X-Git-Url: http://git.scottworley.com/nixos-qemu-vm-isolation/blobdiff_plain/69619e0bcd198291d2e4f7a72ccd87d61a8d0bc9..68bdafb07183ce95311038842731769028f55712:/modules/qemu-vm-isolation.nix

diff --git a/modules/qemu-vm-isolation.nix b/modules/qemu-vm-isolation.nix
index 7e0a37f..260e9fe 100644
--- a/modules/qemu-vm-isolation.nix
+++ b/modules/qemu-vm-isolation.nix
@@ -1,6 +1,6 @@
 { config, lib, modulesPath, pkgs, ... }:
 let
-  inherit (lib) findSingle mkForce mkVMOverride;
+  inherit (lib) findSingle mkForce mkIf mkMerge mkVMOverride;
 
   lookupDriveDeviceName = driveName: driveList:
     (findSingle (drive: drive.name == driveName)
@@ -14,33 +14,44 @@ let
 
 in {
 
-  boot.initrd.availableKernelModules = [ "squashfs" ];
-
   fileSystems = mkVMOverride {
     "${storeMountPath}" = {
       device =
         lookupDriveDeviceName "nixstore" config.virtualisation.qemu.drives;
-      fsType = "squashfs";
+      fsType = "ext4";
       options = [ "ro" ];
       neededForBoot = true;
     };
   };
 
-  system.build.squashfsStore =
-    pkgs.callPackage (modulesPath + "/../lib/make-squashfs.nix") {
-      storeContents = config.virtualisation.pathsInNixDB;
+  # We use this to disable fsck runs on the ext4 nix store image because stage-1
+  # fsck crashes (maybe because the device is read-only?), halting boot.
+  boot.initrd.checkJournalingFS = false;
+
+  system.build.nixStoreImage =
+    import (modulesPath + "/../lib/make-disk-image.nix") {
+      inherit pkgs config lib;
+      additionalPaths = [
+        (config.virtualisation.host.pkgs.closureInfo {
+          rootPaths = config.virtualisation.additionalPaths;
+        })
+      ];
+      onlyNixStore = true;
+      label = "nix-store";
+      partitionTableType = "none";
+      installBootLoader = false;
+      diskSize = "auto";
+      additionalSpace = "0M";
+      copyChannel = false;
     };
 
   virtualisation = {
 
-    # This should be the default.
-    bootDevice = lookupDriveDeviceName "root" config.virtualisation.qemu.drives;
-
     sharedDirectories = mkForce { };
 
     qemu.drives = [{
       name = "nixstore";
-      file = "${config.system.build.squashfsStore}";
+      file = "${config.system.build.nixStoreImage}/nixos.img";
       driveExtraOpts = {
         format = "raw";
         read-only = "on";