pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / programs / schroot.nix
at 25.11-pre 4.7 kB view raw
1{ 2 config, 3 lib, 4 pkgs, 5 ... 6}: 7 8let 9 cfg = config.programs.schroot; 10 iniFmt = pkgs.formats.ini { }; 11in 12{ 13 options = { 14 programs.schroot = { 15 enable = lib.mkEnableOption "schroot, a lightweight virtualisation tool"; 16 package = lib.mkPackageOption pkgs "schroot" { }; 17 18 settings = lib.mkOption { 19 type = iniFmt.type; 20 default = { }; 21 example = { 22 "noble" = { 23 type = "directory"; 24 description = "Ubuntu 24.04 Noble"; 25 directory = "/srv/chroot/noble"; 26 users = "my-user"; 27 root-users = "my-user"; 28 personality = "linux"; 29 preserve-environment = false; 30 profile = "my-profile"; 31 shell = "/bin/bash"; 32 }; 33 }; 34 description = '' 35 Schroot configuration settings. 36 For more details, see {manpage}`schroot.conf(5)`. 37 ''; 38 }; 39 40 profiles = lib.mkOption { 41 type = lib.types.attrsOf ( 42 lib.types.submodule { 43 options = { 44 copyfiles = lib.mkOption { 45 type = lib.types.listOf lib.types.str; 46 example = [ "/etc/resolv.conf" ]; 47 description = "A list of files to copy into the chroot from the host system."; 48 }; 49 fstab = lib.mkOption { 50 type = lib.types.path; 51 example = lib.literalExpression '' 52 pkgs.writeText "my-schroot-fstab" ''' 53 /proc /proc none rw,bind 0 0 54 /sys /sys none rw,bind 0 0 55 /dev /dev none rw,bind 0 0 56 /dev/pts /dev/pts none rw,bind 0 0 57 /home /home none rw,rbind 0 0 58 /tmp /tmp none rw,bind 0 0 59 /dev/shm /dev/shm none rw,bind 0 0 60 /nix /nix none ro,bind 0 0 61 /run/current-system /run/current-system none rw,bind 0 0 62 /run/wrappers /run/wrappers none rw,bind 0 0 63 ''' 64 ''; 65 description = '' 66 A file in the format described in {manpage}`fstab(5)`, used to mount filesystems inside the chroot. 67 The mount location is relative to the root of the chroot. 68 ''; 69 }; 70 nssdatabases = lib.mkOption { 71 type = lib.types.listOf lib.types.str; 72 example = [ 73 "passwd" 74 "shadow" 75 "group" 76 "gshadow" 77 "services" 78 "protocols" 79 "networks" 80 "hosts" 81 ]; 82 description = '' 83 System databases (as described in /etc/nsswitch.conf on GNU/Linux systems) to copy into the chroot from the host. 84 ''; 85 }; 86 }; 87 } 88 ); 89 default = { }; 90 description = "Custom configuration profiles for schroot."; 91 }; 92 }; 93 }; 94 95 config = lib.mkIf cfg.enable { 96 environment = { 97 systemPackages = [ cfg.package ]; 98 99 etc = 100 { 101 # schroot requires this directory to exist 102 "schroot/chroot.d/.keep".text = ""; 103 104 "schroot/schroot.conf".source = iniFmt.generate "schroot.conf" cfg.settings; 105 } 106 // (lib.attrsets.concatMapAttrs ( 107 name: 108 { 109 copyfiles, 110 fstab, 111 nssdatabases, 112 }: 113 { 114 "schroot/${name}/copyfiles".text = (lib.strings.concatStringsSep "\n" copyfiles) + "\n"; 115 "schroot/${name}/fstab".source = fstab; 116 "schroot/${name}/nssdatabases".text = (lib.strings.concatStringsSep "\n" nssdatabases) + "\n"; 117 } 118 ) cfg.profiles); 119 }; 120 121 security.wrappers.schroot = { 122 source = "${cfg.package}/bin/schroot"; 123 owner = "root"; 124 group = "root"; 125 setuid = true; 126 }; 127 128 # Schroot requires these directories to exist 129 systemd.tmpfiles.rules = [ 130 "d /var/lib/schroot/session - root root - -" 131 "d /var/lib/schroot/unpack - root root - -" 132 "d /var/lib/schroot/union - root root - -" 133 "d /var/lib/schroot/union/overlay - root root - -" 134 "d /var/lib/schroot/union/underlay - root root - -" 135 ]; 136 }; 137}