Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Nix in Darwin #20

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from
Draft

Nix in Darwin #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
188a23c
Use nixpkgs' fetchurl
aciceri Feb 17, 2024
e8c9103
Optional idempotent script that installs nix and activate a darwin co…
aciceri Feb 17, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion makeDarwinImage/default.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
let
diskSize = if diskSizeBytes < 40000000000 then throw "diskSizeBytes ${toString diskSizeBytes} too small for macOS" else diskSizeBytes;

installAssistant-fetched = import <nix/fetchurl.nix> {
installAssistant-fetched = fetchurl {
Copy link
Contributor Author

@aciceri aciceri Feb 17, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Feel free to drop this, it's here just for my convenience. Without it I cannot fetch the image, don't know why but it's not related to the PR's goal.

url = "https://swcdn.apple.com/content/downloads/32/13/052-33049-A_UX3Z28TPLL/702vi772ckrytq1r67eli9zrgsu8jxxoqw/InstallAssistant.pkg";
sha256 = "sha256-IEJAiqpMNyF053UrW8Lz2r8uk+0LjS8MIs2ERWKqgrw=";
};
Expand Down
17 changes: 15 additions & 2 deletions makeDarwinImage/module.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,12 +97,26 @@ in
Whether to open the sshPort and vncDisplayNumber on the networking.firewall
'';
};
installNix = lib.mkOption {
type = lib.types.bool;
default = false;
description = lib.mdDoc ''
Whether to install Nix (it requires the machine to access the internet for the installation)
'';
};
darwinConfig = lib.mkOption {
type = lib.types.anything; # TODO figure out a better type
default = null;
description = lib.mdDoc ''
A darwinConfig to use for the VM (it may require to access the internet)
'';
};
};
config = let
run-macos = cfg.package.makeRunScript {
diskImage = cfg.package;
extraQemuFlags = [ "-vnc ${cfg.vncListenAddr}:${toString cfg.vncDisplayNumber}" ] ++ cfg.extraQemuFlags;
inherit (cfg) threads cores sockets mem sshListenAddr sshPort;
inherit (cfg) threads cores sockets mem sshListenAddr sshPort installNix darwinConfig;
};
in lib.mkIf cfg.enable {
networking.firewall.allowedTCPPorts = lib.optionals cfg.openFirewall [ (5900 + cfg.vncDisplayNumber) cfg.sshPort ];
Expand All @@ -117,7 +131,6 @@ in
Type = "simple";
ExecStart = "${lib.getExe run-macos}";
Restart = "always";
DynamicUser = true;
StateDirectory = baseNameOf cfg.dataDir;
WorkingDirectory = cfg.dataDir;
};
Expand Down
48 changes: 46 additions & 2 deletions makeDarwinImage/run.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
{ writeShellScriptBin
, openssh
, sshpass
, makeDarwinImage
, qemu_kvm
, nix
Expand All @@ -14,9 +16,49 @@
, mem ? "6G"
, diskImage ? (makeDarwinImage {})
, extraQemuFlags ? []
, installNix ? true
, darwinConfig ? null
, lib
}:
writeShellScriptBin "run-macOS.sh" ''
, writeShellScript
}: let
darwinSystemDrv = builtins.unsafeDiscardOutputDependency darwinConfig.system.drvPath;
installNixRemotelyScript = writeShellScript "install-nix.sh" ''
if ! command -v nix &> /dev/null
then
echo "Nix not found, installing it..."
echo admin | sudo -S /bin/sh -c "curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install --no-confirm"
fi
'';
installNixDarwinScript = writeShellScript "install-nix.sh" ''
DARWIN_CONFIG="$(nix build ${darwinSystemDrv}^out --print-out-paths --no-link)"
echo admin | sudo -S rm /etc/nix/nix.conf
echo admin | sudo -S $DARWIN_CONFIG/activate-user
echo admin | sudo -S $DARWIN_CONFIG/activate
'';
installNixScript = writeShellScript "install-nix.sh" ''
PATH=$PATH:${openssh}/bin:${sshpass}/bin
KEY_PATH=".ssh/id_ed25519"
[ ! -f $KEY_PATH ] && ssh-keygen -t ed25519 -f $KEY_PATH -N ""

while ! ssh-keyscan -p ${toString sshPort} 127.0.0.1
do
sleep 3
echo SSH not ready
done

echo "SSH ready"

sshpass -p admin ssh-copy-id -i $KEY_PATH -p ${toString sshPort} -o "StrictHostKeyChecking no" [email protected]

ssh -p ${toString sshPort} -o "StrictHostKeyChecking no" -i $KEY_PATH [email protected] bash -s -- < ${installNixRemotelyScript}

${lib.optionalString (! isNull darwinConfig) ''
NIX_SSHOPTS="-p ${toString sshPort} -i $KEY_PATH" nix-copy-closure --to [email protected] ${darwinSystemDrv}

ssh -p ${toString sshPort} -o "StrictHostKeyChecking no" -i $KEY_PATH [email protected] bash -s -- < ${installNixDarwinScript}
''}
'';
in writeShellScriptBin "run-macOS.sh" ''
MY_OPTIONS="+ssse3,+sse4.2,+popcnt,+avx,+aes,+xsave,+xsaveopt,check"

# In case Nix is not on the path, add it, but make it lower precedence than
Expand Down Expand Up @@ -51,6 +93,8 @@ writeShellScriptBin "run-macOS.sh" ''
${qemu_kvm}/bin/qemu-img create -b ${diskImage} -F qcow2 -f qcow2 ./macos-ventura.qcow2
fi

${lib.optionalString installNix "${installNixScript}&"}

# Sometimes plugins like JACK will not be compatible with QEMU from this
# flake, so unset LD_LIBRARY_PATH
set -x
Expand Down