-
-
Notifications
You must be signed in to change notification settings - Fork 120
/
wsl-distro.nix
249 lines (227 loc) · 8.69 KB
/
wsl-distro.nix
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
{ lib, pkgs, config, ... }:
with builtins; with lib;
let
cfg = config.wsl;
in
{
options.wsl = with types; {
enable = mkEnableOption "support for running NixOS as a WSL distribution";
useWindowsDriver = mkEnableOption "OpenGL driver from the Windows host";
binShPkg = mkOption {
type = package;
internal = true;
description = "Package to be linked to /bin/sh. Mainly useful to be re-used by other modules like envfs.";
};
binShExe = mkOption {
type = str;
internal = true;
description = "Path to the shell executable to be linked to /bin/sh";
default = "${config.wsl.binShPkg}/bin/sh";
};
defaultUser = mkOption {
type = str;
default = "nixos";
description = "The name of the default user";
};
populateBin = mkOption {
type = bool;
default = true;
internal = true;
description = ''
Dangerous! Things might break. Use with caution!
Do not populate /bin.
This is mainfly useful if another module populates /bin like envfs.
'';
};
extraBin = mkOption {
type = listOf (submodule ({ config, ... }: {
options = {
src = mkOption {
type = str;
description = "Path of the file that should be added";
};
name = mkOption {
type = str;
description = "The name the file should be created as in /bin";
default = baseNameOf config.src;
defaultText = literalExpression "baseNameOf src";
};
copy = mkOption {
type = bool;
default = false;
description = "Whether or not the file should be copied instead of symlinked";
};
};
}));
description = "Additional files to be added to /bin";
};
startMenuLaunchers = mkEnableOption "shortcuts for GUI applications in the windows start menu";
};
config = mkIf cfg.enable {
# WSL uses its own kernel and boot loader
boot = {
bootspec.enable = false;
initrd.enable = false;
kernel.enable = false;
loader.grub.enable = false;
modprobeConfig.enable = false;
};
system.build.installBootLoader = "${pkgs.coreutils}/bin/true";
# WSL does not support virtual consoles
console.enable = false;
hardware.graphics = {
enable = true; # Enable GPU acceleration
extraPackages = mkIf cfg.useWindowsDriver [
(pkgs.runCommand "wsl-lib" { } ''
mkdir -p "$out/lib"
# # we cannot just symlink the lib directory because it breaks merging with other drivers that provide the same directory
ln -s /usr/lib/wsl/lib/libcudadebugger.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libcuda.so "$out/lib"
ln -s /usr/lib/wsl/lib/libcuda.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libcuda.so.1.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libd3d12core.so "$out/lib"
ln -s /usr/lib/wsl/lib/libd3d12.so "$out/lib"
ln -s /usr/lib/wsl/lib/libdxcore.so "$out/lib"
ln -s /usr/lib/wsl/lib/libnvcuvid.so "$out/lib"
ln -s /usr/lib/wsl/lib/libnvcuvid.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libnvdxdlkernels.so "$out/lib"
ln -s /usr/lib/wsl/lib/libnvidia-encode.so "$out/lib"
ln -s /usr/lib/wsl/lib/libnvidia-encode.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libnvidia-ml.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libnvidia-opticalflow.so "$out/lib"
ln -s /usr/lib/wsl/lib/libnvidia-opticalflow.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libnvoptix.so.1 "$out/lib"
ln -s /usr/lib/wsl/lib/libnvwgf2umx.so "$out/lib"
ln -s /usr/lib/wsl/lib/nvidia-smi "$out/lib"
'')
];
};
environment = {
# Only set the options if the files are managed by WSL
etc = mkMerge [
(mkIf config.wsl.wslConf.network.generateHosts {
hosts.enable = false;
})
(mkIf config.wsl.wslConf.network.generateResolvConf {
"resolv.conf".enable = false;
})
];
};
# Make sure the WSLg X11 socket is available if /tmp is mounted to something else
systemd.mounts = [rec {
description = "Mount WSLg X11 socket";
what = "${cfg.wslConf.automount.root}/wslg/.X11-unix/X0";
where = "/tmp/.X11-unix/X0";
type = "none";
options = "bind";
after = [ "nixos-wsl-migration-x11mount.service" ];
wants = after;
wantedBy = [ "local-fs.target" ];
}];
# Remove symbolic link for WSLg X11 socket, which was created by NixOS-WSL until 2024-02-24
systemd.services.nixos-wsl-migration-x11mount = {
description = "Remove /tmp/.X11-unix symlink if present";
unitConfig = {
ConditionPathIsSymbolicLink = "/tmp/.X11-unix";
DefaultDependencies = "no";
};
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.coreutils}/bin/rm /tmp/.X11-unix";
};
};
# Prevent systemd from mounting a tmpfs over the runtime dir (and thus hiding the wayland socket)
systemd.services."user-runtime-dir@" = {
overrideStrategy = "asDropin";
serviceConfig.ExecStart =
let
wrapped = pkgs.writeShellScript "user-runtime-dir-start-wrapped" ''
if [ -d "/run/user/$1" ]; then
exit 0
else
${config.systemd.package}/lib/systemd/systemd-user-runtime-dir start "$1"
fi
'';
in
[
"" # unset old value
"${wrapped} %i"
];
};
# dhcp is handled by windows
networking.dhcpcd.enable = false;
users.users.${cfg.defaultUser} = {
isNormalUser = true;
uid = 1000;
extraGroups = [ "wheel" ]; # Allow the default user to use sudo
};
# Otherwise WSL fails to login as root with "initgroups failed 5"
users.users.root.extraGroups = [ "root" ];
powerManagement.enable = false;
security.sudo.wheelNeedsPassword = mkDefault false; # The default user will not have a password by default
system.activationScripts = {
copy-launchers = mkIf cfg.startMenuLaunchers (
stringAfter [ ] ''
for x in applications icons; do
echo "setting up /usr/share/''${x}..."
targets=()
if [[ -d "$systemConfig/sw/share/$x" ]]; then
targets+=("$systemConfig/sw/share/$x/.")
fi
if [[ -d "/etc/profiles/per-user/${config.users.users.${cfg.defaultUser}.name}/share/$x" ]]; then
targets+=("/etc/profiles/per-user/${config.users.users.${cfg.defaultUser}.name}/share/$x/.")
fi
if (( ''${#targets[@]} != 0 )); then
mkdir -p "/usr/share/$x"
${pkgs.rsync}/bin/rsync --archive --copy-dirlinks --delete-after --recursive "''${targets[@]}" "/usr/share/$x"
else
rm -rf "/usr/share/$x"
fi
done
''
);
populateBin = lib.mkIf cfg.populateBin (stringAfter [ ] ''
echo "setting up /bin..."
${concatStringsSep "\n" (map
(entry:
if entry.copy
then "cp -f ${entry.src} /bin/${entry.name}"
else "ln -sf ${entry.src} /bin/${entry.name}"
)
config.wsl.extraBin
)}
'');
};
# require people to use lib.mkForce to make it harder to brick their installation
wsl = {
populateBin = mkIf config.services.envfs.enable false;
extraBin = [
{ src = "/init"; name = "wslpath"; }
{ src = "${cfg.binShExe}"; name = "sh"; }
{ src = "${pkgs.util-linux}/bin/mount"; }
];
};
services.envfs.extraFallbackPathCommands =
concatStringsSep "\n"
(map
(entry:
if entry.copy
then "cp -f ${entry.src} $out/${entry.name}"
else "ln -sf ${entry.src} $out/${entry.name}"
)
cfg.extraBin
);
warnings = flatten [
(optional (config.services.resolved.enable && config.wsl.wslConf.network.generateResolvConf)
"systemd-resolved is enabled, but resolv.conf is managed by WSL (wsl.wslConf.network.generateResolvConf)"
)
(optional ((length config.networking.nameservers) > 0 && config.wsl.wslConf.network.generateResolvConf)
"custom nameservers are set (networking.nameservers), but resolv.conf is managed by WSL (wsl.wslConf.network.generateResolvConf)"
)
(optional ((length config.networking.nameservers) == 0 && !config.services.resolved.enable && !config.wsl.wslConf.network.generateResolvConf)
"resolv.conf generation is turned off (wsl.wslConf.network.generateResolvConf), but no other nameservers are configured (networking.nameservers)"
)
];
};
}