These services evolve as munix evolves, so they should not be part of
the system closures themselves. Mount them into /run/systemd instead.
(Yes, making /run/systemd/system a symlink to RO files is unfortunate,
that could be changed in the future. FS prep code is annoying too..)
This introduces support for drag&drop and printing portals, and later
camera/screencasting should be possible as well. However we break
backwards compatibility with already built closures because the
nixosModule needs to be changed.
In the next commit, the runtime environment related services will be
removed from the nixosModule to prevent unnecessary future breakage.
What a way to discover that this was missing- PipeWire camera was
freezing unless something on the host was already streaming it…
gstclock.c:1086:gst_clock_get_internal_time:<pipewireclock0> internal time 1:01:04.622699903
gstclock.c:1129:gst_clock_get_time:<pipewireclock0> adjusted time 5123776:20:12.866176008
Well, that wasn't even caused by the TZ but it made me think to fix it..
NOTE for local dev, rebuild micro-activate now
there is not so much of a difference in this project, but
it means adding this project to clan, one less flake input
and also more consistency with other projects in clan.
muvm was interpreting command arguments like '-c' (from /bin/sh -c)
as its own options. Adding '--' separates muvm options from the
command and its arguments.
Surprisingly, gdb of all things uses the login shell from /etc/passwd to
launch the program under test, so I was seeing the
"This account is currently not available" message there.
Gtk uses G_DBUS_CALL_FLAGS_NO_AUTO_START in all the (early) portal calls
so we basically get a version of https://gitlab.gnome.org/GNOME/gtk/-/issues/7379
if we try to lazily start the agent..
D-Bus is supposed to (?) use it to decide whether it can use FD passing,
shared memory, etc. and while we do a lot of cross-domain magic it's not
quite seamless :) so let's not reuse the host one.
Use the forAllSystems pattern to reduce duplication and inline the
NixOS module directly in nixosSystem call. This eliminates the need for
separate nixosModules and nixosConfigurations outputs, making the
template more concise and easier to understand.
Also use virtualisation.munix namespace for the option.
Add a NixOS option to configure the default command for the VM and
provide a system.build.munix output that wraps munix with the correct
toplevel and default command. This reduces boilerplate in downstream
flakes since they no longer need to manually wrap munix.
The template now uses these new features, significantly simplifying
the apps definition.
Replace inline flake.nix example with a proper flake template that users
can instantiate with `nix flake init`. This makes it easier to get
started and we can easier test the example.
This allows using normal nix-managed services that register sockets for
lazy activation. Also brings in some red errors about starting services
that we don't have, but that will be fixed
