refactor: clean up the microvm hierarchy

Pulling on that thread.

Signed-off-by: Brian McGillion <[email protected]>

REUSE.toml

@@ -19,7 +19,7 @@ path = [
   "modules/hardware/x86_64-generic/kernel/configs/ghaf_host_hardened_baseline-x86",
   "modules/reference/hardware/jetpack/ghaf_host_hardened_baseline-jetson-orin",
   "modules/lanzaboote/demo-secure-boot-keys/**/*",
-  "modules/microvm/virtualization/microvm/idsvm/mitmproxy/mitmproxy-ca/*"
+  "modules/microvm/sysvms/idsvm/mitmproxy/mitmproxy-ca/*"
 ]
 
 [[annotations]]
@@ -99,7 +99,7 @@ path = [
   "modules/reference/hardware/jetpack-microvm/*.patch",
   "modules/reference/hardware/jetpack/nvidia-jetson-orin/virtualization/passthrough/uarti-net-vm/patches/net_vm_dtb_with_uarti.patch",
   "modules/common/virtualization/pkvm/0001-pkvm-enable-pkvm-on-intel-x86-6.1-lts.patch",
-  "modules/microvm/virtualization/microvm/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch",
+  "modules/microvm/sysvms/0001-x86-gpu-Don-t-reserve-stolen-memory-for-GPU-passthro.patch",
   "modules/reference/hardware/jetpack/nvidia-jetson-orin/virtualization/passthrough/uarti-net-vm/tegra234-netvm.dts"
 ]
 

modules/common/common.nix

@@ -13,8 +13,6 @@ let
     mkOption
     types
     optionalAttrs
-    optionalString
-    attrsets
     hasAttrByPath
     ;
 in

modules/microvm/virtualization/microvm/appvm.nix → modules/microvm/appvm.nix

@@ -68,7 +68,7 @@ let
           })
 
           # To push logs to central location
-          ../../../common/logging/client.nix
+          ../common/logging/client.nix
           (
             {
               lib,
@@ -168,7 +168,7 @@ let
 
               security.pki.certificateFiles =
                 lib.mkIf configHost.ghaf.virtualization.microvm.idsvm.mitmproxy.enable
-                  [ ./idsvm/mitmproxy/mitmproxy-ca/mitmproxy-ca-cert.pem ];
+                  [ ./sysvms/idsvm/mitmproxy/mitmproxy-ca/mitmproxy-ca-cert.pem ];
 
               time.timeZone = configHost.time.timeZone;
 
@@ -223,7 +223,7 @@ let
               };
               fileSystems."${configHost.ghaf.security.sshKeys.waypipeSshPublicKeyDir}".options = [ "ro" ];
 
-              imports = [ ../../../common ];
+              imports = [ ../common ];
             }
           )
         ];

modules/microvm/flake-module.nix

@@ -5,15 +5,15 @@
   flake.nixosModules = {
     microvm.imports = [
       inputs.microvm.nixosModules.host
-      (import ./virtualization/microvm/microvm-host.nix { inherit inputs; })
-      (import ./virtualization/microvm/netvm.nix { inherit inputs; })
-      (import ./virtualization/microvm/adminvm.nix { inherit inputs; })
-      (import ./virtualization/microvm/appvm.nix { inherit inputs; })
-      (import ./virtualization/microvm/guivm.nix { inherit inputs; })
-      (import ./virtualization/microvm/audiovm.nix { inherit inputs; })
-      (import ./virtualization/microvm/idsvm/idsvm.nix { inherit inputs; })
-      ./virtualization/microvm/idsvm/mitmproxy
-      ./virtualization/microvm/modules.nix
+      (import ./microvm-host.nix { inherit inputs; })
+      (import ./sysvms/netvm.nix { inherit inputs; })
+      (import ./sysvms/adminvm.nix { inherit inputs; })
+      (import ./appvm.nix { inherit inputs; })
+      (import ./sysvms/guivm.nix { inherit inputs; })
+      (import ./sysvms/audiovm.nix { inherit inputs; })
+      (import ./sysvms/idsvm/idsvm.nix { inherit inputs; })
+      ./sysvms/idsvm/mitmproxy
+      ./modules.nix
       ./networking.nix
       ./power-control.nix
       ../hardware/common/shared-mem.nix

modules/microvm/virtualization/microvm/microvm-host.nix → modules/microvm/microvm-host.nix

@@ -25,7 +25,6 @@ let
       config.ghaf.hardware.definition.audio.rescanPciDevice
     else
       config.ghaf.hardware.definition.audio.removePciDevice;
-  vinotify = pkgs.callPackage ../../../../packages/vinotify { };
 in
 {
   imports = [
@@ -159,7 +158,7 @@ in
           Type = "simple";
           Restart = "always";
           RestartSec = "1";
-          ExecStart = "${vinotify}/bin/vinotify --cid ${toString config.ghaf.virtualization.microvm.guivm.vsockCID} --port 2000 --path /persist/storagevm/shared/shares --mode host";
+          ExecStart = "${pkgs.vinotify}/bin/vinotify --cid ${toString config.ghaf.virtualization.microvm.guivm.vsockCID} --port 2000 --path /persist/storagevm/shared/shares --mode host";
         };
         startLimitIntervalSec = 0;
       };
@@ -175,7 +174,7 @@ in
               Type = "simple";
               Restart = "always";
               RestartSec = "1";
-              ExecStart = "${vinotify}/bin/vinotify --port 2000 --path /Shares --mode guest";
+              ExecStart = "${pkgs.vinotify}/bin/vinotify --port 2000 --path /Shares --mode guest";
             };
             startLimitIntervalSec = 0;
           };

modules/microvm/networking.nix

@@ -13,7 +13,7 @@ let
     mkIf
     optionals
     ;
-  sshKeysHelper = pkgs.callPackage ./virtualization/microvm/ssh-keys-helper.nix { inherit config; };
+  sshKeysHelper = pkgs.callPackage ./ssh-keys-helper.nix { inherit config; };
   inherit (config.ghaf.networking) hosts;
   inherit (config.networking) hostName;
 in

modules/microvm/virtualization/microvm/adminvm.nix → modules/microvm/sysvms/adminvm.nix

@@ -15,17 +15,17 @@ let
     imports = [
       inputs.impermanence.nixosModules.impermanence
       inputs.self.nixosModules.givc-adminvm
-      (import ./common/vm-networking.nix {
+      (import ../common/vm-networking.nix {
         inherit
           config
           lib
           vmName
           ;
       })
       # We need to retrieve mac address and start log aggregator
-      ../../../common/logging/hw-mac-retrieve.nix
-      ../../../common/logging/logs-aggregator.nix
-      ./common/storagevm.nix
+      ../../common/logging/hw-mac-retrieve.nix
+      ../../common/logging/logs-aggregator.nix
+      ../common/storagevm.nix
       (
         { lib, ... }:
         {
@@ -115,7 +115,7 @@ let
 
             writableStoreOverlay = lib.mkIf config.ghaf.development.debug.tools.enable "/nix/.rw-store";
           };
-          imports = [ ../../../common ];
+          imports = [ ../../common ];
         }
       )
     ];

modules/microvm/virtualization/microvm/audiovm.nix → modules/microvm/sysvms/audiovm.nix

@@ -15,19 +15,19 @@ let
     imports = [
       inputs.self.nixosModules.givc-audiovm
       inputs.impermanence.nixosModules.impermanence
-      (import ./common/vm-networking.nix {
+      (import ../common/vm-networking.nix {
         inherit
           config
           lib
           vmName
           ;
       })
-      ./common/storagevm.nix
-      ../../../common/logging/client.nix
+      ../common/storagevm.nix
+      ../../common/logging/client.nix
       (
         { lib, pkgs, ... }:
         {
-          imports = [ ../../../common ];
+          imports = [ ../../common ];
 
           ghaf = {
             # Profiles

modules/microvm/virtualization/microvm/guivm.nix → modules/microvm/sysvms/guivm.nix

@@ -9,26 +9,26 @@
 }:
 let
   vmName = "gui-vm";
-  inherit (import ../../../../lib/launcher.nix { inherit pkgs lib; }) rmDesktopEntries;
+  inherit (import ../../../lib/launcher.nix { inherit pkgs lib; }) rmDesktopEntries;
   guivmBaseConfiguration = {
     imports = [
       inputs.impermanence.nixosModules.impermanence
       inputs.self.nixosModules.givc-guivm
-      (import ./common/vm-networking.nix {
+      (import ../common/vm-networking.nix {
         inherit
           config
           lib
           vmName
           ;
       })
 
-      ./common/storagevm.nix
-      ./common/xdgitems.nix
+      ../common/storagevm.nix
+      ../common/xdgitems.nix
 
       # To push logs to central location
-      ../../../common/logging/client.nix
+      ../../common/logging/client.nix
 
-      ../../../common/logging/hw-mac-retrieve.nix
+      ../../common/logging/hw-mac-retrieve.nix
 
       (
         { lib, pkgs, ... }:
@@ -57,9 +57,10 @@ let
         in
         {
           imports = [
-            ../../../common
-            ../../../desktop
-            ../../../reference/services
+            ../../common
+            ../../desktop
+            #TODO: inception cross reference. FIX: this
+            ../../reference/services
           ];
 
           ghaf = {
@@ -288,9 +289,10 @@ let
   };
   cfg = config.ghaf.virtualization.microvm.guivm;
 
+  #TODO: fix the kernel includes and builders to be more modular and centrailized
   # Importing kernel builder function and building guest_graphics_hardened_kernel
-  buildKernel = import ../../../../packages/kernel { inherit config pkgs lib; };
-  config_baseline = ../../../hardware/x86_64-generic/kernel/configs/ghaf_host_hardened_baseline-x86;
+  buildKernel = import ../../../packages/kernel { inherit config pkgs lib; };
+  config_baseline = ../../hardware/x86_64-generic/kernel/configs/ghaf_host_hardened_baseline-x86;
   guest_graphics_hardened_kernel = buildKernel { inherit config_baseline; };
 
 in

modules/microvm/virtualization/microvm/idsvm/idsvm.nix → modules/microvm/sysvms/idsvm/idsvm.nix

@@ -12,11 +12,10 @@ let
   vmName = "ids-vm";
   idsvmBaseConfiguration = {
     imports = [
-      (import ../common/vm-networking.nix {
+      (import ../../common/vm-networking.nix {
         inherit
           config
           lib
-          pkgs
           vmName
           ;
       })
@@ -64,7 +63,7 @@ let
           };
 
           imports = [
-            ../../../../common
+            ../../../common
             ./mitmproxy
           ];
         }

modules/microvm/virtualization/microvm/netvm.nix → modules/microvm/sysvms/netvm.nix

@@ -12,7 +12,7 @@ let
     imports = [
       inputs.impermanence.nixosModules.impermanence
       inputs.self.nixosModules.givc-netvm
-      (import ./common/vm-networking.nix {
+      (import ../common/vm-networking.nix {
         inherit
           config
           lib
@@ -21,14 +21,14 @@ let
         isGateway = true;
       })
 
-      ./common/storagevm.nix
+      ../common/storagevm.nix
 
       # To push logs to central location
-      ../../../common/logging/client.nix
+      ../../common/logging/client.nix
       (
         { lib, ... }:
         {
-          imports = [ ../../../common ];
+          imports = [ ../../common ];
 
           ghaf = {
             # Profiles

modules/reference/services/chromecast/chromecast-config.nix

@@ -12,7 +12,7 @@
 
       internalNic =
         let
-          vmNetworking = import ../../../microvm/virtualization/microvm/common/vm-networking.nix {
+          vmNetworking = import ../../../microvm/common/vm-networking.nix {
             inherit config;
             inherit lib;
             vmName = "net-vm";

modules/reference/services/dendrite-pinecone/dendrite-config.nix

@@ -17,7 +17,7 @@
 
       internalNic =
         let
-          vmNetworking = import ../../../microvm/virtualization/microvm/common/vm-networking.nix {
+          vmNetworking = import ../../../microvm/common/vm-networking.nix {
             inherit config lib pkgs;
             vmName = "net-vm";
           };

packages/own-pkgs-overlay.nix

@@ -27,6 +27,7 @@
     open-normal-extension = final.callPackage ./pkgs-by-name/open-normal-extension/package.nix { };
     qemuqmp = final.callPackage ./pkgs-by-name/qemuqmp/package.nix { };
     vhotplug = final.callPackage ./pkgs-by-name/vhotplug/package.nix { };
+    vinotify = final.callPackage ./pkgs-by-name/vinotify/package.nix { };
     vsockproxy = final.callPackage ./pkgs-by-name/vsockproxy/package.nix { };
     windows-launcher = final.callPackage ./pkgs-by-name/windows-launcher/package.nix { };
   };