pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4
5let
6
7 cfg = config.virtualisation.waydroid;
8 kernelPackages = config.boot.kernelPackages;
9 waydroidGbinderConf = pkgs.writeText "waydroid.conf" ''
10 [Protocol]
11 /dev/binder = aidl2
12 /dev/vndbinder = aidl2
13 /dev/hwbinder = hidl
14
15 [ServiceManager]
16 /dev/binder = aidl2
17 /dev/vndbinder = aidl2
18 /dev/hwbinder = hidl
19 '';
20
21in
22{
23
24 options.virtualisation.waydroid = {
25 enable = mkEnableOption (lib.mdDoc "Waydroid");
26 };
27
28 config = mkIf cfg.enable {
29 assertions = singleton {
30 assertion = versionAtLeast (getVersion config.boot.kernelPackages.kernel) "4.18";
31 message = "Waydroid needs user namespace support to work properly";
32 };
33
34 system.requiredKernelConfig = with config.lib.kernelConfig; [
35 (isEnabled "ANDROID_BINDER_IPC")
36 (isEnabled "ANDROID_BINDERFS")
37 (isEnabled "ASHMEM") # FIXME Needs memfd support instead on Linux 5.18 and waydroid 1.2.1
38 ];
39
40 /* NOTE: we always enable this flag even if CONFIG_PSI_DEFAULT_DISABLED is not on
41 as reading the kernel config is not always possible and on kernels where it's
42 already on it will be no-op
43 */
44 boot.kernelParams = [ "psi=1" ];
45
46 environment.etc."gbinder.d/waydroid.conf".source = waydroidGbinderConf;
47
48 environment.systemPackages = with pkgs; [ waydroid ];
49
50 networking.firewall.trustedInterfaces = [ "waydroid0" ];
51
52 virtualisation.lxc.enable = true;
53
54 systemd.services.waydroid-container = {
55 description = "Waydroid Container";
56
57 wantedBy = [ "multi-user.target" ];
58
59 serviceConfig = {
60 ExecStart = "${pkgs.waydroid}/bin/waydroid -w container start";
61 ExecStop = "${pkgs.waydroid}/bin/waydroid container stop";
62 ExecStopPost = "${pkgs.waydroid}/bin/waydroid session stop";
63 };
64 };
65
66 systemd.tmpfiles.rules = [
67 "d /var/lib/misc 0755 root root -" # for dnsmasq.leases
68 ];
69 };
70
71}