uvms/profiles/vsock-connect-guest.nix

{
  options,
  config,
  lib,
  ...
}:
let
  mkIfGuest = import ../lib/mkIfMicrovmGuest.nix { inherit options config lib; };
in
{
  config = lib.mkMerge [
    (mkIfGuest {
      microvm.cloud-hypervisor.extraArgs = [
        "--vsock"
        "cid=4,socket=vsock.sock"
      ];
    })
    {
      # Somehow, sshd calls to PAM with PAM_RHOST="UNKNOWN",
      # prompting a slow DNS look-up each time...
      #
      # https://mastodon.acm.org/@nobody/115108458851355328
      # https://github.com/linux-pam/linux-pam/issues/885#issuecomment-3030698895
      networking.hosts."100::" = [ "UNKNOWN" ];
      boot.initrd.extraFiles = lib.optionalAttrs config.boot.initrd.network.ssh.enable {
        "/etc/hosts" = { inherit (config.environment.etc.hosts) source; };
      };
    }
  ];
}
profiles: init (vsock ssh &c.) 2025-09-17 16:51:24 +03:00			`{`
pkgs.writeErofsLayers,profiles/ch-runner: MVE $ nix-build -A examples.dummy.config.debug.closure.erofs.list \| xargs cat \| xargs du -h 749M /nix/store/bzfv5x6lycq6hzhjv6d6vlk1q8fdg9di-base0.erofs 24M /nix/store/hp41jfq36y0mmjrzqilyh3jfsvqic3kb-nixos.erofs $ nix run -f . examples.dummy.config.uvms.cloud-hypervisor.runner ... <<< Welcome to NixOS 25.11pre-git (x86_64) - ttyS0 >>> nixos login: The definition of the `pkgs` fixpoint was moved to pkgs/default.nix. For that, dirToAttrs was moved to lib/, imported ad hoc 2025-09-19 16:28:48 +03:00			`options,`
			`config,`
			`lib,`
			`...`
			`}:`
			`let`
			`mkIfGuest = import ../lib/mkIfMicrovmGuest.nix { inherit options config lib; };`
			`in`
			`{`
			`config = lib.mkMerge [`
			`(mkIfGuest {`
profiles: init (vsock ssh &c.) 2025-09-17 16:51:24 +03:00			`microvm.cloud-hypervisor.extraArgs = [`
			`"--vsock"`
cloud-hypervisor sockets: use spectrum names - CONNECT.sock → vsock.sock - ch.sock → vmm.sock 2025-10-09 04:22:43 +03:00			`"cid=4,socket=vsock.sock"`
profiles: init (vsock ssh &c.) 2025-09-17 16:51:24 +03:00			`];`
pkgs.writeErofsLayers,profiles/ch-runner: MVE $ nix-build -A examples.dummy.config.debug.closure.erofs.list \| xargs cat \| xargs du -h 749M /nix/store/bzfv5x6lycq6hzhjv6d6vlk1q8fdg9di-base0.erofs 24M /nix/store/hp41jfq36y0mmjrzqilyh3jfsvqic3kb-nixos.erofs $ nix run -f . examples.dummy.config.uvms.cloud-hypervisor.runner ... <<< Welcome to NixOS 25.11pre-git (x86_64) - ttyS0 >>> nixos login: The definition of the `pkgs` fixpoint was moved to pkgs/default.nix. For that, dirToAttrs was moved to lib/, imported ad hoc 2025-09-19 16:28:48 +03:00			`})`
			`{`
profiles: init (vsock ssh &c.) 2025-09-17 16:51:24 +03:00			`# Somehow, sshd calls to PAM with PAM_RHOST="UNKNOWN",`
			`# prompting a slow DNS look-up each time...`
			`#`
			`# https://mastodon.acm.org/@nobody/115108458851355328`
			`# https://github.com/linux-pam/linux-pam/issues/885#issuecomment-3030698895`
			`networking.hosts."100::" = [ "UNKNOWN" ];`
vsock ssh: set up UNKNOWN /etc/hosts in initrd too 2025-10-09 04:12:06 +03:00			`boot.initrd.extraFiles = lib.optionalAttrs config.boot.initrd.network.ssh.enable {`
			`"/etc/hosts" = { inherit (config.environment.etc.hosts) source; };`
			`};`
pkgs.writeErofsLayers,profiles/ch-runner: MVE $ nix-build -A examples.dummy.config.debug.closure.erofs.list \| xargs cat \| xargs du -h 749M /nix/store/bzfv5x6lycq6hzhjv6d6vlk1q8fdg9di-base0.erofs 24M /nix/store/hp41jfq36y0mmjrzqilyh3jfsvqic3kb-nixos.erofs $ nix run -f . examples.dummy.config.uvms.cloud-hypervisor.runner ... <<< Welcome to NixOS 25.11pre-git (x86_64) - ttyS0 >>> nixos login: The definition of the `pkgs` fixpoint was moved to pkgs/default.nix. For that, dirToAttrs was moved to lib/, imported ad hoc 2025-09-19 16:28:48 +03:00			`}`
			`];`
profiles: init (vsock ssh &c.) 2025-09-17 16:51:24 +03:00			`}`