Introduce fmo-tool and configs

- Add fmo-tool configs - Add fmo-tool package - Add vhotplug package for dynamic device passthrough - Refactor fmo-services into host-services and vm-services - Move public filter into flake.nix Signed-off-by: Anh Huy Bui <[email protected]>
tiiuae · Oct 8, 2024 · 37e13b2 · 37e13b2
1 parent fdf903f
commit 37e13b2
Show file tree

Hide file tree

Showing 22 changed files with 530 additions and 55 deletions.
diff --git a/config-processor-hardware.nix b/config-processor-hardware.nix
@@ -5,16 +5,12 @@
   self,
   lib,
   ghafOS,
-}: {
-  sysconf,
-}:
+}: sysconf:
 let
-  inherit (import ./utils {inherit lib self ghafOS;}) updateAttrs updateHostConfig addCustomLaunchers addSystemPackages importvm;
-
-  targetconf = if lib.hasAttr "extend" sysconf
-               then updateAttrs false (import (lib.path.append ./hardware sysconf.extend) ).sysconf sysconf
-               else sysconf;
+  inherit (import ./utils {inherit lib self ghafOS;}) 
+      updateAttrs updateHostConfig addCustomLaunchers addSystemPackages importvm generateFMOToolConfig;
 
+  targetconf = sysconf;
   name = targetconf.name;
   system = "x86_64-linux";
 
@@ -47,10 +43,11 @@ let
             ];
           }
         ]
-        ++ (addCustomLaunchers targetconf.launchers)
-        ++ (addSystemPackages  targetconf.systemPackages)
-        ++ (importvm           targetconf.vms)
-        ++ (updateHostConfig   targetconf)
+        ++ (addCustomLaunchers    targetconf.launchers)
+        ++ (addSystemPackages     targetconf.systemPackages)
+        ++ (importvm              targetconf.vms)
+        ++ (updateHostConfig      targetconf)
+        ++ (generateFMOToolConfig targetconf)
         ++ (if lib.hasAttr "extraModules" targetconf then targetconf.extraModules else []);
     };
   in {

diff --git a/config-processor-installers.nix b/config-processor-installers.nix
@@ -5,27 +5,21 @@
   self,
   lib,
   ghafOS,
-}: {
-  sysconf,
-}:
+}: sysconf:
 let
   inherit (import ./utils {inherit lib self ghafOS;}) updateAttrs addSystemPackages;
 
   oss = sysconf.oss;
   oss_list_name = "installer_os_list";
   oss_list_path = "/etc/${oss_list_name}";
 
-  installerconf = if lib.hasAttr "extend" sysconf
-               then updateAttrs false (import (lib.path.append ./installers sysconf.extend) ).sysconf sysconf
-               else sysconf;
-
+  installerconf = sysconf;
 
   installerApp = inst_app: let
       installers = (builtins.removeAttrs inst_app ["name"]) //
                 { oss_path = lib.mkDefault "${oss_list_path}"; };
     in installers;
 
-
   installer = variant: let
     system = "x86_64-linux";
 
@@ -87,7 +81,7 @@ let
             installer.${installerconf.installer.name} = installerApp installerconf.installer;
           }
           {
-            isoImage.squashfsCompression = "lz4"; 
+            isoImage.squashfsCompression = "lz4";
           }
         ]
         ++ (addSystemPackages installerconf.systemPackages)

diff --git a/flake.nix b/flake.nix
@@ -21,11 +21,7 @@
   outputs = inputs @ {ghafOS, self, ...}: let
     # Retrieve inputs from Ghaf
     nixpkgs = ghafOS.inputs.nixpkgs;
-    flake-utils = ghafOS.inputs.flake-utils;
     flake-parts = ghafOS.inputs.flake-parts;
-    systems = with flake-utils.lib.system; [
-      x86_64-linux
-    ];
 
     lib = nixpkgs.lib.extend (final: _prev: {
       ghaf = import "${ghafOS}/lib" {
@@ -34,10 +30,24 @@
       };
     });
 
+    hwConfigs = [
+      (import ./hardware/fmo-os-rugged-laptop-7330.nix)
+      (import ./hardware/fmo-os-rugged-laptop-7330-public.nix)
+      (import ./hardware/fmo-os-rugged-tablet-7230.nix)
+      (import ./hardware/fmo-os-rugged-tablet-7230-public.nix)
+    ];
+    instConfigs = [
+      (import ./installers/fmo-os-installer.nix)
+      (import ./installers/fmo-os-installer-public.nix)
+    ];
+    updateAttrs = (import ./utils/updateAttrs.nix).updateAttrs;
+    inheritConfig = confPath: { sysconf }: if lib.hasAttr "extend" sysconf
+          then updateAttrs false (import (lib.path.append confPath sysconf.extend) ).sysconf sysconf
+          else sysconf;
     generateHwConfig = import ./config-processor-hardware.nix {inherit ghafOS self lib;};
     generateInstConfig = import ./config-processor-installers.nix {inherit ghafOS self lib;};
+
   in
-
     flake-parts.lib.mkFlake
     {
       inherit inputs;
@@ -53,15 +63,8 @@
       imports = [
         ./hydrajobs/flake-module.nix
         ./modules/flake-module.nix
-      ] ++ map generateHwConfig [
-        (import ./hardware/fmo-os-rugged-laptop-7330.nix)
-        (import ./hardware/fmo-os-rugged-laptop-7330-public.nix)
-        (import ./hardware/fmo-os-rugged-tablet-7230.nix)
-        (import ./hardware/fmo-os-rugged-tablet-7230-public.nix)
-      ] ++ map generateInstConfig [
-        (import ./installers/fmo-os-installer.nix)
-        (import ./installers/fmo-os-installer-public.nix)
-      ];
+      ] ++ map generateHwConfig   (map (conf: inheritConfig ./hardware conf)   hwConfigs)
+        ++ map generateInstConfig (map (conf: inheritConfig ./installers conf) instConfigs);
 
       flake.lib = lib;
     };

diff --git a/hardware/fmo-os-rugged-laptop-7330.nix b/hardware/fmo-os-rugged-laptop-7330.nix
@@ -7,6 +7,11 @@
     name = "fmo-os-rugged-laptop-7330";
     ipaddr = "192.168.101.2";
     defaultgw = "192.168.101.1";
+    release = "v1.0.0a";
+
+    fmo-system = {
+      RAversion = "v0.8.4";
+    };
 
     systemPackages = [
       "vim"
@@ -37,7 +42,19 @@
         services = {
           fmo-psk-distribution-service-host = {
               enable = true;
-          };
+          }; # fmo-psk-distribution-service-host
+          fmo-dynamic-portforwarding-service-host = {
+            enable = true;
+            config-paths = {
+              netvm = "/var/netvm/netconf/dpf.config";
+            };
+          }; # services.dynamic-portforwarding-service
+          fmo-dynamic-device-passthrough-service-host = {
+            enable = true;
+          }; # services.dynamic-device-passthrough-service-host
+          fmo-config = {
+            enable = true;
+          }; # fmo-config
           registration-agent-laptop = {
             enable = true;
           }; # services.registration-agent-laptop
@@ -100,12 +117,13 @@
 
             fmo-psk-distribution-service-vm = {
               enable = true;
-            };
+            }; # services.fmo-psk-distribution-service-vm
 
-            portforwarding-service = {
+            dynamic-portforwarding-service = {
               enable = true;
               ipaddress = "192.168.100.12";
               ipaddress-path = "/etc/NetworkManager/system-connections/ip-address";
+              config-path = "/etc/NetworkManager/system-connections/dpf.config";
               configuration = [
                 {
                   dip = "192.168.101.11";
@@ -144,7 +162,7 @@
                   proto = "udp";
                 }
               ];
-            }; # services.portforwarding-service;
+            }; # services.dynamic-portforwarding-service
           }; # services
 
           microvm = {
@@ -247,6 +265,16 @@
               enable = true;
               hostname-path = "/var/lib/fogdata/hostname";
             }; # services.fmo-hostnam-service
+            fmo-dynamic-device-passthrough = {
+              enable = true;
+              devices = [
+                {
+                  bus = "usb";
+                  vendorid = "1546";
+                  productid = "01a9";
+                }
+              ];
+            }; # services.fmo-dynamic-device-passthrough
             fmo-dci = {
               enable = true;
               compose-path = "/var/lib/fogdata/docker-compose.yml";

diff --git a/hardware/fmo-os-rugged-tablet-7230.nix b/hardware/fmo-os-rugged-tablet-7230.nix
@@ -7,6 +7,11 @@
     name = "fmo-os-rugged-tablet-7230";
     ipaddr = "192.168.101.2";
     defaultgw = "192.168.101.1";
+    release = "v1.0.0a";
+
+    fmo-system = {
+      RAversion = "v0.8.4";
+    };
 
     systemPackages = [
       "vim"
@@ -36,8 +41,20 @@
 
         services = {
           fmo-psk-distribution-service-host = {
-              enable = true;
+            enable = true;
           }; # services.fmo-psk-distribution-service-host
+          fmo-dynamic-portforwarding-service-host = {
+            enable = true;
+            config-paths = {
+              netvm = "/var/netvm/netconf/dpf.config";
+            };
+          }; # services.dynamic-portforwarding-service
+          fmo-dynamic-device-passthrough-service-host = {
+            enable = true;
+          }; # services.dynamic-device-passthrough-service-host
+          fmo-config = {
+            enable = true;
+          }; # fmo-config
           registration-agent-laptop = {
             enable = true;
           }; # services.registration-agent-laptop
@@ -100,12 +117,13 @@
 
             fmo-psk-distribution-service-vm = {
               enable = true;
-            };
+            }; # services.fmo-psk-distribution-service-vm
 
-            portforwarding-service = {
+            dynamic-portforwarding-service = {
               enable = true;
               ipaddress = "192.168.100.12";
               ipaddress-path = "/etc/NetworkManager/system-connections/ip-address";
+              config-path = "/etc/NetworkManager/system-connections/dpf.config";
               configuration = [
                 {
                   dip = "192.168.101.11";
@@ -144,7 +162,7 @@
                   proto = "udp";
                 }
               ];
-            }; # services.portforwarding-service;
+            }; # services.dynamic-portforwarding-service
           }; # services
 
           microvm = {
@@ -226,6 +244,16 @@
               enable = true;
               hostname-path = "/var/lib/fogdata/hostname";
             }; # services.fmo-hostnam-service
+            fmo-dynamic-device-passthrough = {
+              enable = true;
+              devices = [
+                {
+                  bus = "usb";
+                  vendorid = "1546";
+                  productid = "01a9";
+                }
+              ];
+            }; # services.fmo-dynamic-device-passthrough
             fmo-dci = {
               enable = true;
               compose-path = "/var/lib/fogdata/docker-compose.yml";

diff --git a/modules/flake-module.nix b/modules/flake-module.nix
@@ -4,13 +4,28 @@
 #
 {inputs, ...}: {   
   flake.nixosModules = {
+    # Common fmo services/ultilities
+    fmo-common.imports = [
+      inputs.ghafOS.nixosModules.common
+      ./packages
+      ../utils/write-to-file
+    ];
+
+    # fmo services/ultilities that runs only on host
     fmo-host.imports = [
       inputs.ghafOS.nixosModules.hw-x86_64-generic
       inputs.ghafOS.nixosModules.host
       inputs.ghafOS.nixosModules.desktop
+      ./fmo-services/host-services.nix
       ./profiles/x86.nix
       ./desktop
     ];
+
+    # fmo services/ultilities that runs only on VMs
+    fmo-vm.imports = [
+      ./fmo-services/vm-services.nix
+    ];
+
     microvm.imports = [
       inputs.ghafOS.inputs.microvm.nixosModules.host
       (import "${inputs.ghafOS}/modules/microvm/networking.nix")
@@ -20,14 +35,9 @@
       # JIRA: FMO-43 for monitoring this issue.
       (import "${inputs.ghafOS}/modules/microvm/virtualization/microvm/audiovm.nix")
     ];
-    fmo-common.imports = [
-      inputs.ghafOS.nixosModules.common
-      ./packages
-      ./fmo-services
-      ../utils/write-to-file
-    ];
     installer.imports = [
       ./installers
+      ./fmo-services/registration-agent-laptop
     ];
   };
 }
diff --git a/modules/fmo-services/dynamic-device-passthrough-service-host/default.nix b/modules/fmo-services/dynamic-device-passthrough-service-host/default.nix
@@ -0,0 +1,34 @@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+{ lib, pkgs, config, ... }:
+with lib;
+let
+  cfg = config.services.fmo-dynamic-device-passthrough-service-host;
+in {
+  options.services.fmo-dynamic-device-passthrough-service-host = {
+    enable = mkEnableOption "FMO dynamic device passthrough service";
+  };
+
+  config = mkIf cfg.enable {
+    environment.systemPackages = [ pkgs.vhotplug ];
+
+    services.udev.extraRules = ''
+      SUBSYSTEM=="usb", GROUP="kvm"
+      KERNEL=="event*", GROUP="kvm"
+    '';
+
+    systemd.services."fmo-dynamic-device-passthrough-service" = {
+      script = ''
+        if ! [ -f /var/host/vmddp.conf ]; then
+          ${pkgs.fmo-tool}/bin/fmo-tool ddp generate
+        fi
+        ${pkgs.vhotplug}/bin/vhotplug -a -c /var/host/vmddp.conf
+      '';
+      serviceConfig = {
+        Type = "simple";
+        RemainAfterExit = true;
+      };
+      wantedBy = [ "multi-user.target" ];
+    };
+  };
+}
diff --git a/modules/fmo-services/dynamic-device-passthrough-service/default.nix b/modules/fmo-services/dynamic-device-passthrough-service/default.nix
@@ -0,0 +1,23 @@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+{ lib, pkgs, config, ... }:
+with lib;
+let
+  cfg = config.services.fmo-dynamic-device-passthrough;
+in {
+  options.services.fmo-dynamic-device-passthrough = {
+    enable = mkEnableOption "FMO dynamic device passthrough devices";
+
+    devices = mkOption {
+      type = types.listOf types.attrs;
+      description = ''
+        Device list to passthrough
+        {
+          bus = bus type "usb | pci", only usb is valid for now,
+          vendorid = vendorid for device,
+          productid = productid for device,
+        }
+      '';
+    };
+  };
+}