upRootNutrition/dotfiles
upRootNutrition/dotfiles
1
0
Fork 0
mirror of https://gitlab.com/upRootNutrition/dotfiles.git synced 2025-12-08 05:49:25 -06:00
Code Issues Projects 1 Releases Packages Wiki Activity Actions

test: vaultwarden microVM

Browse source
This commit is contained in:
Nick 2025-11-07 13:36:30 -06:00
parent e90d05f83d
commit 7ba592c0c5
43 changed files with 4005 additions and 267 deletions
Download patch file Download diff file Expand all files Collapse all files

93
example/microvm/virtiofsd/default.nix Executable file
View file

@ -0,0 +1,93 @@
{
config,
lib,
pkgs,
...
}:
let
virtiofsShares = builtins.filter ({ proto, ... }: proto == "virtiofs") config.microvm.shares;
requiresVirtiofsd = virtiofsShares != [ ];
inherit (pkgs.python3Packages) supervisor;
supervisord = lib.getExe' supervisor "supervisord";
supervisorctl = lib.getExe' supervisor "supervisorctl";
in
{
microvm.binScripts = lib.mkIf requiresVirtiofsd {
virtiofsd-run =
let
supervisordConfig = {
supervisord.nodaemon = true;
"eventlistener:notify" = {
command = pkgs.writers.writePython3 "supervisord-event-handler" { } (
pkgs.replaceVars ./supervisord-event-handler.py {
# 1 for the event handler process
virtiofsdCount = 1 + builtins.length virtiofsShares;
}
);
events = "PROCESS_STATE";
};
}
// builtins.listToAttrs (
map (
{
tag,
socket,
source,
readOnly,
...
}:
{
name = "program:virtiofsd-${tag}";
value = {
stderr_syslog = true;
stdout_syslog = true;
autorestart = true;
command = pkgs.writeShellScript "virtiofsd-${tag}" ''
if [ $(id -u) = 0 ]; then
OPT_RLIMIT="--rlimit-nofile 1048576"
else
OPT_RLIMIT=""
fi
exec ${lib.getExe pkgs.virtiofsd} \
--socket-path=${lib.escapeShellArg socket} \
${
lib.optionalString (
config.microvm.virtiofsd.group != null
) "--socket-group=${config.microvm.virtiofsd.group}"
} \
--shared-dir=${lib.escapeShellArg source} \
$OPT_RLIMIT \
--thread-pool-size ${toString config.microvm.virtiofsd.threadPoolSize} \
--posix-acl --xattr \
${
lib.optionalString (
config.microvm.virtiofsd.inodeFileHandles != null
) "--inode-file-handles=${config.microvm.virtiofsd.inodeFileHandles}"
} \
${lib.optionalString (config.microvm.hypervisor == "crosvm") "--tag=${tag}"} \
${lib.optionalString readOnly "--readonly"} \
${lib.concatStringsSep " " config.microvm.virtiofsd.extraArgs}
'';
};
}
) virtiofsShares
);
supervisordConfigFile = pkgs.writeText "${config.networking.hostName}-virtiofsd-supervisord.conf" (
lib.generators.toINI { } supervisordConfig
);
in
''
exec ${supervisord} --configuration ${supervisordConfigFile}
'';
virtiofsd-shutdown = ''
exec ${supervisorctl} stop
'';
};
}

44
example/microvm/virtiofsd/supervisord-event-handler.py Executable file
View file

@ -0,0 +1,44 @@
import subprocess
import sys
def write_stdout(s):
# only eventlistener protocol messages may be sent to stdout
sys.stdout.write(s)
sys.stdout.flush()
def write_stderr(s):
sys.stderr.write(s)
sys.stderr.flush()
def main():
count = 0
expected_count = @virtiofsdCount@
while True:
write_stdout('READY\n')
line = sys.stdin.readline()
# read event payload and print it to stderr
headers = dict([x.split(':') for x in line.split()])
sys.stdin.read(int(headers['len']))
# body = dict([x.split(':') for x in data.split()])
if headers["eventname"] == "PROCESS_STATE_RUNNING":
count += 1
write_stderr("Process state running...\n")
if headers["eventname"] == "PROCESS_STATE_STOPPING":
count -= 1
write_stderr("Process state stopping...\n")
if count >= expected_count:
subprocess.run(["systemd-notify", "--ready"])
write_stdout('RESULT 2\nOK')
if __name__ == '__main__':
main()