diff options
author | Alyssa Ross <hi@alyssa.is> | 2022-10-09 11:40:36 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2022-11-13 23:58:55 +0000 |
commit | 2b0083087c127c5abbc8d694719fd6b94c2a9995 (patch) | |
tree | a7c20de4bfd3579ca0d4623959cd4215e6b9f1ad /img/app/etc | |
parent | d30f0248583e523eddb716aa931489b11a44e3f6 (diff) | |
download | spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar.gz spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar.bz2 spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar.lz spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar.xz spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.tar.zst spectrum-2b0083087c127c5abbc8d694719fd6b94c2a9995.zip |
img/app: extract from appvm-{lynx,catgirl}
This patch introduces a generic application VM image. It mounts a filesystem containing the application, and then launches a "run" script on that filesystem to start the application. The Nix store on the application filesystem is overlaid onto the generic Nix store, so shared paths don't have to be duplicated in the application filesystem. The "appvm" image is part of the Spectrum system — it lives on the root filesystem, not the user data partition. Users of course have the choice not to use the built in image if they don't want to, but this gives us a default to use for future features like starting VMs at runtime. Individual application VMs are now defined in a single Nix file each, using a VM builder function. I expect this is how Nix-based VMs would be defined in the user data partition, and then built with Nix into Spectrum VM configurations. The new top-level vm-lib directory is intended to be copied into user Nix expressions that build VMs, and therefore has to be usable standalone. User-defined VMs should not do any path deduplication with the system-provided base VM, so that the two can independently update Nixpkgs. But for VMs that are part of the system (which I consider the pre-built VMs to be, even though they're currently on the user data partition), we can safely deduplicate paths that we know to be present in the base image. So they go through vm/make-vm.nix, which is a wrapper around vm-lib/make-vm.nix that does this deduplication. Signed-off-by: Alyssa Ross <hi@alyssa.is> Message-Id: <20221009114036.463071-7-hi@alyssa.is>
Diffstat (limited to 'img/app/etc')
24 files changed, 131 insertions, 0 deletions
diff --git a/img/app/etc/fstab b/img/app/etc/fstab new file mode 100644 index 0000000..95bfe2b --- /dev/null +++ b/img/app/etc/fstab @@ -0,0 +1,8 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2020-2022 Alyssa Ross <hi@alyssa.is> +proc /proc proc defaults 0 0 +devpts /dev/pts devpts defaults,gid=4,mode=620 0 0 +tmpfs /dev/shm tmpfs defaults 0 0 +sysfs /sys sysfs defaults 0 0 +LABEL=ext /run/ext ext4 ro 0 0 +store /nix/store overlay ro,lowerdir=/nix/store:/run/ext/nix/store 0 0 diff --git a/img/app/etc/init b/img/app/etc/init new file mode 100755 index 0000000..6424e22 --- /dev/null +++ b/img/app/etc/init @@ -0,0 +1,5 @@ +#!/bin/execlineb -s0 +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2022 Alyssa Ross <hi@alyssa.is> + +/bin/s6-linux-init -Bc /etc/s6-linux-init -- $@ diff --git a/img/app/etc/mdev.conf b/img/app/etc/mdev.conf new file mode 100644 index 0000000..f114719 --- /dev/null +++ b/img/app/etc/mdev.conf @@ -0,0 +1,5 @@ +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> + +-$MODALIAS=.* 0:0 660 +importas -iu MODALIAS MODALIAS modprobe -q $MODALIAS +$INTERFACE=.* 0:0 660 ! +/etc/mdev/iface diff --git a/img/app/etc/mdev/iface b/img/app/etc/mdev/iface new file mode 100755 index 0000000..d8ceda5 --- /dev/null +++ b/img/app/etc/mdev/iface @@ -0,0 +1,36 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2020-2021 Alyssa Ross <hi@alyssa.is> + +importas -i INTERFACE INTERFACE + +if { test $INTERFACE != lo } + +# Our IP is encoded in the NIC-specific portion of the interface's MAC +# address. +backtick -E LOCAL_IP { + awk -F: "{printf \"100.64.%d.%d\\n\", \"0x\" $5, \"0x\" $6}" + /sys/class/net/${INTERFACE}/address +} + +if { ip address add ${LOCAL_IP}/32 dev $INTERFACE } +if { ip link set $INTERFACE up } +if { ip route add 169.254.0.1 dev $INTERFACE } +if { ip route add default via 169.254.0.1 dev $INTERFACE } + +# Try to wait for the network to be up. +# If we time out, well, there's not much we can do, so just carry on. +# In future, it would be better if the network VM notified us about +# network changes. +foreground { printf "Waiting for network… " } +foreground { + ifte { echo "Connected." } { echo "Timed out." } + pipeline { seq 10 } + forstdin _ + if -n { + redirfd -w 2 /dev/null + wget -qT 6 -O /dev/null http://ipv4.connman.net/online/status.html + } +} + +s6-rc -u change app diff --git a/img/app/etc/passwd b/img/app/etc/passwd new file mode 100644 index 0000000..29f3b25 --- /dev/null +++ b/img/app/etc/passwd @@ -0,0 +1 @@ +root:x:0:0:System administrator:/:/bin/sh diff --git a/img/app/etc/passwd.license b/img/app/etc/passwd.license new file mode 100644 index 0000000..2b3b032 --- /dev/null +++ b/img/app/etc/passwd.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2020 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/resolv.conf b/img/app/etc/resolv.conf new file mode 100644 index 0000000..7fcdf3a --- /dev/null +++ b/img/app/etc/resolv.conf @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> + +nameserver 1.1.1.1 diff --git a/img/app/etc/s6-linux-init/scripts/rc.init b/img/app/etc/s6-linux-init/scripts/rc.init new file mode 100755 index 0000000..b46afb7 --- /dev/null +++ b/img/app/etc/s6-linux-init/scripts/rc.init @@ -0,0 +1,11 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2020-2022 Alyssa Ross <hi@alyssa.is> + +if { s6-rc-init -c /etc/s6-rc /run/service } + +if { mkdir -p /dev/pts /dev/shm } +if { modprobe overlay } +if { mount -a } + +s6-rc change ok-all diff --git a/img/app/etc/s6-rc/app/run b/img/app/etc/s6-rc/app/run new file mode 100755 index 0000000..2a628b7 --- /dev/null +++ b/img/app/etc/s6-rc/app/run @@ -0,0 +1,26 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> + +export TERM foot +export TERMINFO_DIRS /usr/share/terminfo +export TMPDIR /run + +backtick USER { id -un } +backtick HOME { + importas -i user USER + homeof $user +} + +importas -i home HOME +cd $home + +redirfd -u 0 /dev/hvc0 +fdmove -c 1 0 +fdmove -c 2 0 + +foreground { clear } +unexport ? + +foreground { /run/ext/run } +exec -l sh diff --git a/img/app/etc/s6-rc/app/type b/img/app/etc/s6-rc/app/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/img/app/etc/s6-rc/app/type @@ -0,0 +1 @@ +longrun diff --git a/img/app/etc/s6-rc/app/type.license b/img/app/etc/s6-rc/app/type.license new file mode 100644 index 0000000..c49c11b --- /dev/null +++ b/img/app/etc/s6-rc/app/type.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/s6-rc/mdevd-coldplug/dependencies b/img/app/etc/s6-rc/mdevd-coldplug/dependencies new file mode 100644 index 0000000..59b02b7 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd-coldplug/dependencies @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2020 Alyssa Ross <hi@alyssa.is> +# +mdevd diff --git a/img/app/etc/s6-rc/mdevd-coldplug/type b/img/app/etc/s6-rc/mdevd-coldplug/type new file mode 100644 index 0000000..bdd22a1 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd-coldplug/type @@ -0,0 +1 @@ +oneshot diff --git a/img/app/etc/s6-rc/mdevd-coldplug/type.license b/img/app/etc/s6-rc/mdevd-coldplug/type.license new file mode 100644 index 0000000..2b3b032 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd-coldplug/type.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2020 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/s6-rc/mdevd-coldplug/up b/img/app/etc/s6-rc/mdevd-coldplug/up new file mode 100644 index 0000000..8698f7d --- /dev/null +++ b/img/app/etc/s6-rc/mdevd-coldplug/up @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2020-2021 Alyssa Ross <hi@alyssa.is> + +mdevd-coldplug diff --git a/img/app/etc/s6-rc/mdevd/notification-fd b/img/app/etc/s6-rc/mdevd/notification-fd new file mode 100644 index 0000000..00750ed --- /dev/null +++ b/img/app/etc/s6-rc/mdevd/notification-fd @@ -0,0 +1 @@ +3 diff --git a/img/app/etc/s6-rc/mdevd/notification-fd.license b/img/app/etc/s6-rc/mdevd/notification-fd.license new file mode 100644 index 0000000..2b3b032 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd/notification-fd.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2020 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/s6-rc/mdevd/run b/img/app/etc/s6-rc/mdevd/run new file mode 100644 index 0000000..6dacb13 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd/run @@ -0,0 +1,5 @@ +#!/bin/execlineb -P +# SPDX-License-Identifier: EUPL-1.2+ +# SPDX-FileCopyrightText: 2020-2021 Alyssa Ross <hi@alyssa.is> + +mdevd -D3 diff --git a/img/app/etc/s6-rc/mdevd/type b/img/app/etc/s6-rc/mdevd/type new file mode 100644 index 0000000..5883cff --- /dev/null +++ b/img/app/etc/s6-rc/mdevd/type @@ -0,0 +1 @@ +longrun diff --git a/img/app/etc/s6-rc/mdevd/type.license b/img/app/etc/s6-rc/mdevd/type.license new file mode 100644 index 0000000..2b3b032 --- /dev/null +++ b/img/app/etc/s6-rc/mdevd/type.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2020 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/s6-rc/ok-all/contents b/img/app/etc/s6-rc/ok-all/contents new file mode 100644 index 0000000..c4ea84f --- /dev/null +++ b/img/app/etc/s6-rc/ok-all/contents @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: CC0-1.0 +# SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> +# +mdevd-coldplug diff --git a/img/app/etc/s6-rc/ok-all/type b/img/app/etc/s6-rc/ok-all/type new file mode 100644 index 0000000..757b422 --- /dev/null +++ b/img/app/etc/s6-rc/ok-all/type @@ -0,0 +1 @@ +bundle diff --git a/img/app/etc/s6-rc/ok-all/type.license b/img/app/etc/s6-rc/ok-all/type.license new file mode 100644 index 0000000..c49c11b --- /dev/null +++ b/img/app/etc/s6-rc/ok-all/type.license @@ -0,0 +1,2 @@ +SPDX-License-Identifier: CC0-1.0 +SPDX-FileCopyrightText: 2021 Alyssa Ross <hi@alyssa.is> diff --git a/img/app/etc/ssl/certs/ca-certificates.crt b/img/app/etc/ssl/certs/ca-certificates.crt new file mode 120000 index 0000000..42d8e23 --- /dev/null +++ b/img/app/etc/ssl/certs/ca-certificates.crt @@ -0,0 +1 @@ +/usr/share/ssl/certs/ca-bundle.crt \ No newline at end of file |