From 57c9e00000d7530693968262bbc239e1371f5bba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dav=C3=AD=C3=B0=20Steinn=20Geirsson?= Date: Sat, 21 Mar 2026 19:47:10 +0000 Subject: [PATCH] refactor: make console-relay service crosvm-only Cloud-hypervisor VMs now use PTY-direct serial mode and no longer need a console-relay service. Filter the relay to crosvm VMs only via lib.filter, removing the isCh/chRelayScript conditional logic. Also add ExecStopPost cleanup of the console symlink for CH VMs. Co-Authored-By: Claude Sonnet 4.6 --- modules/services.nix | 49 ++++++++++++-------------------------------- 1 file changed, 13 insertions(+), 36 deletions(-) diff --git a/modules/services.nix b/modules/services.nix index 50ac8fc..9e6f18e 100644 --- a/modules/services.nix +++ b/modules/services.nix @@ -403,6 +403,9 @@ in rm -f /run/vmsilo/${vm.name}/crosvm-control.socket rm -f /run/vmsilo/${vm.name}/cloud-hypervisor-control.socket rm -f /run/vmsilo/${vm.name}/vsock.socket + ${lib.optionalString (vm.hypervisor == "cloud-hypervisor") '' + rm -f /run/vmsilo/${vm.name}/console + ''} ''; usbCleanup = pkgs.writeShellScript "usb-cleanup-${vm.name}" '' source ${cfg._internal.usbHelperLib} @@ -444,55 +447,29 @@ in } ) (lib.attrValues cfg.nixosVms) ++ - # Console relay services (one per VM) + # Console relay services (one per crosvm VM) # Bridges serial backend to a persistent PTY so users can attach/detach map ( vm: - let - isCh = vm.hypervisor == "cloud-hypervisor"; - # crosvm connects to a socket we listen on; cloud-hypervisor creates its own socket we connect to - chRelayScript = pkgs.writeShellScript "console-relay-${vm.name}" '' - # Wait for cloud-hypervisor to create the serial socket - ELAPSED=0 - while [ ! -S /run/vmsilo/${vm.name}/serial.socket ] && [ $ELAPSED -lt 120 ]; do - sleep 0.5 - ELAPSED=$((ELAPSED + 1)) - done - if [ ! -S /run/vmsilo/${vm.name}/serial.socket ]; then - echo "Timeout waiting for serial socket" >&2 - exit 1 - fi - exec ${pkgs.socat}/bin/socat UNIX-CONNECT:/run/vmsilo/${vm.name}/serial.socket PTY,link=/run/vmsilo/${vm.name}/console,raw,echo=0,user=${toString userUid},mode=0600 - ''; - in lib.nameValuePair "vmsilo-${vm.name}-console-relay" { description = "Console relay for VM ${vm.name}"; - after = if isCh then [ "vmsilo-${vm.name}-vm.service" ] else [ "vmsilo-${vm.name}-prep.service" ]; - before = lib.optionals (!isCh) [ "vmsilo-${vm.name}-vm.service" ]; - requiredBy = lib.optionals (!isCh) [ "vmsilo-${vm.name}-vm.service" ]; - wantedBy = lib.optionals isCh [ "vmsilo-${vm.name}-vm.service" ]; + after = [ "vmsilo-${vm.name}-prep.service" ]; + before = [ "vmsilo-${vm.name}-vm.service" ]; + requiredBy = [ "vmsilo-${vm.name}-vm.service" ]; bindsTo = [ "vmsilo-${vm.name}-vm.service" ]; serviceConfig = { Type = "simple"; - ExecStartPre = - lib.optionals (!isCh) [ - "-${pkgs.coreutils}/bin/rm -f /run/vmsilo/${vm.name}/console-backend.socket" - ] - ++ [ - "-${pkgs.coreutils}/bin/rm -f /run/vmsilo/${vm.name}/console" - ]; - ExecStart = - if isCh then - "${chRelayScript}" - else - # crosvm: listen for crosvm to connect - "${pkgs.socat}/bin/socat UNIX-LISTEN:/run/vmsilo/${vm.name}/console-backend.socket,fork,reuseaddr PTY,link=/run/vmsilo/${vm.name}/console,raw,echo=0,user=${toString userUid},mode=0600"; + ExecStartPre = [ + "-${pkgs.coreutils}/bin/rm -f /run/vmsilo/${vm.name}/console-backend.socket" + "-${pkgs.coreutils}/bin/rm -f /run/vmsilo/${vm.name}/console" + ]; + ExecStart = "${pkgs.socat}/bin/socat UNIX-LISTEN:/run/vmsilo/${vm.name}/console-backend.socket,fork,reuseaddr PTY,link=/run/vmsilo/${vm.name}/console,raw,echo=0,user=${toString userUid},mode=0600"; Restart = "on-failure"; RestartSec = "1s"; }; } - ) (lib.attrValues cfg.nixosVms) + ) (lib.filter (vm: vm.hypervisor == "crosvm") (lib.attrValues cfg.nixosVms)) ++ # virtiofsd services (one per shared directory per VM) lib.concatMap (