From 5526cbee02e39f7db915c517a2cca8b8e0618b8a Mon Sep 17 00:00:00 2001
From: Mikhail Klementev <blame@dumpstack.io>
Date: Sat, 4 Jan 2020 20:58:00 +0000
Subject: [PATCH] Initial implementation of appvm-based OS

---
 os/.gitignore        |  3 ++
 os/Makefile          | 20 +++++++++++
 os/README.md         | 11 ++++++
 os/configuration.nix | 82 ++++++++++++++++++++++++++++++++++++++++++++
 os/live-iso.nix      |  6 ++++
 os/vm.nix            |  5 +++
 6 files changed, 127 insertions(+)
 create mode 100644 os/.gitignore
 create mode 100644 os/Makefile
 create mode 100644 os/README.md
 create mode 100644 os/configuration.nix
 create mode 100644 os/live-iso.nix
 create mode 100644 os/vm.nix

diff --git a/os/.gitignore b/os/.gitignore
new file mode 100644
index 0000000..3c678ca
--- /dev/null
+++ b/os/.gitignore
@@ -0,0 +1,3 @@
+target.nix
+result
+nixos.qcow2
diff --git a/os/Makefile b/os/Makefile
new file mode 100644
index 0000000..4f363aa
--- /dev/null
+++ b/os/Makefile
@@ -0,0 +1,20 @@
+test: vm cleanup
+
+vm:
+	ln -sf vm.nix target.nix
+	nix-build '<nixpkgs/nixos>' -A vm -I nixos-config=configuration.nix
+	@echo "Use Ctrl-Alt-Q to close VM" | grep --color=always '.*'
+	./result/bin/run-nixos-vm -cpu host
+
+cleanup:
+	rm -f nixos.qcow2
+	unlink result
+
+iso:
+	@echo "Not yet available. Use \`make live-iso\`." | grep --color=always '.*'
+
+live-iso:
+	ln -sf live-iso.nix target.nix
+	nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=configuration.nix
+	cp result/iso/* appvm.iso
+	unlink result
diff --git a/os/README.md b/os/README.md
new file mode 100644
index 0000000..209d8ed
--- /dev/null
+++ b/os/README.md
@@ -0,0 +1,11 @@
+# $Placeholder OS
+
+The primary goal of appvm is to provide application VMs as a tool, but some people ask for a complete distro so why not.
+
+## Usage
+
+    make test
+
+or
+
+    make live-iso
diff --git a/os/configuration.nix b/os/configuration.nix
new file mode 100644
index 0000000..37c1e76
--- /dev/null
+++ b/os/configuration.nix
@@ -0,0 +1,82 @@
+{ config, pkgs, lib, ... }:
+
+let
+  appvm = (pkgs.buildGoPackage {
+    # TODO ../default.nix
+    name = "appvm";
+    goPackagePath = "code.dumpstack.io/tools/appvm";
+    goDeps = ../deps.nix;
+    src = builtins.fetchGit {
+      url = "https://code.dumpstack.io/tools/appvm.git";
+      ref = "master";
+    };
+    buildInputs = [ pkgs.makeWrapper ];
+    postFixup = ''
+      wrapProgram $bin/bin/appvm \
+        --prefix PATH : "${lib.makeBinPath [ pkgs.nix pkgs.virt-viewer ]}"
+    '';
+  });
+in {
+  imports = [
+    ./target.nix
+    #./hardware-configuration.nix
+  ];
+
+  time.timeZone = "UTC";
+
+  boot.loader.systemd-boot.enable = true;
+
+  # You can not use networking.networkmanager with networking.wireless
+  networking.wireless.enable = false;
+
+  systemd.services."init-nix-channels" = {
+    enable = true;
+    serviceConfig = {
+      ExecStartPre = "${pkgs.su}/bin/su root -c '${pkgs.nix}/bin/nix-channel --update'";
+      ExecStart = "/bin/sh";
+      Restart = "on-failure";
+      RestartSec = "5";
+      TimeoutSec = "120";
+    };
+  };
+
+  systemd.timers."init-nix-channels" = {
+    timerConfig.OnBootSec = "30s";
+    timerConfig.Unit = "init-nix-channels.service";
+    wantedBy = ["timers.target"];
+  };
+
+  users.users.user = {
+    isNormalUser = true;
+    extraGroups = [ "audio" "libvirtd" ];
+  };
+
+  virtualisation.libvirtd = {
+    enable = true;
+    qemuVerbatimConfig = ''
+      namespaces = []
+      user = "user"
+      group = "users"
+    '';
+  };
+
+  # TODO run ${appvm}/bin/appvm autoballoon each second
+
+  environment.systemPackages = with pkgs; [
+    appvm virtmanager chromium
+    # Cache packages required for application VMs
+    xmonad-with-packages spice-vdagent bc qemu_test slim
+  ];
+
+  services.xserver.enable = true;
+  services.xserver.displayManager.gdm = {
+    enable = true;
+    wayland = false;            # FIXME
+    autoLogin = {
+      enable = true;
+      user = "user";
+    };
+  };
+
+  services.xserver.desktopManager.gnome3.enable = true;
+}
diff --git a/os/live-iso.nix b/os/live-iso.nix
new file mode 100644
index 0000000..416a656
--- /dev/null
+++ b/os/live-iso.nix
@@ -0,0 +1,6 @@
+{
+  imports = [
+    #<nixpkgs/nixos/modules/profiles/hardened.nix>
+    <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
+  ];
+}
diff --git a/os/vm.nix b/os/vm.nix
new file mode 100644
index 0000000..53c2a6c
--- /dev/null
+++ b/os/vm.nix
@@ -0,0 +1,5 @@
+{
+  # vm.nix is used for testing only
+  users.users.root.initialPassword = "root";
+  virtualisation.memorySize = 8196;
+}