From 1b889d5b19bc099c37ead631da398f7f4febdd3b Mon Sep 17 00:00:00 2001 From: "Else, Someone" Date: Thu, 9 Oct 2025 04:11:18 +0300 Subject: [PATCH 1/4] resources.nix: prevent infinite recursion --- profiles/resources.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/profiles/resources.nix b/profiles/resources.nix index 7e1cbd7..70301f6 100644 --- a/profiles/resources.nix +++ b/profiles/resources.nix @@ -11,8 +11,8 @@ # zswap is said to be more reliable than zram boot.kernelParams = lib.optionals (!config.zramSwap.enable) [ "zswap.enabled=1" ]; } - (lib.optionalAttrs (options ? "microvm" && config.microvm.guest.enable) { - microvm = { + (lib.optionalAttrs (options ? "microvm") { + microvm = lib.mkIf config.microvm.guest.enable { hypervisor = lib.mkDefault "cloud-hypervisor"; graphics.enable = lib.mkDefault true; vcpu = lib.mkDefault 2; From 33d33e745b72cf7c7fe3bd011b20c53b89a16777 Mon Sep 17 00:00:00 2001 From: "Else, Someone" Date: Thu, 9 Oct 2025 04:11:37 +0300 Subject: [PATCH 2/4] ch-runner: make initrd systemd optional --- profiles/ch-runner.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/ch-runner.nix b/profiles/ch-runner.nix index 9268644..de0dab9 100644 --- a/profiles/ch-runner.nix +++ b/profiles/ch-runner.nix @@ -85,7 +85,7 @@ in # "9p" "virtiofs" ]; - boot.initrd.systemd.enable = true; + boot.initrd.systemd.enable = lib.mkDefault true; fileSystems = { "/nix/store" = { fsType = "overlay"; From 0bebc1392744d8764a47c3b4b647d78b440be5de Mon Sep 17 00:00:00 2001 From: "Else, Someone" Date: Thu, 9 Oct 2025 04:12:06 +0300 Subject: [PATCH 3/4] vsock ssh: set up UNKNOWN /etc/hosts in initrd too --- profiles/vsock-connect-guest.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/profiles/vsock-connect-guest.nix b/profiles/vsock-connect-guest.nix index 2038d70..823f990 100644 --- a/profiles/vsock-connect-guest.nix +++ b/profiles/vsock-connect-guest.nix @@ -22,6 +22,9 @@ in # https://mastodon.acm.org/@nobody/115108458851355328 # https://github.com/linux-pam/linux-pam/issues/885#issuecomment-3030698895 networking.hosts."100::" = [ "UNKNOWN" ]; + boot.initrd.extraFiles = lib.optionalAttrs config.boot.initrd.network.ssh.enable { + "/etc/hosts" = { inherit (config.environment.etc.hosts) source; }; + }; } ]; } From a958784b05b4f07612fb7f4661157f3ca58330fc Mon Sep 17 00:00:00 2001 From: "Else, Someone" Date: Thu, 9 Oct 2025 04:14:16 +0300 Subject: [PATCH 4/4] zswap in uvms: optional/configurable --- profiles/uvms-guest.nix | 37 ++++++++++++++++++++++++++++++++++--- 1 file changed, 34 insertions(+), 3 deletions(-) diff --git a/profiles/uvms-guest.nix b/profiles/uvms-guest.nix index fb9bc1c..40fc24a 100644 --- a/profiles/uvms-guest.nix +++ b/profiles/uvms-guest.nix @@ -7,12 +7,32 @@ }: let mkIfGuest = import ../lib/mkIfMicrovmGuest.nix { inherit options config lib; }; + inherit (lib) types; in { imports = [ ./vsock-connect-guest.nix ./uvms-users.nix ]; + options = { + uvms.zswap.enable = lib.mkEnableOption "Pass zswap.enabled=1 to kernelParams (and disable zramSwap)"; + uvms.zswap.settings = lib.mkOption { + description = "Zswap kernel module configuration"; + type = types.submodule { + freeformType = types.attrsOf types.str; + options.max_pool_percent = lib.mkOption { + type = types.int; + default = 25; + description = "..."; + }; + options.compressor = lib.mkOption { + type = types.str; + default = "zstd"; + description = "..."; + }; + }; + }; + }; config = lib.mkMerge [ (mkIfGuest { microvm = { @@ -31,10 +51,21 @@ in size = 768; } ]; + systemd.services."microvm@".serviceConfig.ExecStartPost = [ + (pkgs.writeShellScript "microvm-fix-umask" '' + if [[ -e CONNECT.sock ]] ; then + chmod g+rw CONNECT.sock + fi + '') + ]; }) - { - boot.kernelParams = [ "zswap.enabled=1" ]; + (lib.mkIf config.uvms.zswap.enable { zramSwap.enable = false; - } + boot.kernelParams = + builtins.attrValues (lib.mapAttrs ( + name: value: "zswap.${name}=${toString value}" + )) config.uvms.zswap.settings + ++ [ "zswap.enabled=1" ]; + }) ]; }