Simple application VMs (hypervisor-based sandbox) based on Nix package manager.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

base.nix.go 2.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123
  1. package main
  2. import (
  3. "fmt"
  4. "log"
  5. "os/user"
  6. )
  7. var base_nix = `
  8. {pkgs, ...}:
  9. {
  10. imports = [
  11. <nix/local.nix>
  12. ];
  13. services.xserver = {
  14. enable = true;
  15. desktopManager.xterm.enable = false;
  16. displayManager.lightdm = {
  17. enable = true;
  18. autoLogin = {
  19. enable = true;
  20. user = "user";
  21. };
  22. };
  23. windowManager.xmonad.enable = true;
  24. };
  25. services.spice-vdagentd.enable = true;
  26. users.extraUsers.user = {
  27. uid = %s;
  28. isNormalUser = true;
  29. extraGroups = [ "audio" ];
  30. createHome = true;
  31. };
  32. environment.etc."xmonad.hs".text = ''
  33. import XMonad
  34. main = xmonad defaultConfig
  35. { workspaces = [ "" ]
  36. , borderWidth = 0
  37. , startupHook = startup
  38. }
  39. startup :: X ()
  40. startup = do
  41. spawn "while [ 1 ]; do ${pkgs.spice-vdagent}/bin/spice-vdagent -x; done &"
  42. '';
  43. systemd.services.home-user-build-xmonad = {
  44. description = "Link xmonad configuration";
  45. serviceConfig = {
  46. ConditionFileNotEmpty = "!/home/user/.xmonad/xmonad.hs";
  47. ExecStart = "/bin/sh -c 'mkdir -p /home/user/.xmonad && ln -s /etc/xmonad.hs /home/user/.xmonad/xmonad.hs'";
  48. RemainAfterExit = "yes";
  49. User = "user";
  50. Restart = "on-failure";
  51. TimeoutSec = 10;
  52. };
  53. wantedBy = [ "multi-user.target" ];
  54. };
  55. systemd.services.mount-home-user = {
  56. description = "Mount /home/user (crutch)";
  57. serviceConfig = {
  58. ExecStart = "/bin/sh -c '/run/current-system/sw/bin/mount -t 9p -o trans=virtio,version=9p2000.L home /home/user'";
  59. RemainAfterExit = "yes";
  60. Type = "oneshot";
  61. User = "root";
  62. };
  63. wantedBy = [ "sysinit.target" ];
  64. };
  65. systemd.user.services."xrandr" = {
  66. serviceConfig = {
  67. StartLimitBurst = 100;
  68. };
  69. script = "${pkgs.xorg.xrandr}/bin/xrandr --output Virtual-1 --mode $(${pkgs.xorg.xrandr}/bin/xrandr | grep ' ' | head -n 2 | tail -n 1 | ${pkgs.gawk}/bin/awk '{ print $1 }')";
  70. };
  71. systemd.user.timers."xrandr" = {
  72. description = "Auto update resolution crutch";
  73. timerConfig = {
  74. OnBootSec = "1s";
  75. OnUnitInactiveSec = "1s";
  76. Unit = "xrandr.service";
  77. AccuracySec = "1us";
  78. };
  79. wantedBy = ["timers.target"];
  80. };
  81. systemd.services."autoballoon" = {
  82. serviceConfig = {
  83. StartLimitBurst = 100;
  84. };
  85. script = ''
  86. ${pkgs.procps}/bin/free -m | grep Mem | \
  87. ${pkgs.gawk}/bin/awk '{print $2 "-" $4}' | \
  88. ${pkgs.bc}/bin/bc > /home/user/.memory_used
  89. '';
  90. };
  91. systemd.timers."autoballoon" = {
  92. description = "Auto update resolution crutch";
  93. timerConfig = {
  94. OnBootSec = "1s";
  95. OnUnitInactiveSec = "1s";
  96. Unit = "autoballoon.service";
  97. AccuracySec = "1us";
  98. };
  99. wantedBy = ["timers.target"];
  100. };
  101. }
  102. `
  103. func baseNix() []byte {
  104. u, err := user.Current()
  105. if err != nil {
  106. log.Fatal(err)
  107. }
  108. return []byte(fmt.Sprintf(base_nix, u.Uid))
  109. }