Attempt to switch test vm to musl?

2026-05-30 18:04:34 +00:00 · 2026-03-28 14:48:17 +01:00
parent 7c07c9b6fd
commit 3b74f1377c
14 changed files with 233 additions and 89 deletions
@@ -61,7 +61,7 @@ let
    '';

    buildPhase = ''
-      npm run build:tsgo
+      npm run build:src:tsgo
    '';

    installPhase = ''
@@ -72,7 +72,7 @@ let
      npm prune --omit dev --no-save  --offline
      rm -v dist/src.tsbuildinfo
      rm -rv scripts
-      time ${./nix/trimNodeModules.sh}
+      # time ${./nix/trimNodeModules.sh}

      # Copy outputs
      echo "Installing package into $out"
@@ -13,7 +13,9 @@ let
  jsonFormat = pkgs.formats.json { };
 in
 {
-  imports = [ ];
+  imports = [
+    ./shared-config.nix
+  ];
  options.services.spacebarchat-server.adminApi = lib.mkOption {
    default = { };
    description = "Configuration for admin api.";
@@ -22,7 +24,7 @@ in
        enable = lib.mkEnableOption "Enable admin api.";
        extraConfiguration = lib.mkOption {
          type = jsonFormat.type;
-          default = import ./default-appsettings-json.nix;
+          default = { };
          description = "Extra appsettings.json configuration for the gateway offload daemon.";
        };
      };
@@ -35,7 +37,7 @@ in
    in
    {
      assertions = [
-        (import ./assert-has-connection-string.nix "Admin API" cfg.adminApi.extraConfiguration)
+        (import ./assert-has-connection-string.nix "Admin API" cfg)
      ];

      services.spacebarchat-server.settings.admin = {
@@ -58,7 +60,7 @@ in
            CONFIG_READONLY = 1;
            ASPNETCORE_URLS = "http://0.0.0.0:${toString cfg.adminApiEndpoint.localPort}";
            STORAGE_LOCATION = cfg.cdnPath;
-            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-adminapi.json" (lib.recursiveUpdate (import ./default-appsettings-json.nix) cfg.adminApi.extraConfiguration);
+            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-adminapi.json" (lib.recursiveUpdate cfg.cs.defaultAppsettings cfg.adminApi.extraConfiguration);
          }
        );
        serviceConfig = {
@@ -1,4 +1,8 @@
-name: extraConfig: {
+name: cfg:
+let
+  extraConfig = cfg.cs.defaultAppsettings;
+in
+{
  assertion = extraConfig ? ConnectionStrings && extraConfig.ConnectionStrings ? Spacebar && extraConfig.ConnectionStrings.Spacebar != null;
  message = ''
    ${name}: Setting a database connection string in extraConfiguration (`extraConfiguration.ConnectionStrings.Spacebar`) is required when using C# services.
@@ -13,7 +13,9 @@ let
  jsonFormat = pkgs.formats.json { };
 in
 {
-  imports = [ ];
+  imports = [
+    ./shared-config.nix
+  ];
  options.services.spacebarchat-server.cdnCs = lib.mkOption {
    default = { };
    description = "Configuration for C# cdn.";
@@ -22,7 +24,7 @@ in
        enable = lib.mkEnableOption "Enable experimental C# CDN.";
        extraConfiguration = lib.mkOption {
          type = jsonFormat.type;
-          default = import ./default-appsettings-json.nix;
+          default = { };
          description = "Extra appsettings.json configuration for the gateway offload daemon.";
        };
      };
@@ -35,7 +37,7 @@ in
    in
    {
      assertions = [
-        (import ./assert-has-connection-string.nix "Admin API" cfg.adminApi.extraConfiguration)
+        (import ./assert-has-connection-string.nix "C# CDN" cfg)
      ];

      systemd.services.spacebar-cdn = makeServerTsService {
@@ -53,7 +55,7 @@ in
            CONFIG_READONLY = 1;
            ASPNETCORE_URLS = "http://0.0.0.0:${toString cfg.cdnEndpoint.localPort}";
            STORAGE_LOCATION = cfg.cdnPath;
-            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-cdn.json" (lib.recursiveUpdate (import ./default-appsettings-json.nix) cfg.cdnCs.extraConfiguration);
+            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-cdn.json" (lib.recursiveUpdate cfg.cs.defaultAppsettings cfg.cdnCs.extraConfiguration);
          }
        );
        serviceConfig = {
@@ -14,7 +14,9 @@ let
  jsonFormat = pkgs.formats.json { };
 in
 {
-  imports = [ ];
+  imports = [
+    ./shared-config.nix
+  ];
  options.services.spacebarchat-server.offload = lib.mkOption {
    default = { };
    description = "Configuration for C# offload daemon.";
@@ -28,7 +30,7 @@ in
        };
        extraConfiguration = lib.mkOption {
          type = jsonFormat.type;
-          default = import ./default-appsettings-json.nix;
+          default = { };
          description = "Extra appsettings.json configuration for the offload daemon.";
        };
        gateway = lib.mkOption {
@@ -54,7 +56,7 @@ in
    in
    {
      assertions = [
-        (import ./assert-has-connection-string.nix "Gateway Offload" offloadCfg.extraConfiguration)
+        (import ./assert-has-connection-string.nix "Gateway Offload" cfg)
      ];

      services.spacebarchat-server.settings.offload = {
@@ -83,9 +85,7 @@ in
            CONFIG_READONLY = 1;
            ASPNETCORE_URLS = "http://0.0.0.0:${toString offloadCfg.listenPort}";
            STORAGE_LOCATION = cfg.cdnPath;
-            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-offload.json" (
-              lib.recursiveUpdate (import ./default-appsettings-json.nix) offloadCfg.extraConfiguration
-            );
+            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-offload.json" (lib.recursiveUpdate cfg.cs.defaultAppsettings offloadCfg.extraConfiguration);
          }
        );
        serviceConfig = {
@@ -0,0 +1,31 @@
+{
+  config,
+  lib,
+  pkgs,
+  ...
+}:
+
+let
+  secrets = import ../secrets.nix { inherit lib config; };
+  cfg = config.services.spacebarchat-server;
+  jsonFormat = pkgs.formats.json { };
+in
+{
+  options.services.spacebarchat-server.cs = lib.mkOption {
+    default = { };
+    description = "Configuration for C# cdn.";
+    type = lib.types.submodule {
+      options = {
+        defaultAppsettings = lib.mkOption {
+          type = jsonFormat.type;
+          default = import ./default-appsettings-json.nix;
+          description = "Extra appsettings.json configuration for all C#-based services.";
+        };
+      };
+    };
+  };
+
+  config = {
+    services.spacebarchat-server.cs.defaultAppsettings = import ./default-appsettings-json.nix;
+  };
+}
@@ -13,7 +13,9 @@ let
  jsonFormat = pkgs.formats.json { };
 in
 {
-  imports = [ ];
+  imports = [
+    ./shared-config.nix
+  ];
  options.services.spacebarchat-server.uApi = lib.mkOption {
    default = { };
    description = "Configuration for C# API overlay.";
@@ -27,7 +29,7 @@ in
        };
        extraConfiguration = lib.mkOption {
          type = jsonFormat.type;
-          default = import ./default-appsettings-json.nix;
+          default = { };
          description = "Extra appsettings.json configuration for the C# API overlay.";
        };
      };
@@ -40,7 +42,7 @@ in
    in
    {
      assertions = [
-        (import ./assert-has-connection-string.nix "uAPI" cfg.uApi.extraConfiguration)
+        (import ./assert-has-connection-string.nix "uAPI" cfg)
      ];

      systemd.services.spacebar-uapi = makeServerTsService {
@@ -59,7 +61,7 @@ in
            CONFIG_READONLY = 1;
            ASPNETCORE_URLS = "http://0.0.0.0:${toString cfg.uApi.listenPort}";
            STORAGE_LOCATION = cfg.cdnPath;
-            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-uapi.json" (lib.recursiveUpdate (import ./default-appsettings-json.nix) cfg.uApi.extraConfiguration);
+            APPSETTINGS_PATH = jsonFormat.generate "appsettings.spacebar-uapi.json" (lib.recursiveUpdate cfg.cs.defaultAppsettings cfg.uApi.extraConfiguration);
          }
        );
        serviceConfig = {
@@ -13,25 +13,21 @@ let
  configFile = (import ./config-file.nix { inherit config lib pkgs; });
 in
 {
-  options.services.spacebarchat-server.pion-sfu =
-    let
-      mkEndpointOptions = import ./options-subtypes/mkEndpointOptions.nix { inherit lib; };
-    in
-    {
-      enable = lib.mkEnableOption "Enable Spacebar Pion SFU";
-      openFirewall = lib.mkEnableOption "Allow SFU port in firewall";
-      package = lib.mkPackageOption self.packages.${pkgs.stdenv.hostPlatform.system} "Pion SFU" { default = "pion-sfu"; };
+  options.services.spacebarchat-server.pion-sfu = {
+    enable = lib.mkEnableOption "Enable Spacebar Pion SFU";
+    openFirewall = lib.mkEnableOption "Allow SFU port in firewall";
+    package = lib.mkPackageOption self.packages.${pkgs.stdenv.hostPlatform.system} "Pion SFU" { default = "pion-sfu"; };

-      publicIp = lib.mkOption {
-        type = lib.types.str;
-        description = "Public IP address of the server.";
-      };
-      listenPort = lib.mkOption {
-        type = lib.types.port;
-        default = 6000;
-        description = "UDP port the SFU will listen on.";
-      };
+    publicIp = lib.mkOption {
+      type = lib.types.str;
+      description = "Public IP address of the server.";
    };
+    listenPort = lib.mkOption {
+      type = lib.types.port;
+      default = 6000;
+      description = "UDP port the SFU will listen on.";
+    };
+  };

  config = lib.mkIf cfg.pion-sfu.enable (
    let
@@ -58,6 +58,7 @@ in
          };
        };

+        cs.defaultAppsettings.ConnectionStrings.Spacebar = csConnectionString;
        offload = {
          enable = true;
          gateway = {
@@ -68,23 +69,11 @@ in
            enableChannelStatuses = true;
            enableChannelInfo = true;
          };
-          extraConfiguration.ConnectionStrings.Spacebar = csConnectionString;
        };

-        adminApi = {
-          enable = true;
-          extraConfiguration.ConnectionStrings.Spacebar = csConnectionString;
-        };
-
-        cdnCs = {
-          enable = false;
-          extraConfiguration.ConnectionStrings.Spacebar = csConnectionString;
-        };
-
-        uApi = {
-          enable = true;
-          extraConfiguration.ConnectionStrings.Spacebar = csConnectionString;
-        };
+        adminApi.enable = true;
+        cdnCs.enable = false;
+        uApi.enable = true;

        pion-sfu = {
          enable = true;
@@ -105,14 +94,17 @@ in
      };
    in
    lib.trace ("Testing with config: " + builtins.toJSON cfg) cfg;
-  services.nginx.enable = true;
-  services.nginx.recommendedOptimisation = true;
-  services.nginx.appendConfig = ''
-    worker_processes 6;
-  '';
-  services.nginx.eventsConfig = ''
-    worker_connections 512;
-  '';
+
+  services.nginx = {
+    enable = true;
+    recommendedOptimisation = true;
+    appendConfig = ''
+      worker_processes 6;
+    '';
+    eventsConfig = ''
+      worker_connections 512;
+    '';
+  };

  users.users.root.initialPassword = "root";
  services.getty.autologinUser = "root";
@@ -6,7 +6,6 @@ nixpkgs.lib.nixosSystem {
        self.nixosModules.default
        ./configuration.nix
        ./postgres.nix
-        ./perlless.nix
        ./vm.nix
    ];
    specialArgs = { inherit self nixpkgs; };
@@ -0,0 +1,77 @@
+# https://github.com/MatthewCroughan/nixos-musl/blob/master/musl.nix
+{ pkgs, lib, ... }:
+let
+  glibcPkgs = (import pkgs.path { system = pkgs.stdenv.hostPlatform.system; });
+in
+{
+  # Fails to build, and doesn't make sense on musl anyway
+  services.nscd.enableNsncd = false;
+  services.nscd.enable = false;
+  system.nssModules = lib.mkForce [];
+
+  # wrappers use pkgsStatic which has issues on native musl at this time
+  security.enableWrappers = pkgs.stdenv.buildPlatform.isGnu;
+
+  xdg.mime.enable = if (pkgs.stdenv.buildPlatform != pkgs.stdenv.hostPlatform) then false else true;
+
+  # stub-ld doesn't make sense with musl
+  environment.stub-ld.enable = false;
+
+  # Fails unless neutered error: expected a set but found null: null
+  i18n.glibcLocales = pkgs.runCommand "neutered" { } "mkdir -p $out";
+
+  # Perl stuff just fails too hard these days
+  # services.userborn.enable = true;
+
+  nixpkgs.overlays = [
+    (self: super: {
+      # qemu doesn't build for musl, and if we want to run the
+      # config.system.build.vm, we need a glibc qemu, doens't impact anything
+      # else
+      qemu = glibcPkgs.qemu;
+
+      ## But the qemu_test binary is fine on musl
+      qemu_test = glibcPkgs.qemu_test;
+
+      # Tests are so flaky...
+      git = super.git.overrideAttrs { doInstallCheck = false; };
+
+      # https://github.com/NixOS/nixpkgs/pull/451147
+      diffutils = super.diffutils.overrideAttrs (old: {
+        postPatch =
+          if (super.stdenv.buildPlatform.isGnu && super.stdenv.hostPlatform.isMusl) then
+      ''
+        sed -i -E 's:test-getopt-gnu::g' gnulib-tests/Makefile.in
+        sed -i -E 's:test-getopt-posix::g' gnulib-tests/Makefile.in
+      '' else null;
+      });
+
+      # checks fail on musl
+      logrotate = super.logrotate.overrideAttrs {
+        doCheck = false;
+      };
+      rsync = super.rsync.overrideAttrs {
+        doCheck = false;
+      };
+      spdlog = super.spdlog.overrideAttrs {
+        doCheck = false;
+      };
+    })
+  ];
+
+  # These options sometimes work, and sometimes don't, because of perl
+  nix.enable = lib.mkForce false;
+  system = {
+    tools.nixos-generate-config.enable = lib.mkForce false;
+    switch.enable = lib.mkForce false;
+    disableInstallerTools = lib.mkForce false;
+    tools.nixos-option.enable = lib.mkForce false;
+  };
+  documentation = {
+    enable =  false;
+    doc.enable =  false;
+    info.enable =  false;
+    man.enable =  false;
+    nixos.enable =  false;
+  };
+}
@@ -1,26 +0,0 @@
-{ lib, ... }:
-{
-  #perlless profile
-  #system.switch.enable = lib.mkForce false;
-
-  # Remove perl from activation
-  #system.etc.overlay.enable = lib.mkForce true;
-  #systemd.sysusers.enable = lib.mkForce true;
-
-  # Random perl remnants
-  programs.less.lessopen = lib.mkForce null;
-  programs.command-not-found.enable = lib.mkForce false;
-  environment.defaultPackages = lib.mkForce [ ];
-  documentation.info.enable = lib.mkForce false;
-  documentation.man.enable = false;
-
-  system = {
-    #activatable = false;
-    copySystemConfiguration = false;
-    includeBuildDependencies = false;
-    disableInstallerTools = lib.mkForce true;
-    build = {
-      separateActivationScript = true;
-    };
-  };
-}
@@ -1,4 +1,5 @@
 {
+  config,
  pkgs,
  lib,
  modulesPath,
@@ -6,7 +7,8 @@
 }:
 {
  imports = [
-#    (modulesPath + "/virtualisation/qemu-vm.nix")
+    #    (modulesPath + "/virtualisation/qemu-vm.nix")
+    ./musl.nix
  ];

  virtualisation.vmVariant = {
@@ -59,4 +61,67 @@
    font = "${pkgs.cozette}/share/consolefonts/cozette6x13.psfu";
    packages = with pkgs; [ cozette ];
  };
+
+  # Remove perl from activation
+  system.etc.overlay.enable = lib.mkForce true;
+  systemd.sysusers.enable = lib.mkForce true;
+
+  programs.less.lessopen = lib.mkForce null;
+  programs.command-not-found.enable = lib.mkForce false;
+  environment.defaultPackages = lib.mkForce [ ];
+  documentation.info.enable = lib.mkForce false;
+  documentation.man.enable = false;
+
+  system = {
+    copySystemConfiguration = false;
+    includeBuildDependencies = false;
+    disableInstallerTools = lib.mkForce true;
+    build = {
+      separateActivationScript = true;
+    };
+    switch.enable = lib.mkForce false;
+    nixos-init.enable = true;
+  };
+
+    nixpkgs.hostPlatform = {
+      system = "x86_64-linux";
+      config = "x86_64-unknown-linux-musl";
+    };
+
+  boot.loader.grub.enable = lib.mkDefault false;
+  fileSystems."/".device = lib.mkDefault "/dev/disk/by-label/nixos";
+  # https://github.com/NixOS/nixpkgs/pull/496852/changes
+  boot.postBootCommands = lib.mkForce "";
+  systemd.services.register-nix-paths = lib.mkIf config.nix.enable {
+    # Run early during boot so the nix store DB is populated before any
+    # service (or test backdoor) tries to use nix commands.
+    # nix-store --load-db writes to the SQLite DB directly, so it does not
+    # need the nix-daemon.
+    unitConfig.DefaultDependencies = false;
+    wantedBy = [
+      "sysinit.target"
+    ];
+    before = [
+      "sysinit.target"
+      "shutdown.target"
+      "nix-daemon.socket"
+      "nix-daemon.service"
+    ];
+    after = [
+      "local-fs.target"
+    ];
+    conflicts = [
+      "shutdown.target"
+    ];
+    restartIfChanged = false;
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+    };
+    script = ''
+      if [[ "$(cat /proc/cmdline)" =~ regInfo=([^ ]*) ]]; then
+        ${lib.getExe' config.nix.package.out "nix-store"} --load-db < "''${BASH_REMATCH[1]}"
+      fi
+    '';
+  };
 }