Re: [RFC] bringup: add semantics to start NixOS support

[Andreas Hindborg <nmi@metaspace.dk>]

"Daniel Gomez" <da.gomez@kernel.org> writes:

> On Tue, Apr 01, 2025 at 02:17:09PM +0100, Luis Chamberlain wrote:
>> On Tue, Apr 01, 2025 at 01:30:30PM +0200, Daniel Gomez wrote:
>> > On Mon, Mar 31, 2025 at 03:09:28AM +0100, Luis Chamberlain wrote:
>> > > Tons still left to do... but hey, at least we get to trim clutter out
>> > > and can aim for a simple setup. TODO:
>> > >
>> > > - playbooks/bringup_nixos.yml
>> > > - playbooks/update_ssh_config_nixos.yml
>> > >
>> > > We can probably just trim nixos.nix.j2 so to at least bring up
>> > > a libvirt guest first, and then the second step is to use process
>> > > a set of target nodes under a simple workflow.
>> > >
>> > > So the only thing here this does is show how we need to first
>> > > add tons of "support" bools and make terraform and guestfs to select
>> > > them. That should probably just be its own patch before all this.
>> > >
>> > > Then the makefile shows the bare bones bringup we need. But we can
>> > > probably simplify that more.
>> > >
>> > > Signed-off-by: Luis Chamberlain <mcgrof@kernel.org>
>> >
>> > I have a WIP branch with some cleanup needed for this:
>> >
>> > https://github.com/dkruces/kdevops/commits/nixos/
>>
>> OK that and this patch can likely get us going somewhere fast.
>>
>> > * kdevops: add nixos support
>> > This simply makes kdevops runnable in NixOS by
>> > chaning all the shebangs in scripts/.
>> >
>> > * Makefile.kdevops: drop ansible_python_intepreter
>> > Once ansible cfg series are merged, I think we an get rid of the python
>> > interperter in the ansible calls and configure that in Kconfig -> ansible.cfg.
>> >
>> > * shell.nix
>> > Just to launch a Nix shell with all kdevops dependencies.
>> >
>> > * libvirt_user: add nixos support
>> > Generates a kdevops/ in your Nix configuration/ folder. Output:
>> > https://github.com/dkruces/nixos-config/tree/main/kdevops
>> >
>> > My initial idea was to generate NixOS configuration with Ansible [1].
>>
>> If folks don't want to use libvirt they can just a config yaml entry
>> describing their qemu junk, and Kconfig should be able then to read that
>> in and populate pool crap and all that. Do nixos users with
>> virtualization who are on debian use session URI or system URI? I ask
>> as system URI crap requires privileges, which is why we do tons of
>> hoops with sudo for system URI.
>>
>> Fedora based distros use session URI by default
>> Debian based distros use system  URI by default
>
> My feedback and patches aim to enable kdevops on NixOS hosts, but I now realize
> this changes are for guests.
>
> Sorry for the noise.
>
>>
>> What do we want to assume for nix os users?
>>
>> > But Joel
>> > tried something different with flakes I think. Adding him to get more feeback
>> > on it.
>> >
>> > One thing he found was the need of a hack to be able to launch virt-builder [2]:
>>
>> Hrm, so the use case was to use virt-builder with nix? Is that the nixy
>> way to deal with things?
>
> I can't generalize, but nix approach, whether host or guest, it's quite
> different. For packages, user, groups etc, it would be enough to add a file in
> kdevops repository to statically define package dependencies and permissions
> needed.

No need for virt-builder or similar tools with nix virtual machines. You
can simply mount the nix store into the vm with virtiofs and go. No image required.

You probably want to generate a nix expression describing your vm from
your kconfig settings. Seems like you might want to use ansible to do
this, but really a small piece of shell script or python could do this
for you.

If you need any input on how to make this work, I can give you some
input. I am booting a nixos vm in this way for my development workflow.


Best regards,
Andreas Hindborg