Skip to content

Commit

Permalink
Switch vm boot to systemd in initrd
Browse files Browse the repository at this point in the history
- enable systemd boot in initrd by default
- add systemd verbosity flag
- add device path in storagevm to allow impermanence to mount fs

Signed-off-by: Manuel Bluhm <[email protected]>
  • Loading branch information
mbssrc committed Dec 11, 2024
1 parent fa8526d commit ad828e5
Show file tree
Hide file tree
Showing 5 changed files with 50 additions and 9 deletions.
28 changes: 28 additions & 0 deletions modules/common/systemd/base.nix
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@ let
mkIf
mkForce
types
optionalAttrs
;

# Override minimal systemd package configuration
Expand Down Expand Up @@ -150,6 +151,12 @@ let
"systemd-networkd.service"
"systemd-networkd.socket"
])
++ (lib.optionals (!cfg.withAudio) [
"sound.target"
])
++ (lib.optionals (!cfg.withBluetooth) [
"bluetooth.target"
])
++ (lib.optionals (!cfg.withDebug) [
## Units kept with debug
"kbrequest.target"
Expand Down Expand Up @@ -307,11 +314,29 @@ in
default = false;
};

withAudio = mkOption {
description = "Enable audio functionality.";
type = types.bool;
default = false;
};

withBluetooth = mkOption {
description = "Enable bluetooth functionality.";
type = types.bool;
default = false;
};

withDebug = mkOption {
description = "Enable systemd debug functionality.";
type = types.bool;
default = false;
};

verboseLogs = mkOption {
description = "Increase systemd log verbosity.";
type = types.bool;
default = false;
};
};

config = mkIf cfg.enable {
Expand All @@ -324,6 +349,9 @@ in
# Misc. configurations
enableEmergencyMode = cfg.withDebug;
coredump.enable = cfg.withDebug || cfg.withMachines;
managerEnvironment = optionalAttrs cfg.verboseLogs {
SYSTEMD_LOG_LEVEL = "debug";
};

# Service startup optimization
services.systemd-networkd-wait-online.enable = mkForce false;
Expand Down
24 changes: 17 additions & 7 deletions modules/common/systemd/boot.nix
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,12 @@ let
cfg = config.ghaf.systemd.boot;
cfgBase = config.ghaf.systemd;

inherit (lib) mkEnableOption mkIf optionals;
inherit (lib)
mkIf
optionals
mkOption
optionalAttrs
;

# Package configuration
package = pkgs.systemdMinimal.override (
Expand All @@ -33,8 +38,7 @@ let

# Suppressed initrd systemd units
suppressedUnits =
[ "multi-user.target" ]
++ (lib.optionals ((!cfgBase.withDebug) && (!cfgBase.withJournal)) [
(lib.optionals ((!cfgBase.withDebug) && (!cfgBase.withJournal)) [
"systemd-journald.service"
"systemd-journald.socket"
"systemd-journald-dev-log.socket"
Expand All @@ -54,23 +58,29 @@ let
in
{
options.ghaf.systemd.boot = {
enable = mkEnableOption "Enable systemd in stage 1 of the boot (initrd).";
enable = mkOption {
default = config.ghaf.systemd.enable;
description = "Enable systemd in stage 1 of the boot (initrd).";
};
};

config = mkIf cfg.enable {
boot.initrd = {
verbose = config.ghaf.profiles.debug.enable;
verbose = cfgBase.verboseLogs;
services.lvm.enable = true;
systemd = {
enable = true;
inherit package;
inherit suppressedUnits;
emergencyAccess = config.ghaf.profiles.debug.enable;
emergencyAccess = cfgBase.withDebug;
tpm2.enable = cfgBase.withTpm2Tss;
initrdBin = optionals config.ghaf.profiles.debug.enable [
initrdBin = optionals cfgBase.withDebug [
pkgs.lvm2
pkgs.util-linux
];
managerEnvironment = optionalAttrs cfgBase.verboseLogs {
SYSTEMD_LOG_LEVEL = "debug";
};
};
};
};
Expand Down
2 changes: 2 additions & 0 deletions modules/microvm/virtualization/microvm/audiovm.nix
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,8 @@ let
enable = true;
withName = "audiovm-systemd";
withAudit = configHost.ghaf.profiles.debug.enable;
withAudio = true;
withBluetooth = true;
withNss = true;
withResolved = true;
withTimesyncd = true;
Expand Down
3 changes: 2 additions & 1 deletion modules/microvm/virtualization/microvm/common/storagevm.nix
Original file line number Diff line number Diff line change
Expand Up @@ -63,13 +63,14 @@ in
config = lib.mkIf cfg.enable {
fileSystems.${mountPath} = {
neededForBoot = true;
options = lib.mkForce [
options = [
"rw"
"nodev"
"nosuid"
"noexec"
];
};
virtualisation.fileSystems.${mountPath}.device = "/dev/vda";

microvm.shares = [
{
Expand Down
2 changes: 1 addition & 1 deletion modules/microvm/virtualization/microvm/microvm-host.nix
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,10 @@ in
config = lib.mkMerge [
(lib.mkIf cfg.enable {
microvm.host.enable = true;
microvm.host.useNotifySockets = true;
ghaf.systemd = {
withName = "host-systemd";
enable = true;
boot.enable = true;
withAudit = config.ghaf.profiles.debug.enable;
withPolkit = true;
withTpm2Tss = pkgs.stdenv.hostPlatform.isx86;
Expand Down

0 comments on commit ad828e5

Please sign in to comment.