[Nix-dev] (setcap-wrapper) Building a nixos vm to test nixos-level modifications
Layus
layus.on at gmail.com
Fri Jul 1 08:38:10 CEST 2016
To build a nixos vm based on a custom configuration.nix, you use
$ export NIXOS_CONFIG=/my/custom/configuration.nix
then
$ nix-build “/your/checkout/of/nixpkgs”/nixos -A vm; # or, preferably,
$ nixos-rebuild build-vm -I nixpkgs=/your/checkout/of/nixpkgs
But see the excellent ML thread about building a nixos vm for testing
purposes[1].
Also, you may want to look at nbp’s fosdem presentation resources for
examples of minimal and modular NixOS configurations[2][3]
Finally, as it seems that you may test networking features, note that
the vm uses kvm virtio for the network card by default.
If you need real hardware emulation, use something like:
|{ virtualisation.qemu.networkingOptions = [ "-net
nic,vlan=0,model=e1000" # Replace virtio, otherwise mptcp is bypassed.
"-net user,vlan=0\${QEMU_NET_OPTS:+,$QEMU_NET_OPTS}" # keep the second
line. ]; } |
For comparison, my setup for testing inginious+linux_mptcp is attached.
Regards,
— Layus.
[1] http://lists.science.uu.nl/pipermail/nix-dev/2016-June/thread.html#20792
[2] https://github.com/nbp/slides/tree/master/FOSDEM/2015.Nix-NixOS-NixOps
[3] https://nbp.github.io/slides/FOSDEM/2015.Nix-NixOS-NixOps/
On 01/07/16 02:44, Parnell Springmeyer wrote:
> Hi! I recently added setcap-wrapper functionality to nixos at awake
> networks and I have contributed the changes in a fork on my own branch.
>
> My ask is: I'm having trouble figuring out how I should test this.
> Building a package is easy but is there a formula some where for
> building a nixos VM to test the setcap-wrapper functionality and my
> own modifications to take ping and ping6 out of the setuid and use
> setcap instead?
>
> --
> Parnell Springmeyer
> parnell at digitalmentat.com <mailto:parnell at digitalmentat.com> |
> digitalmentat.com <http://digitalmentat.com> | 0xDCCF89258EAD874A
> <http://pgp.mit.edu/pks/lookup?op=get&search=0xDCCF89258EAD874A>
>
>
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.science.uu.nl/pipermail/nix-dev/attachments/20160701/15bac117/attachment-0001.html>
-------------- next part --------------
{pkgs, ...}:
{
imports = [ ./minimal.nix ./mptcp.nix ];
networking.hostName = "inginious-webserver";
time.timeZone = "Europe/Brussels";
services.lighttpd.inginious = {
enable = true;
superadmins = [ "gmaudoux" ];
containers = {
default = "ingi/inginious-c-default";
oz = "ingi/inginious-c-oz";
};
extraConfig = ''
plugins:
- plugin_module: inginious.frontend.webapp.plugins.auth.demo_auth
users:
gmaudoux: gmaudoux
'';
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 80 ];
};
# This is a small server
services.mongodb.extraConfig = ''
smallfiles = true
nojournal = true
'';
# but docker needs more space !
virtualisation.diskSize = 2048; #MiB
nixpkgs.config.packageOverrides = (oldPkgs: {
inginious = oldPkgs.inginious.overrideDerivation (oldAttrs: {
src = /home/layus/projects/INGInious;
});
});
}
-------------- next part --------------
{pkgs, lib, ...}:
{
# Allow ssh
services.openssh.enable = true;
# Setup ssh key for root
users.extraUsers.root.openssh.authorizedKeys.keyFiles = [
/home/layus/.ssh/id_ecdsa.pub
];
# Disable X libs as this is a headless server
environment.noXlibs = lib.mkDefault true;
# Define keymap for Qemu
i18n = {
consoleFont = "lat9w-16";
consoleKeyMap = "be-latin1";
defaultLocale = "en_US.UTF-8";
};
}
-------------- next part --------------
{pkgs, ...}:
{
boot.kernelPackages = pkgs.linuxPackages_mptcp;
environment.systemPackages = [
pkgs.jshon
];
virtualisation.qemu.networkingOptions = [
"-net nic,vlan=0,model=e1000" # Replace virtio, otherwise mptcp is bypassed
"-net user,vlan=0\${QEMU_NET_OPTS:+,$QEMU_NET_OPTS}"
];
}
More information about the nix-dev
mailing list