From dccd00027e9f7f16575cc1793a3daf51b4dfe47f Mon Sep 17 00:00:00 2001 From: ners Date: Sun, 8 Oct 2023 19:35:14 +0200 Subject: nixos/azure: add contents module option (#244364) --- nixos/modules/virtualisation/azure-image.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/azure-image.nix b/nixos/modules/virtualisation/azure-image.nix index 17cfd3938305..39c6cab5980a 100644 --- a/nixos/modules/virtualisation/azure-image.nix +++ b/nixos/modules/virtualisation/azure-image.nix @@ -16,6 +16,13 @@ in Size of disk image. Unit is MB. ''; }; + virtualisation.azureImage.contents = mkOption { + type = with types; listOf attrs; + default = [ ]; + description = lib.mdDoc '' + Extra contents to add to the image. + ''; + }; }; config = { system.build.azureImage = import ../../lib/make-disk-image.nix { @@ -26,7 +33,7 @@ in ''; configFile = ./azure-config-user.nix; format = "raw"; - inherit (cfg) diskSize; + inherit (cfg) diskSize contents; inherit config lib pkgs; }; -- cgit 1.4.1 From 2f021def6e0a58e159e34b27b7796b2b5d0d0560 Mon Sep 17 00:00:00 2001 From: HaeNoe Date: Thu, 5 Oct 2023 20:39:19 +0200 Subject: nixos/oci-containers: add labels option --- nixos/modules/virtualisation/oci-containers.nix | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/oci-containers.nix b/nixos/modules/virtualisation/oci-containers.nix index a9f4ab77f866..71f5d7a752c8 100644 --- a/nixos/modules/virtualisation/oci-containers.nix +++ b/nixos/modules/virtualisation/oci-containers.nix @@ -66,6 +66,17 @@ let ''; }; + labels = mkOption { + type = with types; attrsOf str; + default = {}; + description = lib.mdDoc "Labels to attach to the container at runtime."; + example = literalExpression '' + { + "traefik.https.routers.example.rule" = "Host(`example.container`)"; + } + ''; + }; + entrypoint = mkOption { type = with types; nullOr str; description = lib.mdDoc "Override the default entrypoint of the image."; @@ -277,6 +288,7 @@ let ++ map (p: "-p ${escapeShellArg p}") container.ports ++ optional (container.user != null) "-u ${escapeShellArg container.user}" ++ map (v: "-v ${escapeShellArg v}") container.volumes + ++ (mapAttrsToList (k: v: "-l ${escapeShellArg k}=${escapeShellArg v}") container.labels) ++ optional (container.workdir != null) "-w ${escapeShellArg container.workdir}" ++ map escapeShellArg container.extraOptions ++ [container.image] -- cgit 1.4.1 From fd7daf9fc47e21bc5eaa7793fb23e0b647558e45 Mon Sep 17 00:00:00 2001 From: Donovan Glover Date: Thu, 3 Aug 2023 12:27:59 -0400 Subject: nixos/nixos-containers: add restartIfChanged option This commit makes auto-restarting declarative containers optional. This is useful when you don't want changes to your config to automatically restart the container and thus stop any applications running inside it. --- nixos/modules/virtualisation/nixos-containers.nix | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/nixos-containers.nix b/nixos/modules/virtualisation/nixos-containers.nix index 5df9942dbc04..aa85665af695 100644 --- a/nixos/modules/virtualisation/nixos-containers.nix +++ b/nixos/modules/virtualisation/nixos-containers.nix @@ -649,6 +649,15 @@ in ''; }; + restartIfChanged = mkOption { + type = types.bool; + default = true; + description = lib.mdDoc '' + Whether the container should be restarted during a NixOS + configuration switch if its definition has changed. + ''; + }; + timeoutStartSec = mkOption { type = types.str; default = "1min"; @@ -826,7 +835,7 @@ in containerConfig.path config.environment.etc."${configurationDirectoryName}/${name}.conf".source ]; - restartIfChanged = true; + restartIfChanged = containerConfig.restartIfChanged; } ) )) config.containers) -- cgit 1.4.1 From d934d20cd33f118f97a1c7475265fd4243b310a4 Mon Sep 17 00:00:00 2001 From: Maciej Krüger Date: Thu, 12 Oct 2023 15:21:18 +0200 Subject: nixos/lxd: fix ui.enable desc Otherwise it would show up as "Whether to enable Enables the (experimental) LXD UI. ." Now is just "Whether to enable (experimental) LXD UI." --- nixos/modules/virtualisation/lxd.nix | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix index e30fbebb662c..6f628c4a6e32 100644 --- a/nixos/modules/virtualisation/lxd.nix +++ b/nixos/modules/virtualisation/lxd.nix @@ -145,9 +145,7 @@ in { }; ui = { - enable = lib.mkEnableOption (lib.mdDoc '' - Enables the (experimental) LXD UI. - ''); + enable = lib.mkEnableOption (lib.mdDoc "(experimental) LXD UI"); package = lib.mkPackageOption pkgs.lxd-unwrapped "ui" { }; }; -- cgit 1.4.1 From c2ff509e66a2e4b3e2f1a24a20fa4340f34aba49 Mon Sep 17 00:00:00 2001 From: Adam Stephens Date: Thu, 12 Oct 2023 10:52:05 -0400 Subject: lxc-container: add squashfs image support and release output --- nixos/modules/virtualisation/lxc-container.nix | 18 +++++++++++++++++- nixos/release.nix | 15 +++++++++++++++ nixos/tests/lxd/container.nix | 13 ++++++++++++- 3 files changed, 44 insertions(+), 2 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index 9402d3bf37d0..25c253036ec8 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -36,7 +36,6 @@ in { ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system ''; - # TODO: build rootfs as squashfs for faster unpack system.build.tarball = pkgs.callPackage ../../lib/make-system-tarball.nix { extraArgs = "--owner=0"; @@ -63,6 +62,23 @@ in { extraCommands = "mkdir -p proc sys dev"; }; + system.build.squashfs = pkgs.callPackage ../../lib/make-squashfs.nix { + fileName = "nixos-lxc-image-${pkgs.stdenv.hostPlatform.system}"; + + noStrip = true; # keep directory structure + comp = "zstd -Xcompression-level 6"; + + storeContents = [config.system.build.toplevel]; + + pseudoFiles = [ + "/sbin d 0755 0 0" + "/sbin/init s 0555 0 0 ${config.system.build.toplevel}/init" + "/dev d 0755 0 0" + "/proc d 0555 0 0" + "/sys d 0555 0 0" + ]; + }; + system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" '' #!${pkgs.runtimeShell} ln -fs "$1/init" /sbin/init diff --git a/nixos/release.nix b/nixos/release.nix index abaa7ef9a711..60f4cc94399c 100644 --- a/nixos/release.nix +++ b/nixos/release.nix @@ -328,6 +328,21 @@ in rec { ); + lxdContainerImageSquashfs = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: + + with import ./.. { inherit system; }; + + hydraJob ((import lib/eval-config.nix { + inherit system; + modules = + [ configuration + versionModule + ./maintainers/scripts/lxd/lxd-container-image.nix + ]; + }).config.system.build.squashfs) + + ); + # Metadata for the lxd image lxdContainerMeta = forMatchingSystems [ "x86_64-linux" "aarch64-linux" ] (system: diff --git a/nixos/tests/lxd/container.nix b/nixos/tests/lxd/container.nix index bdaaebfc0028..0ebe73d872f2 100644 --- a/nixos/tests/lxd/container.nix +++ b/nixos/tests/lxd/container.nix @@ -13,6 +13,7 @@ let lxd-image-metadata = releases.lxdContainerMeta.${pkgs.stdenv.hostPlatform.system}; lxd-image-rootfs = releases.lxdContainerImage.${pkgs.stdenv.hostPlatform.system}; + lxd-image-rootfs-squashfs = releases.lxdContainerImageSquashfs.${pkgs.stdenv.hostPlatform.system}; in { name = "lxd-container"; @@ -23,7 +24,7 @@ in { nodes.machine = { lib, ... }: { virtualisation = { - diskSize = 4096; + diskSize = 6144; # Since we're testing `limits.cpu`, we've gotta have a known number of # cores to lean on @@ -65,6 +66,16 @@ in { machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -") machine.succeed("lxc delete -f container") + with subtest("Squashfs image is functional"): + machine.succeed( + "lxc image import ${lxd-image-metadata}/*/*.tar.xz ${lxd-image-rootfs-squashfs} --alias nixos-squashfs" + ) + machine.succeed("lxc launch nixos-squashfs container") + with machine.nested("Waiting for instance to start and be usable"): + retry(instance_is_up) + machine.succeed("echo true | lxc exec container /run/current-system/sw/bin/bash -") + machine.succeed("lxc delete -f container") + with subtest("Container is mounted with lxcfs inside"): machine.succeed("lxc launch nixos container") with machine.nested("Waiting for instance to start and be usable"): -- cgit 1.4.1 From dbeeeb8e0651837137e50f0c4a323831e295effd Mon Sep 17 00:00:00 2001 From: Adam Stephens Date: Wed, 11 Oct 2023 23:35:53 -0400 Subject: nixos/lxc-container: enable udev-trigger for nested containers --- nixos/modules/virtualisation/lxc-container.nix | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index 9402d3bf37d0..c40c7bee1886 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -9,15 +9,16 @@ in { options = { virtualisation.lxc = { - privilegedContainer = lib.mkOption { - type = lib.types.bool; - default = false; - description = lib.mdDoc '' - Whether this LXC container will be running as a privileged container or not. If set to `true` then - additional configuration will be applied to the `systemd` instance running within the container as - recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). - ''; - }; + nestedContainer = lib.mkEnableOption (lib.mdDoc '' + Whether this container is configured as a nested container. On LXD containers this is recommended + for all containers and is enabled with `security.nesting = true`. + ''); + + privilegedContainer = lib.mkEnableOption (lib.mdDoc '' + Whether this LXC container will be running as a privileged container or not. If set to `true` then + additional configuration will be applied to the `systemd` instance running within the container as + recommended by [distrobuilder](https://linuxcontainers.org/distrobuilder/introduction/). + ''); }; }; @@ -68,6 +69,8 @@ in { ln -fs "$1/init" /sbin/init ''; + systemd.additionalUpstreamSystemUnits = lib.mkIf cfg.nestedContainer ["systemd-udev-trigger.service"]; + # Add the overrides from lxd distrobuilder # https://github.com/lxc/distrobuilder/blob/05978d0d5a72718154f1525c7d043e090ba7c3e0/distrobuilder/main.go#L630 systemd.packages = [ -- cgit 1.4.1 From 7096340f9e63c67bc18c2552ad66297f29488fa9 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Sat, 21 Oct 2023 18:34:49 +0200 Subject: nixos/qemu-vm: Rename nixos-disk-image -> nix-store-image For the image that's actually a store image only. Helps with visibility. The name "nixos-disk-image" has no special significance, by grepping nixpkgs. --- nixos/modules/virtualisation/qemu-vm.nix | 1 + 1 file changed, 1 insertion(+) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index e0004df6f6b2..737a935711ae 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -267,6 +267,7 @@ let }; storeImage = import ../../lib/make-disk-image.nix { + name = "nix-store-image"; inherit pkgs config lib; additionalPaths = [ regInfo ]; format = "qcow2"; -- cgit 1.4.1 From d156ab6c9c98a5ac94d52989cb178bb2e26658af Mon Sep 17 00:00:00 2001 From: Joseph Stahl <1269177+josephst@users.noreply.github.com> Date: Tue, 17 Oct 2023 13:38:37 -0500 Subject: nixos/lxc-container: use absolute path for ln in install-lxc-sbin-init.sh Recent change to nixos-rebuild (https://github.com/NixOS/nixpkgs/pull/258571) adds systemd-run, which brings with it a cleaner environment (ie $PATH not available). Workaround: use absolute path for ln to avoid command-not-found error --- nixos/modules/virtualisation/lxc-container.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/lxc-container.nix b/nixos/modules/virtualisation/lxc-container.nix index c40c7bee1886..1034c699629d 100644 --- a/nixos/modules/virtualisation/lxc-container.nix +++ b/nixos/modules/virtualisation/lxc-container.nix @@ -66,7 +66,7 @@ in { system.build.installBootLoader = pkgs.writeScript "install-lxd-sbin-init.sh" '' #!${pkgs.runtimeShell} - ln -fs "$1/init" /sbin/init + ${pkgs.coreutils}/bin/ln -fs "$1/init" /sbin/init ''; systemd.additionalUpstreamSystemUnits = lib.mkIf cfg.nestedContainer ["systemd-udev-trigger.service"]; -- cgit 1.4.1 From 25872524f0ed0e16c382754d8d10ddb44c23c50c Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sun, 30 Apr 2023 04:02:15 +0200 Subject: nixos/qemu-vm: add `virtualisation.tpm` for running TPM in QEMU infrastructure --- nixos/modules/virtualisation/qemu-vm.nix | 44 +++++++++++++++++++++++++++++++- 1 file changed, 43 insertions(+), 1 deletion(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index d0a5ddd87ccf..a1606839b6ce 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -198,6 +198,16 @@ let fi ''} + ${lib.optionalString cfg.tpm.enable '' + NIX_SWTPM_DIR=$(readlink -f "''${NIX_SWTPM_DIR:-${config.system.name}-swtpm}") + mkdir -p "$NIX_SWTPM_DIR" + ${lib.getExe cfg.tpm.package} \ + socket \ + --tpmstate dir="$NIX_SWTPM_DIR" \ + --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket \ + "--tpm2" 1>"$NIX_SWTPM_DIR"/stdout 2>"$NIX_SWTPM_DIR"/stderr & + ''} + cd "$TMPDIR" ${lib.optionalString (cfg.emptyDiskImages != []) "idx=0"} @@ -862,6 +872,32 @@ in }; }; + virtualisation.tpm = { + enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm."; + + package = mkPackageOptionMD cfg.host.pkgs "swtpm" { }; + + deviceModel = mkOption { + type = types.str; + default = ({ + "i686-linux" = "tpm-tis"; + "x86_64-linux" = "tpm-tis"; + "ppc64-linux" = "tpm-spapr"; + "armv7-linux" = "tpm-tis-device"; + "aarch64-linux" = "tpm-tis-device"; + }.${pkgs.hostPlatform.system} or (throw "Unsupported system for TPM2 emulation in QEMU")); + defaultText = '' + Based on the guest platform Linux system: + + - `tpm-tis` for (i686, x86_64) + - `tpm-spapr` for ppc64 + - `tpm-tis-device` for (armv7, aarch64) + ''; + example = "tpm-tis-device"; + description = lib.mdDoc "QEMU device model for the TPM, uses the appropriate default based on th guest platform system and the package passed."; + }; + }; + virtualisation.useDefaultFilesystems = mkOption { type = types.bool; @@ -1027,7 +1063,8 @@ in boot.initrd.availableKernelModules = optional cfg.writableStore "overlay" - ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx"; + ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx" + ++ optional (cfg.tpm.enable) "tpm_tis"; virtualisation.additionalPaths = [ config.system.build.toplevel ]; @@ -1098,6 +1135,11 @@ in (mkIf (!cfg.graphics) [ "-nographic" ]) + (mkIf (cfg.tpm.enable) [ + "-chardev socket,id=chrtpm,path=\"$NIX_SWTPM_DIR\"/socket" + "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" + "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" + ]) ]; virtualisation.qemu.drives = mkMerge [ -- cgit 1.4.1 From 08f4fe20874ea19c55849138fb3af734cb72a5a1 Mon Sep 17 00:00:00 2001 From: Arthur Gautier Date: Tue, 1 Aug 2023 07:05:58 +0000 Subject: qemu-vm: stop the swtpm once qemu stops MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The idea is to run an async process waiting for swtpm and we have to ensure that `FD_CLOEXEC` is cleared on this process' stdin file descriptor, we use `fdflags` for this, a loadable builtin in Bash ≥ 5. The async process when exited will terminate `swtpm`, we bind the termination of the async process to the termination of QEMU by virtue of having `qemu` exec in that Bash script. Signed-off-by: Arthur Gautier Co-authored-by: Raito Bezarius --- nixos/modules/virtualisation/qemu-vm.nix | 27 +++++++++++++++++++++++++-- 1 file changed, 25 insertions(+), 2 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index a1606839b6ce..3bf8bbd9dab0 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -204,8 +204,31 @@ let ${lib.getExe cfg.tpm.package} \ socket \ --tpmstate dir="$NIX_SWTPM_DIR" \ - --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket \ - "--tpm2" 1>"$NIX_SWTPM_DIR"/stdout 2>"$NIX_SWTPM_DIR"/stderr & + --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket,terminate \ + --pid file="$NIX_SWTPM_DIR"/pid --daemon \ + --tpm2 \ + --log file="$NIX_SWTPM_DIR"/stdout,level=6 + + # Enable `fdflags` builtin in Bash + # We will need it to perform surgical modification of the file descriptor + # passed in the coprocess to remove `FD_CLOEXEC`, i.e. close the file descriptor + # on exec. + # If let alone, it will trigger the coprocess to read EOF when QEMU is `exec` + # at the end of this script. To work around that, we will just clear + # the `FD_CLOEXEC` bits as a first step. + enable -f ${hostPkgs.bash}/lib/bash/fdflags fdflags + # leave a dangling subprocess because the swtpm ctrl socket has + # "terminate" when the last connection disconnects, it stops swtpm. + # When qemu stops, or if the main shell process ends, the coproc will + # get signaled by virtue of the pipe between main and coproc ending. + # Which in turns triggers a socat connect-disconnect to swtpm which + # will stop it. + coproc waitingswtpm { + read || : + echo "" | ${lib.getExe hostPkgs.socat} STDIO UNIX-CONNECT:"$NIX_SWTPM_DIR"/socket + } + # Clear `FD_CLOEXEC` on the coprocess' file descriptor stdin. + fdflags -s-cloexec ''${waitingswtpm[1]} ''} cd "$TMPDIR" -- cgit 1.4.1 From ab1f45f3d3b12a2e2809bea0a18e2b4b873e1810 Mon Sep 17 00:00:00 2001 From: Michael Hoang Date: Thu, 19 Oct 2023 10:11:07 +0100 Subject: linux-builder: support `x86_64-linux` on `aarch64` --- nixos/lib/qemu-common.nix | 1 + nixos/modules/virtualisation/qemu-vm.nix | 4 ++-- pkgs/top-level/darwin-packages.nix | 12 +++++++++++- 3 files changed, 14 insertions(+), 3 deletions(-) (limited to 'nixos/modules/virtualisation') diff --git a/nixos/lib/qemu-common.nix b/nixos/lib/qemu-common.nix index 4fff2e0a6f15..b946f62d93dc 100644 --- a/nixos/lib/qemu-common.nix +++ b/nixos/lib/qemu-common.nix @@ -40,6 +40,7 @@ rec { otherHostGuestMatrix = { aarch64-darwin = { aarch64-linux = "${qemuPkg}/bin/qemu-system-aarch64 -machine virt,gic-version=2,accel=hvf:tcg -cpu max"; + inherit (otherHostGuestMatrix.x86_64-darwin) x86_64-linux; }; x86_64-darwin = { x86_64-linux = "${qemuPkg}/bin/qemu-system-x86_64 -machine type=q35,accel=hvf:tcg -cpu max"; diff --git a/nixos/modules/virtualisation/qemu-vm.nix b/nixos/modules/virtualisation/qemu-vm.nix index e0004df6f6b2..e335656a994c 100644 --- a/nixos/modules/virtualisation/qemu-vm.nix +++ b/nixos/modules/virtualisation/qemu-vm.nix @@ -656,8 +656,8 @@ in package = mkOption { type = types.package; - default = hostPkgs.qemu_kvm; - defaultText = literalExpression "config.virtualisation.host.pkgs.qemu_kvm"; + default = if hostPkgs.stdenv.hostPlatform.qemuArch == pkgs.stdenv.hostPlatform.qemuArch then hostPkgs.qemu_kvm else hostPkgs.qemu; + defaultText = literalExpression "if hostPkgs.stdenv.hostPlatform.qemuArch == pkgs.stdenv.hostPlatform.qemuArch then config.virtualisation.host.pkgs.qemu_kvm else config.virtualisation.host.pkgs.qemu"; example = literalExpression "pkgs.qemu_test"; description = lib.mdDoc "QEMU package to use."; }; diff --git a/pkgs/top-level/darwin-packages.nix b/pkgs/top-level/darwin-packages.nix index ed049340332c..bc35b2065697 100644 --- a/pkgs/top-level/darwin-packages.nix +++ b/pkgs/top-level/darwin-packages.nix @@ -233,15 +233,25 @@ impure-cmds // appleSourcePackages // chooseLibs // { ../../nixos/modules/profiles/macos-builder.nix ] ++ modules; + # If you need to override this, consider starting with the right Nixpkgs + # in the first place, ie change `pkgs` in `pkgs.darwin.linux-builder`. + # or if you're creating new wiring that's not `pkgs`-centric, perhaps use the + # macos-builder profile directly. virtualisation.host = { inherit pkgs; }; + + nixpkgs.hostPlatform = lib.mkDefault (toGuest stdenv.hostPlatform.system); }; - system = toGuest stdenv.hostPlatform.system; + system = null; }; in nixos.config.system.build.macos-builder-installer) { modules = [ ]; }; + linux-builder-x86_64 = self.linux-builder.override { + modules = [ { nixpkgs.hostPlatform = "x86_64-linux"; } ]; + }; + } // lib.optionalAttrs config.allowAliases { builder = throw "'darwin.builder' has been changed and renamed to 'darwin.linux-builder'. The default ssh port is now 31022. Please update your configuration or override the port back to 22. See https://nixos.org/manual/nixpkgs/unstable/#sec-darwin-builder"; # added 2023-07-06 }); -- cgit 1.4.1