diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 5013ced8a..7415825f9 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -116,7 +116,7 @@ software can be installed by using standard Nix mechanisms like `nix run nixpkgs ### Contributing new VM definitions -#### Acceptance Criteria +#### VM Acceptance Criteria We welcome the contribution of new VM definitions, as long as they meet the following criteria: @@ -130,5 +130,5 @@ We welcome the contribution of new VM definitions, as long as they meet the foll 1. VMs should be as minimal as possible so that they build and launch quickly. Additional software can be added at runtime with a command like `nix run nixpkgs#`. 2. VMs should not expose any services to the network, or run any remote access - software like SSH, VNC or RDP. + software like SSH daemons, VNC or RDP. 3. VMs should auto-login using the "ghostty" user. diff --git a/flake.nix b/flake.nix index 38aea5b80..81e9b422c 100644 --- a/flake.nix +++ b/flake.nix @@ -59,9 +59,9 @@ formatter.${system} = pkgs-stable.alejandra; - nixosConfigurations = let + apps.${system} = let makeVM = ( - path: + path: system: uid: gid: nixpkgs-stable.lib.nixosSystem { system = builtins.replaceStrings ["darwin"] ["linux"] system; modules = [ @@ -69,32 +69,33 @@ virtualisation.vmVariant = { virtualisation.host.pkgs = pkgs-stable; }; + nixpkgs.overlays = [ - self.overlays.releasefast + self.overlays.debug ]; + + users.groups.ghostty = { + gid = gid; + }; + + users.users.ghostty = { + uid = gid; + }; + + system.stateVersion = "24.11"; } ./nix/vm/common.nix path ]; } ); - in { - "wayland-cinnamon-${system}" = makeVM ./nix/vm/wayland-cinnamon.nix; - "wayland-gnome-${system}" = makeVM ./nix/vm/wayland-gnome.nix; - "wayland-plasma6-${system}" = makeVM ./nix/vm/wayland-plasma6.nix; - "x11-cinnamon-${system}" = makeVM ./nix/vm/x11-cinnamon.nix; - "x11-gnome-${system}" = makeVM ./nix/vm/x11-gnome.nix; - "x11-plasma6-${system}" = makeVM ./nix/vm/x11-plasma6.nix; - }; - - apps.${system} = let - wrapVM = ( - name: let + runVM = ( + path: let program = pkgs-stable.writeShellScript "run-ghostty-vm" '' SHARED_DIR=$(pwd) export SHARED_DIR - ${self.nixosConfigurations."${name}-${system}".config.system.build.vm}/bin/run-ghostty-vm + ${(makeVM path system 1000 1000).config.system.build.vm}/bin/run-ghostty-vm ''; in { type = "app"; @@ -102,12 +103,12 @@ } ); in { - wayland-cinnamon = wrapVM "wayland-cinnamon"; - wayland-gnome = wrapVM "wayland-gnome"; - wayland-plasma6 = wrapVM "wayland-plasma6"; - x11-cinnamon = wrapVM "x11-cinnamon"; - x11-gnome = wrapVM "x11-gnome"; - x11-plasma6 = wrapVM "x11-plasma6"; + wayland-cinnamon = runVM ./nix/vm/wayland-cinnamon.nix; + wayland-gnome = runVM ./nix/vm/wayland-gnome.nix; + wayland-plasma6 = runVM ./nix/vm/wayland-plasma6.nix; + x11-cinnamon = runVM ./nix/vm/x11-cinnamon.nix; + x11-gnome = runVM ./nix/vm/x11-gnome.nix; + x11-plasma6 = runVM ./nix/vm/x11-plasma6.nix; }; } # Our supported systems are the same supported systems as the Zig binaries. diff --git a/nix/vm/common-gnome.nix b/nix/vm/common-gnome.nix index d5018b457..d43f5dc9e 100644 --- a/nix/vm/common-gnome.nix +++ b/nix/vm/common-gnome.nix @@ -63,32 +63,6 @@ yelp ]; - services.gnome = { - gnome-browser-connector.enable = false; - gnome-initial-setup.enable = false; - gnome-online-accounts.enable = false; - gnome-remote-desktop.enable = false; - rygel.enable = false; - }; - - system.activationScripts = { - face = { - text = '' - mkdir -p /var/lib/AccountsService/{icons,users} - - cp ${pkgs.ghostty}/share/icons/hicolor/1024x1024/apps/com.mitchellh.ghostty.png /var/lib/AccountsService/icons/ghostty - - echo -e "[User]\nIcon=/var/lib/AccountsService/icons/ghostty\n" > /var/lib/AccountsService/users/ghostty - - chown root:root /var/lib/AccountsService/users/ghostty - chmod 0600 /var/lib/AccountsService/users/ghostty - - chown root:root /var/lib/AccountsService/icons/ghostty - chmod 0444 /var/lib/AccountsService/icons/ghostty - ''; - }; - }; - programs.dconf = { enable = true; profiles.user.databases = [ @@ -129,4 +103,30 @@ }; programs.geary.enable = false; + + services.gnome = { + gnome-browser-connector.enable = false; + gnome-initial-setup.enable = false; + gnome-online-accounts.enable = false; + gnome-remote-desktop.enable = false; + rygel.enable = false; + }; + + system.activationScripts = { + face = { + text = '' + mkdir -p /var/lib/AccountsService/{icons,users} + + cp ${pkgs.ghostty}/share/icons/hicolor/1024x1024/apps/com.mitchellh.ghostty.png /var/lib/AccountsService/icons/ghostty + + echo -e "[User]\nIcon=/var/lib/AccountsService/icons/ghostty\n" > /var/lib/AccountsService/users/ghostty + + chown root:root /var/lib/AccountsService/users/ghostty + chmod 0600 /var/lib/AccountsService/users/ghostty + + chown root:root /var/lib/AccountsService/icons/ghostty + chmod 0444 /var/lib/AccountsService/icons/ghostty + ''; + }; + }; } diff --git a/nix/vm/common.nix b/nix/vm/common.nix index fa0305ad0..6e80dd5b6 100644 --- a/nix/vm/common.nix +++ b/nix/vm/common.nix @@ -25,13 +25,10 @@ users.mutableUsers = true; - users.groups.ghostty = { - gid = 1000; - }; + users.groups.ghostty = {}; users.users.ghostty = { description = "Ghostty"; - uid = 1000; group = "ghostty"; extraGroups = ["wheel"]; isNormalUser = true; @@ -49,6 +46,7 @@ pkgs.ghostty pkgs.helix pkgs.neovim + pkgs.xterm pkgs.zig_0_13 ]; @@ -81,6 +79,4 @@ services.xserver = { enable = true; }; - - system.stateVersion = "24.11"; }