From 8a816b5e852e621db6dba62b46d6f9dd25760e09 Mon Sep 17 00:00:00 2001 From: Jeeves Date: Mon, 24 Jun 2024 12:54:49 -0600 Subject: [PATCH] restart git repo --- .gitignore | 5 + README.md | 14 ++ flake.lock | 181 +++++++++++++++++++ flake.nix | 52 ++++++ os/db.nix | 47 +++++ os/lib.nix | 133 ++++++++++++++ os/lib/copy-file.fish | 4 + os/lib/mkiso.fish | 6 + os/lib/vm.nix | 378 ++++++++++++++++++++++++++++++++++++++++ os/windows/batch.nix | 13 ++ os/windows/unattend.nix | 247 ++++++++++++++++++++++++++ os/windows/xml.nix | 50 ++++++ server/build.zig | 51 ++++++ server/build.zig.zon | 41 +++++ server/src/libvirt.zig | 151 ++++++++++++++++ server/src/main.zig | 85 +++++++++ 16 files changed, 1458 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 flake.lock create mode 100644 flake.nix create mode 100644 os/db.nix create mode 100644 os/lib.nix create mode 100755 os/lib/copy-file.fish create mode 100755 os/lib/mkiso.fish create mode 100644 os/lib/vm.nix create mode 100644 os/windows/batch.nix create mode 100644 os/windows/unattend.nix create mode 100644 os/windows/xml.nix create mode 100644 server/build.zig create mode 100644 server/build.zig.zon create mode 100644 server/src/libvirt.zig create mode 100644 server/src/main.zig diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..bbecef7 --- /dev/null +++ b/.gitignore @@ -0,0 +1,5 @@ +random/ +server/libvirt +server/.zig-cache +server/zig-out +web/ diff --git a/README.md b/README.md new file mode 100644 index 0000000..873aeda --- /dev/null +++ b/README.md @@ -0,0 +1,14 @@ +# oslib + +Completely automated unattended one-shot VM deployment and management, using Nix and Zig. + +## Commands + +~~Create a basic Windows 7 VM called "hello". Takes \~30 mins on average.~~ +~~`sudo ./start-vm.fish --name hello`~~ + +In-progress. + +## LICENSE + +Unlicenced. diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..70d8736 --- /dev/null +++ b/flake.lock @@ -0,0 +1,181 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1719075281, + "narHash": "sha256-CyyxvOwFf12I91PBWz43iGT1kjsf5oi6ax7CrvaMyAo=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "a71e967ef3694799d0c418c98332f7ff4cc5f6af", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-ovmf": { + "locked": { + "lastModified": 1708984720, + "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1708979614, + "narHash": "sha256-FWLWmYojIg6TeqxSnHkKpHu5SGnFP5um1uUjH+wRV6g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b7ee09cf5614b02d289cd86fcfa6f24d4e078c2a", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1718622336, + "narHash": "sha256-lywfxWRBn+lwdKaBy5x5uTkbCcEPUonCn6bK8OQPsw4=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "d0fc4188d246ab953653f00e9ce0cf51d10d5eda", + "type": "github" + }, + "original": { + "owner": "nixos", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixvirt": { + "inputs": { + "nixpkgs": "nixpkgs_2", + "nixpkgs-ovmf": "nixpkgs-ovmf" + }, + "locked": { + "lastModified": 1718920754, + "narHash": "sha256-y6OX0hGvqijTQRZ7Jiyt+WCWi/+oQdq6xwjhUtOk494=", + "owner": "Nomkid", + "repo": "NixVirt", + "rev": "bf98e0864c15138361d9d9f2b5aee3d8889a0cd4", + "type": "github" + }, + "original": { + "owner": "Nomkid", + "repo": "NixVirt", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "nixvirt": "nixvirt", + "zig2nix": "zig2nix" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "zig2nix": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1719192015, + "narHash": "sha256-6hrQt6y+P0qV/VkJQ4n4bZSaZLJNYXrKecS6B1xb9Wk=", + "owner": "Cloudef", + "repo": "zig2nix", + "rev": "048bebf58984486cf45c5e4119f4b149f27d7f1f", + "type": "github" + }, + "original": { + "owner": "Cloudef", + "repo": "zig2nix", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100644 index 0000000..4b9e275 --- /dev/null +++ b/flake.nix @@ -0,0 +1,52 @@ +{ + description = "A very basic flake"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + flake-utils.url = "github:numtide/flake-utils"; + # nixvirt = { + # url = "https://flakehub.com/f/AshleyYakeley/NixVirt/*.tar.gz"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; + nixvirt.url = "github:Nomkid/NixVirt"; + zig2nix.url = "github:Cloudef/zig2nix"; + # symlink.url = "github:schuelermine/nix-symlink"; + # zig-libvirt.url = "github:Nomkid/zig-libvirt"; + }; + + outputs = { self, nixpkgs, flake-utils, nixvirt, zig2nix }: + flake-utils.lib.eachDefaultSystem (system: + let + pkgs = nixpkgs.legacyPackages.${system}; + oslib = import ./os/lib.nix { inherit pkgs system nixvirt; }; + inherit (oslib) osdb; + + zig-env = zig2nix.outputs.zig-env.${system} { zig = zig2nix.outputs.packages.${system}.zig.master.bin; }; + + hello-vm = oslib.mkVM { + name = "hello"; + uuid = "c0c49ae7-6fe4-4c39-a8ae-c80c6b689344"; + arch = "x86_64"; + isos.beforeInstall = [ + { index = 1; file = "${osdb.windows."6.1.7601".professional.x86_64.installer}/out.iso"; } + { index = 2; file = "${osdb.windows."6.1.7601".professional.x86_64.unattend}/out.iso"; } + ]; + }; + in { + apps = { + hello-start-vm = flake-utils.lib.mkApp { + drv = hello-vm.start-vm; + exePath = ""; + }; + default = zig-env.app-no-root [] "zig build run -- \"$@\""; + }; + + devShells.default = zig-env.mkShell { + nativeBuildInputs = [ pkgs.libvirt.outPath ]; + }; + + # For debugging. + inherit oslib; + } + ); +} diff --git a/os/db.nix b/os/db.nix new file mode 100644 index 0000000..71649b1 --- /dev/null +++ b/os/db.nix @@ -0,0 +1,47 @@ +{ pkgs, system }: let + sources = { + windows = { + "6.1.7601" = { + professional = let key = "HYF8J-CVRMY-CM74G-RPHKF-PW487"; in { + x86.url = "https://archive.org/download/win-7-pro-32-64-iso/32-bit/GSP1RMCPRXFRER_EN_DVD.ISO"; + x86.hash = "sha256-TPG6ryqzCgXJ9K70krterEa6oqqIZyAPDJzsW5SMy5U="; + x86_64.url = "https://archive.org/download/win-7-pro-32-64-iso/64-bit/GSP1RMCPRXFRER_EN_DVD.ISO"; + x86_64.hash = "sha256-ug50400prU2W4VW51KngN/0A80d+n8HhVuos2dBykUs="; + x86.extraUnattendConfig.productKey = key; + x86_64.extraUnattendConfig.productKey = key; + }; + }; + }; + }; + + unattend = import ./windows/unattend.nix { inherit pkgs; }; +in { + windows = + builtins.mapAttrs (version: v: + builtins.mapAttrs (edition: vv: + builtins.mapAttrs (arch: vvv: { + installer = derivation { + name = "windows-" + version + "-" + edition + "-" + arch + "-installer"; + inherit system; + builder = "${pkgs.fish}/bin/fish"; + args = [ ./lib/copy-file.fish "out.iso" ]; + src = pkgs.fetchurl { inherit (vvv) url hash; }; + inherit (pkgs) coreutils; + }; + unattend = derivation { + name = "windows-" + version + "-" + edition + "-" + arch + "-unattend"; + inherit system; + builder = "${pkgs.fish}/bin/fish"; + args = [ ./lib/mkiso.fish "out.iso" ]; + src = pkgs.writeText "Autounattend.xml" + (unattend.genConfig (pkgs.lib.attrsets.recursiveUpdate + unattend.default + vvv.extraUnattendConfig + )); + inherit (pkgs) coreutils libisoburn; + }; + }) vv + ) v + ) sources.windows; + ubuntu = {}; +} diff --git a/os/lib.nix b/os/lib.nix new file mode 100644 index 0000000..9b66f6d --- /dev/null +++ b/os/lib.nix @@ -0,0 +1,133 @@ +{ + pkgs ? import {}, + system ? builtins.currentSystem, + nixvirt, +}: let + inherit (nixvirt) lib; + vm = import ./lib/vm.nix { inherit pkgs nixvirt; }; + osdb = import ./db.nix { inherit pkgs system; }; + volumeFn = { name, size }: nixvirt.lib.volume.writeXML { + name = name + ".qcow2"; + capacity = { count = size; unit = "GB"; }; + target = { + format.type = "qcow2"; + }; + }; +in { + inherit osdb; + + mkVM = { + name, + uuid, + arch, + isos, + }: let + base = { + inherit name uuid arch; + volume.index = 0; + volume.bus = "sata"; + volume.file = "/var/lib/libvirt/images/${name}.qcow2"; + }; + idxToDev = i: builtins.substring i 1 "abcdefg"; + + volume = volumeFn { size = 16; inherit name; }; + + beforeInstall = isos.beforeInstall; # Required attribute. + afterInstall = if builtins.hasAttr "afterInstall" isos then isos.afterInstall else []; + beforeBoot = if builtins.hasAttr "beforeBoot" isos then isos.beforeBoot else []; + afterBoot = if builtins.hasAttr "afterBoot" isos then isos.afterBoot else []; + beforeInstallDrv = lib.domain.writeXML (vm.genericVM (base // { + cdroms = map (x: { + inherit (x) index file; + bus = "sata"; + dev = "sd" + idxToDev x.index; + }) (beforeInstall); + })); + afterInstallDrv = lib.domain.writeXML (vm.genericVM (base // { + cdroms = map (x: { + inherit (x) index file; + bus = "sata"; + dev = "sd" + idxToDev x.index; + }) (afterInstall); + })); + beforeBootDrv = lib.domain.writeXML (vm.genericVM (base // { + cdroms = map (x: { + inherit (x) index file; + bus = "sata"; + dev = "sd" + idxToDev x.index; + }) (beforeBoot); + })); + afterBootDrv = lib.domain.writeXML (vm.genericVM (base // { + cdroms = map (x: { + inherit (x) index file; + bus = "sata"; + dev = "sd" + idxToDev x.index; + }) (afterBoot); + })); + in derivation { + inherit name system; + builder = "${pkgs.fish}/bin/fish"; + args = [ ./lib/mkvm.fish ]; + + start-vm = pkgs.writeScript "start-vm" + '' + #!/usr/bin/env fish + + function quickExit + virsh destroy ${name} + exit + end + + function interrupt_handler --on-signal INT + echo Got INT signal, cleaning up and exiting... + quickExit + end + + echo "moving to beforeInstall stage" + # rm /var/lib/libvirt/images/${name}.qcow2 + # virsh vol-delete --pool default '${name}.qcow2' + virsh vol-create default ${volume} + virsh define ${beforeInstallDrv} + virsh start '${name}' + + fish -c 'virsh console ${name} 2>/dev/null | while read -l out; if test $out = "$(string unescape ready\r\n)"; sleep 60; exit; end; end' + + # virsh console '${name}' 2>/dev/null | while read -l out + # # echo out: $out (string unescape \r) + # if test $out = "$(string unescape ready\r\n)" + # echo "waiting 60 seconds" + # sleep 60 + # virsh shutdown '${name}' + # end + # end + + echo "moving to afterInstall stage" + virsh define ${afterInstallDrv} + virsh snapshot-create-as '${name}' '${builtins.baseNameOf afterInstallDrv}' + + virsh console '${name}' 2>/dev/null | while read -l out + if test $out = "$(string unescape ready\r\n)" + echo "waiting 60 seconds" + sleep 60 + virsh shutdown '${name}' + end + end + + echo "moving to beforeBoot stage" + virsh define ${beforeBootDrv} + virsh snapshot-create-as '${name}' '${builtins.baseNameOf beforeBootDrv}' + + virsh console '${name}' 2>/dev/null | while read -l out + if test $out = "$(string unescape ready\r\n)" + echo "waiting 60 seconds" + sleep 60 + virsh shutdown '${name}' + end + end + + echo "moving to afterBoot stage" + virsh define ${afterBootDrv} + virsh snapshot-create-as '${name}' '${builtins.baseNameOf afterBootDrv}' + ''; + }; +} diff --git a/os/lib/copy-file.fish b/os/lib/copy-file.fish new file mode 100755 index 0000000..54e0142 --- /dev/null +++ b/os/lib/copy-file.fish @@ -0,0 +1,4 @@ +#!/usr/bin/env fish +fish_add_path $coreutils/bin +mkdir $out +cp $src $out/$argv[1] diff --git a/os/lib/mkiso.fish b/os/lib/mkiso.fish new file mode 100755 index 0000000..a15da2f --- /dev/null +++ b/os/lib/mkiso.fish @@ -0,0 +1,6 @@ +#!/usr/bin/env fish +fish_add_path $coreutils/bin $libisoburn/bin +mkdir $out +mkdir -p $TMP/iso +cp $src $TMP/iso/Autounattend.xml +xorrisofs -v -J -r -o $out/$argv[1] $TMP/iso diff --git a/os/lib/vm.nix b/os/lib/vm.nix new file mode 100644 index 0000000..020371b --- /dev/null +++ b/os/lib/vm.nix @@ -0,0 +1,378 @@ +{ pkgs, nixvirt }: rec { + inherit (pkgs) lib; + inherit (nixvirt) xml; + + genericVM = { name, uuid, arch, volume, cdroms, ... }: { + inherit name uuid; + type = "kvm"; + memory = { count = 4194304; unit = "KiB"; }; + vcpu = { placement = "static"; count = 4; }; + os = { + inherit arch; + type = "hvm"; + machine = "pc-q35-8.1"; + boot = [{ dev = "cdrom"; }]; #{ dev = "hd"; }]; + bootmenu.enable = false; + smbios.mode = "sysinfo"; + }; + sysinfo = { + type = "smbios"; + bios.entry = [ + { name = "vendor"; value = "Dell"; } + ]; + system.entry = [ + { name = "manufacturer"; value = "Dell"; } + { name = "product"; value = "Dell"; } + { name = "version"; value = "9.5.4"; } + ]; + }; + features = { + acpi = {}; + apic = {}; + hyperv = { + mode = "custom"; + relaxed.state = true; + vapic.state = true; + spinlocks.state = true; + spinlocks.retries = 8191; + }; + kvm.hidden.state = true; + vmport.state = false; + }; + cpu = { + mode = "host-passthrough"; + check = "none"; + migratable = true; + topology = { + sockets = 1; + dies = 1; + cores = 4; + threads = 1; + }; + feature = [ + { policy = "disable"; name = "hypervisor"; } + ]; + }; + clock = { + offset = "localtime"; + timer = [ + { name = "rtc"; tickpolicy = "catchup"; } + { name = "pit"; tickpolicy = "delay"; } + { name = "hpet"; present = false; } + { name = "hypervclock"; present = true; } + ]; + }; + on_poweroff = "destroy"; + on_reboot = "restart"; + on_crash = "restart"; + pm.suspend-to-mem.enabled = false; + pm.suspend-to-disk.enabled = false; + devices = let + pci_address = bus: slot: function: { + type = "pci"; + domain = 0; + bus = bus; + slot = slot; + inherit function; + }; + usb_address = port: { + type = "usb"; + bus = 0; + inherit port; + }; + drive_address = unit: { + type = "drive"; + controller = 0; + bus = 0; + target = 0; + inherit unit; + }; + mksourcetype = with builtins; + src: + if isAttrs src && src ? "volume" then "volume" + else "file"; + mksource = with builtins; + src: + if isString src || isPath src then { file = src; } + else src; + in { + emulator = "/run/current-system/sw/bin/qemu-system-x86_64"; + disk = [{ + type = mksourcetype volume; + device = "disk"; + driver = { name = "qemu"; type = "qcow2"; discard = "unmap"; }; #cache = "writeback"; }; + source = mksource volume; + target = { bus = volume.bus; dev = "sda"; }; + address = drive_address volume.index; + serial = "SEAG445692"; + vendor = if volume.bus == "scsi" then "Seagate" else null; + product = if volume.bus == "scsi" then "HDD" else null; + }] ++ (map (x: { + type = "file"; + device = "cdrom"; + driver = { name = "qemu"; type = "raw"; }; + target = { bus = x.bus; dev = x.dev; }; + readonly = true; + address = drive_address x.index; + source = { + inherit (x) file; + # startupPolicy = "mandatory"; + }; + # inherit (x) serial vendor product; + serial = "WD-WMAP9A966149"; + vendor = if x.bus == "scsi" then "WD" else null; + product = if x.bus == "scsi" then "DVDROM" else null; + }) (cdroms)); + controller = [ + { + type = "usb"; + index = 0; + # model = "qemu-xhci"; + model = "ich9-ehci1"; + # ports = 15; + address = pci_address 0 29 7; + } + { + type = "scsi"; + index = 0; + model= "lsisas1068"; + address = pci_address 16 1 0; + } + # { + # type = "sata"; + # index = 0; + # address = pci_address 0 31 2; + # } + { + type = "pci"; + index = 0; + model = "pcie-root"; + } + { + type = "virtio-serial"; + index = 0; + address = pci_address 1 0 0; + } + # { + # type = "ccid"; + # index = 0; + # address = usb_address 1; + # } + { + type = "pci"; + index = 1; + model = "pcie-root-port"; + address = pci_address 0 2 0 // { multifunction = true; }; + } + { + type = "pci"; + index = 16; + model = "pcie-to-pci-bridge"; + address = pci_address 3 0 0; + } + { + type = "pci"; + index = 2; + model = "pcie-root-port"; + address = pci_address 0 2 1; + } + { + type = "pci"; + index = 3; + model = "pcie-root-port"; + address = pci_address 0 2 2; + } + { + type = "pci"; + index = 4; + model = "pcie-root-port"; + address = pci_address 0 2 3; + } + { + type = "pci"; + index = 5; + model = "pcie-root-port"; + address = pci_address 0 2 4; + } + { + type = "pci"; + index = 6; + model = "pcie-root-port"; + address = pci_address 0 2 5; + } + { + type = "pci"; + index = 7; + model = "pcie-root-port"; + address = pci_address 0 2 6; + } + { + type = "pci"; + index = 8; + model = "pcie-root-port"; + address = pci_address 0 2 7; + } + { + type = "pci"; + index = 9; + model = "pcie-root-port"; + address = pci_address 0 3 0 // { multifunction = true; }; + } + { + type = "pci"; + index = 10; + model = "pcie-root-port"; + address = pci_address 0 3 1; + } + { + type = "pci"; + index = 11; + model = "pcie-root-port"; + address = pci_address 0 3 2; + } + { + type = "pci"; + index = 12; + model = "pcie-root-port"; + address = pci_address 0 3 3; + } + { + type = "pci"; + index = 13; + model = "pcie-root-port"; + address = pci_address 0 3 4; + } + { + type = "pci"; + index = 14; + model = "pcie-root-port"; + address = pci_address 0 3 5; + } + { + type = "pci"; + index = 15; + model = "pcie-root-port"; + address = pci_address 0 3 6; + } + ]; + interface = { + type = "network"; + mac = { address = "52:54:00:10:c4:28"; }; + source = { network = "default"; }; + model = { type = "e1000e"; }; + address = pci_address 4 0 0; + }; + # smartcard = { + # mode = "passthrough"; + # type = "spicevmc"; + # address = { + # type = "ccid"; + # controller = 0; + # slot = 0; + # }; + # }; + serial = { + type = "pty"; + target = { + type = "isa-serial"; + port = 0; + model = { name = "isa-serial"; }; + }; + }; + console = { + type = "pty"; + target = { type = "serial"; port = 0; }; + }; + channel = [ + { + type = "spicevmc"; + target = { + type = "virtio"; + name = "com.redhat.spice.0"; + }; + address = { + type = "virtio-serial"; + controller = 0; + bus = 0; + port = 1; + }; + } + ]; + input = [ + { + type = "tablet"; + bus = "usb"; + address = usb_address 2; + } + { + type = "mouse"; + bus = "ps2"; + } + { + type = "keyboard"; + bus = "ps2"; + } + ]; + # tpm = { + # model = "tpm-crb"; + # backend = { + # type = "emulator"; + # version = "2.0"; + # }; + # }; + graphics = { + type = "spice"; + autoport = true; + listen = { type = "address"; address = "127.0.0.1"; }; + image = { compression = false; }; + gl = { enable = false; }; + }; + sound = { + model = "ich9"; + address = pci_address 0 27 0; + }; + audio = { + id = 1; + type = "spice"; + }; + video = { + model = { + type = "qxl"; + ram = 65536; + vram = 65536; + vgamem = 16384; + heads = 1; + primary = true; + acceleration = { accel3d = false; }; + }; + address = pci_address 0 1 0; + }; + # redirdev = [ + # { + # bus = "usb"; + # type = "spicevmc"; + # address = usb_address 3; + # } + # { + # bus = "usb"; + # type = "spicevmc"; + # address = usb_address 4; + # } + # { + # bus = "usb"; + # type = "spicevmc"; + # address = usb_address 5; + # } + # { + # bus = "usb"; + # type = "spicevmc"; + # address = usb_address 6; + # } + # ]; + watchdog = { + model = "itco"; + action = "reset"; + }; + }; + }; +} diff --git a/os/windows/batch.nix b/os/windows/batch.nix new file mode 100644 index 0000000..aaf2d00 --- /dev/null +++ b/os/windows/batch.nix @@ -0,0 +1,13 @@ +{ pkgs }: { + stuff = {}; + + genBatchScript = { + name, + commands, + }: let + # commandsString = pkgs.lib.strings.concatStringsSep "\r\n" commands; + in pkgs.lib.strings.concatStringsSep "\r\n" [ + "@echo off" + commands + ]; +} diff --git a/os/windows/unattend.nix b/os/windows/unattend.nix new file mode 100644 index 0000000..2ef2430 --- /dev/null +++ b/os/windows/unattend.nix @@ -0,0 +1,247 @@ +{ pkgs }: rec { + xml = import ./xml.nix; + # generate = import ./generate.nix; + + settingsPass = name: contents: xml.elem "settings" [ (xml.attr "pass" name) ] contents; + + component = name: subelems: xml.elem "component" [ + (xml.attr "name" name) + (xml.attr "processorArchitecture" "amd64") + (xml.attr "publicKeyToken" "31bf3856ad364e35") + (xml.attr "language" "neutral") + (xml.attr "versionScope" "nonSxS") + (xml.attr "xmlns:wcm" "http://schemas.microsoft.com/WMIConfig/2002/State") + (xml.attr "xmlns:xsi" "http://www.w3.org/2001/XMLSchema-instance") + ] subelems; + + listElem = n: v: xml.elem n [ (xml.attr "wcm:action" "add") ] v; + list = name: subname: items: xml.elem name [] (map (item: listElem subname item) items); + + elem = name: contents: xml.elem name [] contents; + + typeCheck = tname: test: x: + if test x then x else builtins.abort ("expected " + tname + ", found " + builtins.typeOf x); + typeConvert = tname: test: conv: x: conv (typeCheck tname test x); + typeString = typeConvert "string" builtins.isString (x: x); + typeInt = typeConvert "int" builtins.isInt builtins.toString; + typeBool = typeConvert "bool" builtins.isBool (t: if t then "true" else "false"); + typeBoolAlwaysNever = typeConvert "bool" builtins.isBool (t: if t then "Always" else "Never"); + + mkElem = name: type: option: elem name (type option); + + optional = config: name: elem: xml.opt (builtins.hasAttr name config) elem; + + process = config: xml.elem "unattend" [ (xml.attr "xmlns" "urn:schemas-microsoft-com:unattend") ] [ + (settingsPass "specialize" [ + (component "Microsoft-Windows-Shell-Setup" [ + (optional config "oemInfo" (mkElem "OEMInformation" [ + (mkElem "Manufacturer" typeString config.oemInfo.manufacturer) + (mkElem "Model" typeString config.oemInfo.model) + ])) + (mkElem "ComputerName" typeString config.name) + (optional config "productKey" (mkElem "ProductKey" typeString config.productKey)) + (mkElem "TimeZone" typeString config.locale.timeZone) + ]) + + (component "Microsoft-Windows-Security-SPP-UX" [ + (elem "SkipAutoActivation" "true") + ]) + + (component "Microsoft-Windows-Deployment" [ + (list "RunSynchronous" "RunSynchronousCommand" [ + [ + (elem "Description" "Notify Host") + (elem "Order" "1") + (elem "Path" "cmd.exe /C echo specialize>COM1") + ] + ]) + ]) + ]) + + (settingsPass "windowsPE" [ + (component "Microsoft-Windows-Setup" [ + (elem "DiskConfiguration" [ + (mkElem "WillShowUI" typeBoolAlwaysNever config.diskConfig.showUI) + (xml.elem "Disk" [ (xml.attr "wcm:action" "add") ] [ + (list "CreatePartitions" "CreatePartition" [ + [ + (elem "Order" "1") + (elem "Size" "100") + (elem "Type" "Primary") + ] + [ + (elem "Order" "2") + (elem "Extend" "true") + (elem "Type" "Primary") + ] + ]) + (list "ModifyPartitions" "ModifyPartition" [ + [ + (elem "Format" "NTFS") + (elem "Label" "System Reserved") + (elem "Order" "1") + (elem "Active" "true") + (elem "PartitionID" "1") + (elem "TypeID" "0x27") + ] + [ + (elem "Format" "NTFS") + (elem "Label" "Local Disk") + (elem "Order" "2") + (elem "Active" "true") + (elem "PartitionID" "1") + (elem "Letter" "C") + ] + ]) + (elem "DiskID" "0") + (elem "WillWipeDisk" "true") + ]) + ]) + (elem "DynamicUpdate" [ + (mkElem "WillShowUI" typeBoolAlwaysNever config.dynamicUpdate.showUI) + ]) + (elem "ImageInstall" [ + (elem "OSImage" [ + (elem "InstallTo" [ + (elem "DiskID" "0") + (elem "PartitionID" "2") + ]) + (elem "InstallToAvailablePartition" "false") + (elem "WillShowUI" "Never") + ]) + ]) + (elem "UserData" [ + (elem "ProductKey" [ + (optional config "productKey" (mkElem "Key" typeString config.productKey)) + ]) + (mkElem "AcceptEula" typeBool config.userData.acceptEula) + (mkElem "FullName" typeString config.userData.fullName) + (mkElem "Organization" typeString config.userData.organization) + ]) + ]) + (component "Microsoft-Windows-International-Core-WinPE" [ + (elem "SetupUILanguage" [ + (mkElem "UILanguage" typeString config.locale.language) + (mkElem "WillShowUI" typeBoolAlwaysNever config.locale.showUI) + ]) + (mkElem "InputLocale" typeString config.locale.input) + (mkElem "SystemLocale" typeString config.locale.language) + (mkElem "UILanguage" typeString config.locale.language) + (mkElem "UserLocale" typeString config.locale.language) + ]) + ]) + + (settingsPass "generalize" [ + (component "Microsoft-Windows-Security-SPP" [ + (elem "SkipRearm" "1") + ]) + ]) + + (settingsPass "oobeSystem" [ + (component "Microsoft-Windows-International-Core" [ + (mkElem "InputLocale" typeString config.locale.input) + (mkElem "UILanguage" typeString config.locale.language) + (mkElem "UserLocale" typeString config.locale.language) + ]) + + (component "Microsoft-Windows-Shell-Setup" [ + (mkElem "RegisteredOwner" typeString config.userData.fullName) + (mkElem "RegisteredOrganization" typeString config.userData.organization) + (elem "DisableAutoDaylightTimeSet" "false") + (elem "OOBE" [ + (elem "HideEULAPage" "true") + (elem "HideWirelessSetupInOOBE" "true") + (elem "NetworkLocation" "Home") + (elem "ProtectYourPC" "3") + (elem "SkipMachineOOBE" "true") + (elem "SkipUserOOBE" "true") + ]) + (list "FirstLogonCommands" "SynchronousCommand" (map (item: [ + (mkElem "Description" typeString item.description) + (mkElem "CommandLine" typeString item.command) + (mkElem "Order" typeInt item.order) + ]) config.firstLogonCommands)) + # TODO make autologin reference the users list + (if builtins.hasAttr "autoLogon" config then + (elem "AutoLogon" [ + (elem "Enabled" "true") + (mkElem "Username" typeString config.autoLogon.username) + (elem "Password" [ + (mkElem "Value" typeString config.autoLogon.password) + (elem "PlainText" "true") + ]) + ]) + else + (elem "AutoLogon" [ (elem "Enabled" "false") ]) + ) + (xml.elem "UserAccounts" [] [ + (list "LocalAccounts" "LocalAccount" (map (user: [ + (elem "DisplayName" user.displayName) + (elem "Name" user.name) + (elem "Group" user.group) + (if user.password.enable then + (elem "Password" [ + (elem "Value" user.password.value) + (elem "PlainText" user.password.plainText) + ]) + else + (elem "Password" [ + (elem "Value" "") + (elem "PlainText" "true") + ]) + ) + ]) config.users)) + ]) + ]) + ]) + ]; + + default = let + user = { + name = "idiot"; + displayName = "Idiot"; + group = "Administrators"; + password.enable = false; + }; + in { + name = user.displayName + "-PC"; + locale = { + language = "en-US"; + timeZone = "Mountain Standard Time"; + input = "1033:00000409"; + showUI = false; + }; + users = [ user ]; + skipAutoActivation = true; + diskConfig = { + showUI = false; + }; + dynamicUpdate.showUI = false; + userData = { + acceptEula = true; + fullName = user.displayName; + organization = "Dumbass Inc."; + }; + firstLogonCommands = [ + { + order = 1; + description = "Disable Auto Updates"; + command = "reg add \"HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\Auto Update\" /v AUOptions /t REG_DWORD /d 1 /f"; + } + { + order = 2; + description = "Notify Host"; + command = "cmd.exe /C echo ready>COM1"; + } + ]; + autoLogon = { + username = "idiot"; + password = ""; + }; + }; + + genConfig = config: builtins.concatStringsSep "" [ + "\r\n" + (xml.toText (process config)) + ]; +} diff --git a/os/windows/xml.nix b/os/windows/xml.nix new file mode 100644 index 0000000..1e66eac --- /dev/null +++ b/os/windows/xml.nix @@ -0,0 +1,50 @@ +with builtins; +let + indentLine = i: s: + if i == 0 then s + "\r\n" else " " + indentLine (i - 1) s; + + escapeText = replaceStrings [ "&" "<" ">" "'" "\"" ] [ "&" "<" ">" "'" """ ]; + + concat = concatStringsSep ""; + + none = i: ""; + + opt = t: e: + if t then e else none; + + many = ee: i: concat (map (e: e i) ee); + + attr = n: v: i: " " + n + "=\"" + escapeText v + "\""; + + elem = etype: aa: body: i: + let + head = "<" + etype + concat (map (a: a i) aa); + starttag = head + ">"; + endtag = ""; + onlytag = head + "/>"; + in + if isNull body + then indentLine i onlytag + else if isString body + then if body == "" + then indentLine i onlytag + else indentLine i (starttag + escapeText body + endtag) + else if isList body + then + let + contents = many body (i + 1); + in + if contents == "" + then indentLine i onlytag + else + indentLine i starttag + + contents + + indentLine i endtag + else throw ("expected null, text, or list; found " + builtins.typeOf body) + ; + + toText = e: e 0; +in +{ + inherit none opt many attr elem toText; +} diff --git a/server/build.zig b/server/build.zig new file mode 100644 index 0000000..3f221e9 --- /dev/null +++ b/server/build.zig @@ -0,0 +1,51 @@ +const std = @import("std"); + +pub fn build(b: *std.Build) !void { + const target = b.standardTargetOptions(.{}); + const optimize = b.standardOptimizeOption(.{}); + + const translate_c = b.addTranslateC(.{ + .root_source_file = b.path("libvirt/include/libvirt/libvirt.h"), + .target = target, + .optimize = optimize, + }); + translate_c.addIncludeDir("libvirt/include"); + + const output = b.addInstallFile(translate_c.getOutput(), "libvirt.zig"); + + const exe = b.addExecutable(.{ + .name = "server", + .root_source_file = b.path("src/main.zig"), + .target = target, + .optimize = optimize, + }); + exe.step.dependOn(&output.step); + exe.linkLibC(); + exe.root_module.addIncludePath(b.path("libvirt/include")); + // exe.linkSystemLibrary("libvirt"); + exe.addLibraryPath(b.path("libvirt/lib")); + exe.addObjectFile(b.path("libvirt/lib/libvirt.so.0.10000.0")); + exe.addObjectFile(b.path("libvirt/lib/libvirt-admin.so.0.10000.0")); + exe.addObjectFile(b.path("libvirt/lib/libvirt-qemu.so.0.10000.0")); + b.installArtifact(exe); + + const run_cmd = b.addRunArtifact(exe); + run_cmd.step.dependOn(b.getInstallStep()); + if (b.args) |args| { + run_cmd.addArgs(args); + } + + const run_step = b.step("run", "Run the app"); + run_step.dependOn(&run_cmd.step); + + const exe_unit_tests = b.addTest(.{ + .root_source_file = b.path("src/main.zig"), + .target = target, + .optimize = optimize, + }); + + const run_exe_unit_tests = b.addRunArtifact(exe_unit_tests); + + const test_step = b.step("test", "Run unit tests"); + test_step.dependOn(&run_exe_unit_tests.step); +} diff --git a/server/build.zig.zon b/server/build.zig.zon new file mode 100644 index 0000000..ea1b5d8 --- /dev/null +++ b/server/build.zig.zon @@ -0,0 +1,41 @@ +.{ + .name = "server", + .version = "0.0.0", + //.minimum_zig_version = "0.11.0", + .dependencies = .{ + // See `zig fetch --save ` for a command-line interface for adding dependencies. + //.example = .{ + // // When updating this field to a new URL, be sure to delete the corresponding + // // `hash`, otherwise you are communicating that you expect to find the old hash at + // // the new URL. + // .url = "https://example.com/foo.tar.gz", + // + // // This is computed from the file contents of the directory of files that is + // // obtained after fetching `url` and applying the inclusion rules given by + // // `paths`. + // // + // // This field is the source of truth; packages do not come from a `url`; they + // // come from a `hash`. `url` is just one of many possible mirrors for how to + // // obtain a package matching this `hash`. + // // + // // Uses the [multihash](https://multiformats.io/multihash/) format. + // .hash = "...", + // + // // When this is provided, the package is found in a directory relative to the + // // build root. In this case the package's hash is irrelevant and therefore not + // // computed. This field and `url` are mutually exclusive. + // .path = "foo", + + // // When this is set to `true`, a package is declared to be lazily + // // fetched. This makes the dependency only get fetched if it is + // // actually used. + // .lazy = false, + //}, + }, + + .paths = .{ + "build.zig", + "build.zig.zon", + "src", + }, +} diff --git a/server/src/libvirt.zig b/server/src/libvirt.zig new file mode 100644 index 0000000..a851cb4 --- /dev/null +++ b/server/src/libvirt.zig @@ -0,0 +1,151 @@ +const std = @import("std"); +const mem = std.mem; +const heap = std.heap; + +pub const c = @cImport({ + @cInclude("libvirt/libvirt.h"); + @cInclude("libvirt/libvirt-admin.h"); + @cInclude("libvirt/libvirt-lxc.h"); + @cInclude("libvirt/libvirt-qemu.h"); + @cInclude("libvirt/virterror.h"); +}); + +fn handleError() VirError { + const err = c.virGetLastError(); + std.debug.print("err: {any}\n", .{err}); + return VirError.OK; + // switch (err.*.code) { + // 0 => return VirError.OK, + // 1 => return VirError.InternalError, + // 2 => return VirError.NoMemory, + // // TODO rest + // else => VirError.OK, + // } +} + +pub const VirError = error{ + OK, + InternalError, + NoMemory, + NoSupport, + UnknownHost, + NoConnect, + InvalidConn, + InvalidDomain, + InvalidArg, + OperationFailed, + GetFailed, + PostFailed, + HttpError, + SExprError, + NoXen, + XenCall, + OsType, + NoKernel, + NoRoot, + NoSource, + NoTarget, + NoName, + NoOs, + NoDevice, + NoXenstore, + DriverFull, + CallFailed, + XmlError, + DomExist, + OperationDenied, + OpenFailed, + ReadFailed, + ParseFailed, + ConfSyntax, + // TODO rest +}; + +pub const Connection = struct { + conn: c.virConnectPtr, + allocator: mem.Allocator, + + pub fn connect(uri: []const u8, allocator: mem.Allocator) VirError!Connection { + const connection = c.virConnectOpenAuth(@ptrCast(uri), c.virConnectAuthPtrDefault, 0); + if (connection) |conn| return .{ + .conn = conn, + .allocator = allocator, + } else return handleError(); + } + + pub fn close(self: *const Connection) void { + _ = c.virConnectClose(self.conn); + } + + pub fn getURI(self: *const Connection) ![]u8 { + const uri = c.virConnectGetURI(self.conn); + defer std.c.free(uri); + return try self.allocator.dupe(u8, mem.span(uri)); + } + + pub fn freeURI(self: *const Connection, uri: []u8) void { + self.allocator.free(uri); + } + + pub fn numOfDomains(self: *const Connection) !u32 { + return @intCast(c.virConnectNumOfDomains(self.conn)); + } + + pub fn numOfDefinedDomains(self: *const Connection) !u32 { + return @intCast(c.virConnectNumOfDefinedDomains(self.conn)); + } + + pub fn iterateDomains(self: *const Connection, flags: []const Domain.Flags) Domain.Iterator { + var list: [*]c.virDomainPtr = undefined; + var flags_int: c_uint = 0; + for (flags) |f| flags_int |= @intFromEnum(f); + const num = c.virConnectListAllDomains(self.conn, @ptrCast(&list), flags_int); + return .{ + .list = list, + .num = num, + .curr = 0, + }; + } +}; + +pub const Domain = struct { + ptr: c.virDomainPtr, + + pub fn getName(self: *const Domain) []const u8 { + const name = c.virDomainGetName(self.ptr); + return mem.span(name); + } + + pub fn isActive(self: *const Domain) bool { + const active = c.virDomainIsActive(self.ptr); + return if (active == 0) false else true; + } + + pub const Flags = enum(c_uint) { + ListDomainsActive = c.VIR_CONNECT_LIST_DOMAINS_ACTIVE, + ListDomainsInactive = c.VIR_CONNECT_LIST_DOMAINS_INACTIVE, + }; + + pub const Iterator = struct { + list: [*]c.virDomainPtr, + num: c_int, + curr: usize, + + pub fn deinit(self: *Iterator) void { + var i: usize = 0; + while (i < self.num) : (i += 1) _ = c.virDomainFree(self.list[i]); + } + + pub fn first(self: *Iterator) Domain { + self.curr = 0; + return .{ .ptr = self.list[self.curr] }; + } + + pub fn next(self: *Iterator) ?Domain { + if (self.curr >= self.num) return null; + const ptr = self.list[self.curr]; + self.curr += 1; + return .{ .ptr = ptr }; + } + }; +}; diff --git a/server/src/main.zig b/server/src/main.zig new file mode 100644 index 0000000..19b8814 --- /dev/null +++ b/server/src/main.zig @@ -0,0 +1,85 @@ +const std = @import("std"); +const fs = std.fs; +const libvirt = @import("libvirt.zig"); + +pub fn main() !void { + var gpa = std.heap.GeneralPurposeAllocator(.{}){}; + defer _ = gpa.deinit(); + const allocator = gpa.allocator(); + + // std.debug.print("{any}\n", .{libvirt.c.virConnectAuthPtr}); + + const connection = try libvirt.Connection.connect("qemu+ssh://jeeves@evil.lan/system", allocator); + defer connection.close(); + + const uri = try connection.getURI(); + defer connection.freeURI(uri); + std.debug.print("uri: {s}\n", .{uri}); + + const num_active = try connection.numOfDomains(); + const num_inactive = try connection.numOfDefinedDomains(); + std.debug.print("active: {d}, inactive: {d}\n", .{ num_active, num_inactive }); + + var domain_iter = connection.iterateDomains(&[_]libvirt.Domain.Flags{ + libvirt.Domain.Flags.ListDomainsActive, + libvirt.Domain.Flags.ListDomainsInactive, + }); + defer domain_iter.deinit(); + + while (domain_iter.next()) |domain| { + const active = domain.isActive(); + const name = domain.getName(); + std.debug.print("name: {s}, active: {any}\n", .{ name, active }); + } + + // const connection = libvirt.c.virConnectOpenAuth("qemu+ssh://jeeves@evil.lan/system", libvirt.c.virConnectAuthPtrDefault, 0); + // if (connection) |conn| { + // const conn_uri = libvirt.c.virConnectGetURI(conn); + // defer std.c.free(@ptrCast(conn_uri)); + // if (conn_uri) |uri| { + // std.debug.print("conn uri: {s}\n", .{uri}); + // } + + // const num_active_domains = libvirt.c.virConnectNumOfDomains(conn); + // const num_inactive_domains = libvirt.c.virConnectNumOfDefinedDomains(conn); + + // std.debug.print("there are {d} active and {d} inactive domains\n", .{ num_active_domains, num_inactive_domains }); + + // var domain_list: [*]libvirt.c.virDomainPtr = undefined; + // const flags = libvirt.c.VIR_CONNECT_LIST_DOMAINS_ACTIVE | libvirt.c.VIR_CONNECT_LIST_DOMAINS_INACTIVE; + // const num_domains = libvirt.c.virConnectListAllDomains(conn, @ptrCast(&domain_list), flags); + + // var i: usize = 0; + // while (i < num_domains) : (i += 1) { + // const active = libvirt.c.virDomainIsActive(domain_list[i]); + // const name = libvirt.c.virDomainGetName(domain_list[i]); + // std.debug.print("name: {s}, active: {any}\n", .{ name, active }); + // _ = libvirt.c.virDomainFree(domain_list[i]); + // } + // } + + // var flake = try fs.cwd().createFile("flake.nix", .{}); + // defer flake.close(); + // try flake.writeAll( + // \\{ + // \\ description = "vm-flake"; + // \\ inputs.oslib.url = "git+https://git.jeevio.xyz/jeeves/oslib"; + // \\ outputs = { self, oslib }: oslib.vmFlake { + // \\ + // \\ }; + // \\} + // ); +} + +pub const DomainSpec = struct { + os: Quad, + preinstalledSoftware: []const []const u8, + modules: []const []const u8, +}; + +pub const Quad = struct { + name: []const u8, + version: []const u8, + edition: []const u8, + arch: []const u8, +};