zswap in uvms: optional/configurable

profiles/ch-runner.nix

@@ -85,7 +85,7 @@ in
         # "9p"
         "virtiofs"
       ];
-      boot.initrd.systemd.enable = true;
+      boot.initrd.systemd.enable = lib.mkDefault true;
       fileSystems = {
         "/nix/store" = {
           fsType = "overlay";

profiles/resources.nix

@@ -11,8 +11,8 @@
       # zswap is said to be more reliable than zram
       boot.kernelParams = lib.optionals (!config.zramSwap.enable) [ "zswap.enabled=1" ];
     }
-    (lib.optionalAttrs (options ? "microvm" && config.microvm.guest.enable) {
+    (lib.optionalAttrs (options ? "microvm") {
-      microvm = {
+      microvm = lib.mkIf config.microvm.guest.enable {
         hypervisor = lib.mkDefault "cloud-hypervisor";
         graphics.enable = lib.mkDefault true;
         vcpu = lib.mkDefault 2;

profiles/uvms-guest.nix

@@ -7,12 +7,32 @@
 }:
 let
   mkIfGuest = import ../lib/mkIfMicrovmGuest.nix { inherit options config lib; };
+  inherit (lib) types;
 in
 {
   imports = [
     ./vsock-connect-guest.nix
     ./uvms-users.nix
   ];
+  options = {
+    uvms.zswap.enable = lib.mkEnableOption "Pass zswap.enabled=1 to kernelParams (and disable zramSwap)";
+    uvms.zswap.settings = lib.mkOption {
+      description = "Zswap kernel module configuration";
+      type = types.submodule {
+        freeformType = types.attrsOf types.str;
+        options.max_pool_percent = lib.mkOption {
+          type = types.int;
+          default = 25;
+          description = "...";
+        };
+        options.compressor = lib.mkOption {
+          type = types.str;
+          default = "zstd";
+          description = "...";
+        };
+      };
+    };
+  };
   config = lib.mkMerge [
     (mkIfGuest {
       microvm = {
@@ -31,10 +51,21 @@ in
           size = 768;
         }
       ];
+      systemd.services."microvm@".serviceConfig.ExecStartPost = [
+        (pkgs.writeShellScript "microvm-fix-umask" ''
+          if [[ -e CONNECT.sock ]] ; then
+            chmod g+rw CONNECT.sock
+          fi
+        '')
+      ];
     })
-    {
+    (lib.mkIf config.uvms.zswap.enable {
-      boot.kernelParams = [ "zswap.enabled=1" ];
       zramSwap.enable = false;
-    }
+      boot.kernelParams =
+        builtins.attrValues (lib.mapAttrs (
+          name: value: "zswap.${name}=${toString value}"
+        )) config.uvms.zswap.settings
+        ++ [ "zswap.enabled=1" ];
+    })
   ];
 }

profiles/vsock-connect-guest.nix

@@ -22,6 +22,9 @@ in
       # https://mastodon.acm.org/@nobody/115108458851355328
       # https://github.com/linux-pam/linux-pam/issues/885#issuecomment-3030698895
       networking.hosts."100::" = [ "UNKNOWN" ];
+      boot.initrd.extraFiles = lib.optionalAttrs config.boot.initrd.network.ssh.enable {
+        "/etc/hosts" = { inherit (config.environment.etc.hosts) source; };
+      };
     }
   ];
 }