 ]; then
|
||||
MUVM_ARGS+=(
|
||||
|
|
@ -221,6 +230,7 @@ bwrap --unshare-all --share-net \
|
|||
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-remote \
|
||||
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-configure-network \
|
||||
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-pwbridge \
|
||||
--ro-bind "$MUVM_PATH/muvm-guest" /opt/bin/muvm-dbusbridge \
|
||||
--symlink "$MICROVM_CLOSURE/etc" /etc \
|
||||
--symlink "$MICROVM_CLOSURE/sw/bin/sh" /bin/sh \
|
||||
--symlink "$MICROVM_CLOSURE/sw/bin/env" /usr/bin/env \
|
||||
|
|
@ -232,7 +242,7 @@ bwrap --unshare-all --share-net \
|
|||
--setenv PATH "/run/munix/muvm:/run/munix/passt:$MICROVM_CLOSURE/sw/bin" \
|
||||
"${BWRAP_ARGS[@]}" \
|
||||
muvm \
|
||||
--custom-init-cmdline "/opt/bin/micro-activate $MICROVM_CLOSURE/sw/sbin/init --log-target=console systemd.set_credential=sidebus.port:50000" \
|
||||
--custom-init-cmdline "/opt/bin/micro-activate $MICROVM_CLOSURE/sw/sbin/init --log-target=console" \
|
||||
"${MUVM_ARGS[@]}" \
|
||||
-e container=munix \
|
||||
-e MICROVM_CLOSURE="$MICROVM_CLOSURE" \
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
{
|
||||
self,
|
||||
sidebus,
|
||||
}:
|
||||
{
|
||||
pkgs,
|
||||
|
|
@ -282,16 +281,16 @@ in
|
|||
Group = "appvm";
|
||||
};
|
||||
};
|
||||
systemd.services.sidebus-agent = {
|
||||
systemd.services.session-bus-bridge = {
|
||||
enable = true;
|
||||
description = "D-Bus session bus";
|
||||
wantedBy = ["microvm.target"];
|
||||
requires = ["session-bus.socket" "session-bus.service"];
|
||||
after = ["session-bus.service"];
|
||||
serviceConfig = {
|
||||
ImportCredential = "sidebus.port";
|
||||
Environment = ["DBUS_SESSION_BUS_ADDRESS=unix:path=${runtimeDir}/dbus.sock"];
|
||||
ExecStart = "${sidebus.packages.${system}.sidebus-agent}/bin/sidebus-agent";
|
||||
ExecStartPre = "+/run/current-system/sw/bin/chmod 0666 /dev/dri/card0 /dev/dri/renderD128";
|
||||
ExecStart = "/opt/bin/muvm-dbusbridge";
|
||||
User = "appvm";
|
||||
Group = "appvm";
|
||||
};
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue