pyrox.dev
1{ lib, ... }:
2{
3
4 name = "qemu-vm-store";
5
6 meta.maintainers = with lib.maintainers; [ nikstur ];
7
8 nodes = {
9 sharedWritable = {
10 virtualisation.writableStore = true;
11 };
12
13 sharedReadOnly = {
14 virtualisation.writableStore = false;
15 };
16
17 imageWritable = {
18 virtualisation.useNixStoreImage = true;
19 virtualisation.writableStore = true;
20 };
21
22 imageReadOnly = {
23 virtualisation.useNixStoreImage = true;
24 virtualisation.writableStore = false;
25 };
26
27 fullDisk = {
28 virtualisation.useBootLoader = true;
29 };
30 };
31
32 testScript = ''
33 build_derivation = """
34 nix-build --option substitute false -E 'derivation {
35 name = "t";
36 builder = "/bin/sh";
37 args = ["-c" "echo something > $out"];
38 system = builtins.currentSystem;
39 preferLocalBuild = true;
40 }'
41 """
42
43 start_all()
44
45 with subtest("Nix Store is writable"):
46 sharedWritable.succeed(build_derivation)
47 imageWritable.succeed(build_derivation)
48 fullDisk.succeed(build_derivation)
49
50 with subtest("Nix Store is read only"):
51 sharedReadOnly.fail(build_derivation)
52 imageReadOnly.fail(build_derivation)
53
54 # Checking whether the fs type is 9P is just a proxy to test whether the
55 # Nix Store is shared. If we switch to a different technology (e.g.
56 # virtiofs) for sharing, we need to adjust these tests.
57
58 with subtest("Nix store is shared from the host via 9P"):
59 sharedWritable.succeed("findmnt --kernel --type 9P /nix/.ro-store")
60 sharedReadOnly.succeed("findmnt --kernel --type 9P /nix/.ro-store")
61
62 with subtest("Nix store is not shared via 9P"):
63 imageWritable.fail("findmnt --kernel --type 9P /nix/.ro-store")
64 imageReadOnly.fail("findmnt --kernel --type 9P /nix/.ro-store")
65
66 with subtest("Nix store is not mounted separately"):
67 rootDevice = fullDisk.succeed("stat -c %d /")
68 nixStoreDevice = fullDisk.succeed("stat -c %d /nix/store")
69 assert rootDevice == nixStoreDevice, "Nix store is mounted separately from the root fs"
70 '';
71
72}