Skip to content

Commit

Permalink
FMO-85: Rebase ghaf 24.12 (#96)
Browse files Browse the repository at this point in the history 
- Update flake.lock for ghaf 24.12
- Currently admin user is used for all VMs, while there could be different users for different VMs
- Temporarily disable hardened greetd.service as it disables sudo (to be used in guivm) but FMO-OS uses gui in host

Signed-off-by: Anh Huy Bui <[email protected]>
  • Loading branch information
@buianhhuy96
buianhhuy96 authored Dec 27, 2024
1 parent 7e7ed91 commit f295015
Show file tree
Hide file tree
Showing 6 changed files with 97 additions and 64 deletions.
146 changes: 86 additions & 60 deletions flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions modules/desktop/graphics/sway/sway.ini.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -51,13 +51,13 @@ in {
config-folder = {
des-path = "${config.users.users.ghaf.home}/.config";
write-once = true;
owner = config.ghaf.users.accounts.user;
owner = config.ghaf.users.admin.name;
};
sway-config = {
source = "${swayConfig}/config";
des-path = "${config.users.users.ghaf.home}/.config/sway";
write-once = true;
owner = config.ghaf.users.accounts.user;
owner = config.ghaf.users.admin.name;
permission = "664";
};
};
Expand Down
3 changes: 3 additions & 0 deletions modules/desktop/graphics/sway/sway.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,6 +56,9 @@ in
};

config = lib.mkIf cfg.enable {
ghaf.users.admin = {
createHome = lib.mkForce true;
};

xdg.icons.enable = true;

Expand Down
2 changes: 1 addition & 1 deletion modules/packages/fmo-qemu/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
let
inherit (pkgs) lib;

inherit (import "${ghafOS.inputs.microvm}/lib" { nixpkgs-lib = lib; }) createVolumesScript makeMacvtap;
inherit (import "${ghafOS.inputs.microvm}/lib" { inherit lib; }) createVolumesScript makeMacvtap;
inherit (makeMacvtap {
inherit microvmConfig hypervisorConfig;
}) openMacvtapFds macvtapFds;
Expand Down
3 changes: 3 additions & 0 deletions modules/profiles/x86.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@ in

profiles.applications.enable = true;

# TODO: Hardened greetd disabled sudo, should be fixed when implement guivm
systemd.excludedHardenedConfigs = [ "greetd.service"];

virtualization= {
microvm-host.enable = true;
microvm-host.networkSupport = true;
Expand Down
3 changes: 2 additions & 1 deletion modules/virtualization/microvm/vm.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,8 @@
imports = [
({lib, ...}: {
ghaf = {
users.accounts.enable = lib.mkDefault configHost.ghaf.users.accounts.enable;
# TODO: Ghaf implement different types of users. Currently use admin user for all VMs
users.admin.enable = lib.mkDefault configHost.ghaf.users.admin.enable;
development = {
ssh.daemon.enable = lib.mkDefault configHost.ghaf.development.ssh.daemon.enable;
debug.tools.enable = lib.mkDefault configHost.ghaf.development.debug.tools.enable;
Expand Down

0 comments on commit f295015

Please sign in to comment.