add includeos-create-bridge to system PATH + formatting

mazunki · mazunki · commit ec06d0d71bc4 · 2025-10-18T01:45:24.000+02:00
diff --git a/default.nix b/default.nix
@@ -29,6 +29,13 @@ pkgs.python3.pkgs.buildPythonPackage rec {
     license = pkgs.lib.licenses.asl20;
   };
 
+  installPhase = ''
+    runHook preInstall
+    mkdir -p $out/bin
+    install -Dm755 ${create_bridge} $out/bin/${pname}-create-bridge
+    runHook postInstall
+  '';
+
   nativeCheckInputs = [
     pkgs.shellcheck
     pkgs.pylint
diff --git a/nixos-module.nix b/nixos-module.nix
@@ -2,40 +2,49 @@
 { config, lib, pkgs, ... }:
 let
   qemuPkg = config.services.vmrunner.qemuPackage or pkgs.qemu;
+  vmrunnerPkg = config.services.vmrunner.package or (pkgs.callPackage ./default.nix { });
+
   qemuBridgeHelperPath  = "/run/wrappers/bin/qemu-bridge-helper";
+  bridge = "bridge43";
 in
-{
+  {
   options.services.vmrunner.qemuPackage = lib.mkOption {
     type = lib.types.package;
     default = pkgs.qemu;
     description = "QEMU with capabilities enabled for IncludeOS unikernels";
   };
 
-  config.security.wrappers = {
-    # https://wiki.qemu.org/Features/HelperNetworking
-    qemu-bridge-helper = {
-      source = "${qemuPkg}/libexec/qemu-bridge-helper";
-      owner = "root";
-      group = "root";
-      capabilities = "cap_net_admin+ep";  # required for attaching TAP devices to bridges
-    };
+  config = {
+    security.wrappers = {
+      # https://wiki.qemu.org/Features/HelperNetworking
+      qemu-bridge-helper = {
+        source = "${qemuPkg}/libexec/qemu-bridge-helper";
+        owner = "root";
+        group = "root";
+        capabilities = "cap_net_admin+ep";  # required for attaching TAP devices to bridges
+      };
 
-    ping = {
-      source = "${pkgs.iputils}/bin/ping";
-      owner = "root";
-      group = "root";
-      capabilities = "cap_net_raw+ep";  # required to send ICMP packets
+      ping = {
+        source = "${pkgs.iputils}/bin/ping";
+        owner = "root";
+        group = "root";
+        capabilities = "cap_net_raw+ep";  # required to send ICMP packets
+      };
     };
-  };
 
-  config.environment.etc."qemu/bridge.conf".text = ''
-    allow bridge43
-  '';
+    environment = {
+      etc."qemu/bridge.conf".text = ''
+        allow ${bridge}
+      '';
 
-  config.networking.firewall = {
-    trustedInterfaces = [ "bridge43" ];
-  };
+      systemPackages = [ vmrunnerPkg ];
 
-  config.environment.variables.QEMU_BRIDGE_HELPER = qemuBridgeHelperPath;
+      variables.QEMU_BRIDGE_HELPER = qemuBridgeHelperPath;
+    };
+
+    networking.firewall = {
+      trustedInterfaces = [ bridge ];
+    };
+  };
 }
 
