Use the forAllSystems pattern to reduce duplication and inline the
NixOS module directly in nixosSystem call. This eliminates the need for
separate nixosModules and nixosConfigurations outputs, making the
template more concise and easier to understand.
Also use virtualisation.munix namespace for the option.
Add a NixOS option to configure the default command for the VM and
provide a system.build.munix output that wraps munix with the correct
toplevel and default command. This reduces boilerplate in downstream
flakes since they no longer need to manually wrap munix.
The template now uses these new features, significantly simplifying
the apps definition.
Replace inline flake.nix example with a proper flake template that users
can instantiate with `nix flake init`. This makes it easier to get
started and we can easier test the example.
This allows using normal nix-managed services that register sockets for
lazy activation. Also brings in some red errors about starting services
that we don't have, but that will be fixed
Instead of interpreting all that shell and running actual tmpfiles, use
a tiny stage before systemd that mounts a tmpfs at /run (preventing
systemd from doing the same), populates it with NixOS symlinks and
preserved resolv.conf, and mounts the immutable /etc overlay before
passing control over to systemd.
Avoid spending ~100ms of userspace boot time on unnecessary regeneration
of entirely static /etc/{passwd,group,shadow}. This will be proposed to nixpkgs.
Relying on udev to assign permissions to the virtgpu was very "proper"
but really excessive. We have a simple static configuration, built into
the kernel, so there are no dynamic shenanigans, we can always reliably
just chmod/chown the permissions. Let's go back to faster booting.
This project is Linux-specific (microVMs, libkrun, systemd, etc.), so
the flake now only exports packages and checks for x86_64-linux and
aarch64-linux systems. This prevents Darwin build failures.
Additionally, nixosConfigurations now set allowUnfree = true to allow
packages like zerotierone that have unfree licenses.
This adds a checks attribute to enable automated validation of all
build outputs. Checks are included for all packages, devShells, and
nixosConfigurations, with appropriate prefixes (package-, devShell-,
nixos-) for clarity and organization.
This extracts the testvm configuration into a shared nixosModules.testvm
module that can be reused across different architectures. The module is
now used by both testvm-x86_64 and testvm-aarch64 nixosConfigurations,
eliminating code duplication.
Additionally, nixosConfigurations have been moved to the top-level flake
outputs to follow Nix conventions, rather than being nested inside
eachDefaultSystem. The virtwl proxy reference now uses ${pkgs.system}
instead of hardcoded x86_64-linux to support both architectures.
