From dfa314c38212cc462e64761c2c476d984da99e4c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Edward=20Tj=C3=B6rnhammar?= Date: Sat, 3 Nov 2018 19:33:58 +0100 Subject: [PATCH 1/4] linuxPackages.anbox: init at 2018-09-08 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Luke Adams Co-authored-by: Volth Co-authored-by: Jörg Thalheim Co-authored-by: Edward Tjörnhammar Co-authored-by: Gabriel Ebner --- pkgs/os-specific/linux/anbox/kmod.nix | 43 +++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 45 insertions(+) create mode 100644 pkgs/os-specific/linux/anbox/kmod.nix diff --git a/pkgs/os-specific/linux/anbox/kmod.nix b/pkgs/os-specific/linux/anbox/kmod.nix new file mode 100644 index 000000000000..8a102996cab6 --- /dev/null +++ b/pkgs/os-specific/linux/anbox/kmod.nix @@ -0,0 +1,43 @@ +{ stdenv, lib, kernel, fetchFromGitHub }: + +stdenv.mkDerivation rec { + pname = "anbox-modules"; + version = "2018-09-08-" + kernel.version; + + src = fetchFromGitHub { + owner = "anbox"; + repo = "anbox-modules"; + rev = "27fd47e11ef6eef93738f8f3df3e42c88975544e"; + sha256 = "1hnf5x5swjcws6mnxmd3byll8l7qsxxj9pgki2k31rbmqqf2sb0x"; + }; + + nativeBuildInputs = kernel.moduleBuildDependencies; + + KERNEL_SRC="${kernel.dev}/lib/modules/${kernel.modDirVersion}/build"; + + buildPhase = '' + for d in ashmem binder;do + cd $d + make + cd - + done + ''; + + installPhase = '' + modDir=$out/lib/modules/${kernel.modDirVersion}/kernel/updates/ + mkdir -p $modDir + for d in ashmem binder;do + mv $d/$d*.ko $modDir/. + done + ''; + + meta = with stdenv.lib; { + description = "Anbox ashmem and binder drivers."; + homepage = https://github.com/anbox/anbox-modules; + license = licenses.gpl2; + platforms = platforms.linux; + broken = (versionOlder kernel.version "4.4") || (kernel.features.grsecurity); + maintainers = with maintainers; [ edwtjo ]; + }; + +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index d95ef3723e25..aa6766052ad2 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14762,6 +14762,8 @@ in amdgpu-pro = callPackage ../os-specific/linux/amdgpu-pro { }; + anbox = callPackage ../os-specific/linux/anbox/kmod.nix { }; + batman_adv = callPackage ../os-specific/linux/batman-adv {}; bcc = callPackage ../os-specific/linux/bcc { From 07632cbaab66e119f9b9cc605897e5d37373bdaa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Edward=20Tj=C3=B6rnhammar?= Date: Sat, 3 Nov 2018 19:33:58 +0100 Subject: [PATCH 2/4] properties-cpp: init at 0.0.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Luke Adams Co-authored-by: Volth Co-authored-by: Jörg Thalheim --- .../libraries/properties-cpp/default.nix | 27 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/development/libraries/properties-cpp/default.nix diff --git a/pkgs/development/libraries/properties-cpp/default.nix b/pkgs/development/libraries/properties-cpp/default.nix new file mode 100644 index 000000000000..06444e776703 --- /dev/null +++ b/pkgs/development/libraries/properties-cpp/default.nix @@ -0,0 +1,27 @@ +{ stdenv, lib, fetchurl, cmake, pkgconfig, gtest, doxygen +, graphviz, lcov, writeText }: + +stdenv.mkDerivation rec { + pname = "properties-cpp"; + version = "0.0.1"; + + src = let srcver = version+"+14.10.20140730"; in + fetchurl { + url = "https://launchpad.net/ubuntu/+archive/primary/+files/${pname}_${srcver}.orig.tar.gz"; + sha256 = "08vjyv7ibn6jh2ikj5v48kjpr3n6hlkp9qlvdn8r0vpiwzah0m2w"; + }; + + buildInputs = [ cmake gtest doxygen pkgconfig graphviz lcov ]; + + patchPhase = '' + sed -i "/add_subdirectory(tests)/d" CMakeLists.txt + ''; + + meta = with stdenv.lib; { + homepage = https://launchpad.net/properties-cpp; + description = "A very simple convenience library for handling properties and signals in C++11."; + license = licenses.lgpl3; + maintainers = with maintainers; [ edwtjo ]; + }; + +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index aa6766052ad2..7c8f02a0f9a9 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -19012,6 +19012,8 @@ in python = python3; } // (config.profanity or {})); + properties-cpp = callPackage ../development/libraries/properties-cpp { }; + protonmail-bridge = libsForQt511.callPackage ../applications/networking/protonmail-bridge { }; psi = callPackage ../applications/networking/instant-messengers/psi { }; From e42b5d93266be2459e07b3631f76e1247acfec48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Edward=20Tj=C3=B6rnhammar?= Date: Sat, 3 Nov 2018 19:33:58 +0100 Subject: [PATCH 3/4] anbox: init at 2019-03-07 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Luke Adams Co-authored-by: Volth Co-authored-by: Jörg Thalheim Co-authored-by: Edward Tjörnhammar Co-authored-by: Gabriel Ebner --- pkgs/os-specific/linux/anbox/default.nix | 127 +++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 129 insertions(+) create mode 100644 pkgs/os-specific/linux/anbox/default.nix diff --git a/pkgs/os-specific/linux/anbox/default.nix b/pkgs/os-specific/linux/anbox/default.nix new file mode 100644 index 000000000000..bd85b6620ba6 --- /dev/null +++ b/pkgs/os-specific/linux/anbox/default.nix @@ -0,0 +1,127 @@ +{ stdenv, lib, fetchFromGitHub, fetchurl +, cmake, pkgconfig, dbus, makeWrapper +, gtest +, boost +, libcap +, systemd +, mesa +, libGL +, libglvnd +, glib +, git +, SDL2 +, SDL2_image +, properties-cpp +, protobuf +, protobufc +, python +, lxc +}: + +stdenv.mkDerivation rec { + pname = "anbox"; + version = "2019-03-07"; + + src = fetchFromGitHub { + owner = pname; + repo = pname; + rev = "d521e282965462e82465045ab95d4ae1c4619685"; + sha256 = "1wfx4bsyxvrjl16dq5pqgial8rnnsnxzbak2ap0waddz847czxwz"; + }; + + buildInputs = [ + cmake pkgconfig dbus boost libcap gtest systemd mesa glib + SDL2 SDL2_image protobuf protobufc properties-cpp lxc python + makeWrapper libGL + ]; + + patchPhase = '' + patchShebangs scripts + + cat >cmake/FindGMock.cmake <<'EOF' + add_library(gtest INTERFACE) + target_include_directories(gtest INTERFACE ${gtest.dev}/include) + target_link_libraries(gtest INTERFACE ${gtest}/lib/libgtest.so ''${CMAKE_THREAD_LIBS_INIT}) + add_dependencies(gtest GMock) + + add_library(gtest_main INTERFACE) + target_include_directories(gtest_main INTERFACE ${gtest.dev}/include) + target_link_libraries(gtest_main INTERFACE ${gtest}/lib/libgtest_main.so gtest) + + add_library(gmock INTERFACE) + target_include_directories(gmock INTERFACE ${gtest.dev}/include) + target_link_libraries(gmock INTERFACE ${gtest}/lib/libgmock.so gtest) + + add_library(gmock_main INTERFACE) + target_include_directories(gmock_main INTERFACE ${gtest.dev}/include) + target_link_libraries(gmock_main INTERFACE ${gtest}/lib/libgmock_main.so gmock gtest_main) + + set(GTEST_LIBRARIES gtest) + set(GTEST_MAIN_LIBRARIES gtest_main) + set(GMOCK_LIBRARIES gmock gmock_main) + set(GTEST_BOTH_LIBRARIES ''${GTEST_LIBRARIES} ''${GTEST_MAIN_LIBRARIES}) + EOF + ''; + + postInstall = '' + wrapProgram $out/bin/anbox \ + --prefix LD_LIBRARY_PATH : ${stdenv.lib.makeLibraryPath [libGL libglvnd]} \ + --prefix PATH : ${git}/bin + + mkdir -p $out/share/dbus-1/services/ + cat < $out/share/dbus-1/services/org.anbox.service + [D-BUS Service] + Name=org.anbox + Exec=$out/libexec/anbox-session-manager + END + + mkdir $out/libexec + cat > $out/libexec/anbox-session-manager < $out/bin/anbox-application-manager < Date: Sat, 3 Nov 2018 19:33:58 +0100 Subject: [PATCH 4/4] nixos/anbox: init module MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Luke Adams Co-authored-by: Volth Co-authored-by: Jörg Thalheim Co-authored-by: Edward Tjörnhammar Co-authored-by: Gabriel Ebner --- nixos/modules/module-list.nix | 1 + nixos/modules/virtualisation/anbox.nix | 144 +++++++++++++++++++++++++ 2 files changed, 145 insertions(+) create mode 100644 nixos/modules/virtualisation/anbox.nix diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index b2f2c1ac8cbc..c28d495dc982 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -873,6 +873,7 @@ ./tasks/trackpoint.nix ./tasks/powertop.nix ./testing/service-runner.nix + ./virtualisation/anbox.nix ./virtualisation/container-config.nix ./virtualisation/containers.nix ./virtualisation/docker.nix diff --git a/nixos/modules/virtualisation/anbox.nix b/nixos/modules/virtualisation/anbox.nix new file mode 100644 index 000000000000..9cb89e7b2926 --- /dev/null +++ b/nixos/modules/virtualisation/anbox.nix @@ -0,0 +1,144 @@ +{ config, lib, pkgs, ... }: + +with lib; + +let + + cfg = config.virtualisation.anbox; + kernelPackages = config.boot.kernelPackages; + addrOpts = v: addr: pref: name: { + address = mkOption { + default = addr; + type = types.str; + description = '' + IPv${toString v} ${name} address. + ''; + }; + + prefixLength = mkOption { + default = pref; + type = types.addCheck types.int (n: n >= 0 && n <= (if v == 4 then 32 else 128)); + description = '' + Subnet mask of the ${name} address, specified as the number of + bits in the prefix (${if v == 4 then "24" else "64"}). + ''; + }; + }; + +in + +{ + + options.virtualisation.anbox = { + + enable = mkEnableOption "Anbox"; + + image = mkOption { + default = pkgs.anbox.image; + example = literalExample "pkgs.anbox.image"; + type = types.package; + description = '' + Base android image for Anbox. + ''; + }; + + extraInit = mkOption { + type = types.lines; + default = ""; + description = '' + Extra shell commands to be run inside the container image during init. + ''; + }; + + ipv4 = { + container = addrOpts 4 "192.168.250.2" 24 "Container"; + gateway = addrOpts 4 "192.168.250.1" 24 "Host"; + + dns = mkOption { + default = "1.1.1.1"; + type = types.string; + description = '' + Container DNS server. + ''; + }; + }; + }; + + config = mkIf cfg.enable { + + assertions = singleton { + assertion = versionAtLeast (getVersion config.boot.kernelPackages.kernel) "4.18"; + message = "Anbox needs user namespace support to work properly"; + }; + + environment.systemPackages = with pkgs; [ anbox ]; + + boot.kernelModules = [ "ashmem_linux" "binder_linux" ]; + boot.extraModulePackages = [ kernelPackages.anbox ]; + + services.udev.extraRules = '' + KERNEL=="ashmem", NAME="%k", MODE="0666" + KERNEL=="binder*", NAME="%k", MODE="0666" + ''; + + virtualisation.lxc.enable = true; + networking.bridges.anbox0.interfaces = []; + networking.interfaces.anbox0.ipv4.addresses = [ cfg.ipv4.gateway ]; + + networking.nat = { + enable = true; + internalInterfaces = [ "anbox0" ]; + }; + + systemd.services.anbox-container-manager = let + anboxloc = "/var/lib/anbox"; + in { + description = "Anbox Container Management Daemon"; + + environment.XDG_RUNTIME_DIR="${anboxloc}"; + + wantedBy = [ "multi-user.target" ]; + after = [ "systemd-udev-settle.service" ]; + preStart = let + initsh = let + ip = cfg.ipv4.container.address; + gw = cfg.ipv4.gateway.address; + dns = cfg.ipv4.dns; + in + pkgs.writeText "nixos-init" ('' + #!/system/bin/sh + setprop nixos.version ${config.system.nixos.version} + + # we don't have radio + setprop ro.radio.noril yes + stop ril-daemon + + # speed up boot + setprop debug.sf.nobootanimation 1 + '' + cfg.extraInit); + initshloc = "${anboxloc}/rootfs-overlay/system/etc/init.goldfish.sh"; + in '' + mkdir -p ${anboxloc} + mkdir -p $(dirname ${initshloc}) + [ -f ${initshloc} ] && rm ${initshloc} + cp ${initsh} ${initshloc} + chown 100000:100000 ${initshloc} + chmod +x ${initshloc} + ''; + + serviceConfig = { + ExecStart = '' + ${pkgs.anbox}/bin/anbox container-manager \ + --data-path=${anboxloc} \ + --android-image=${cfg.image} \ + --container-network-address=${cfg.ipv4.container.address} \ + --container-network-gateway=${cfg.ipv4.gateway.address} \ + --container-network-dns-servers=${cfg.ipv4.dns} \ + --use-rootfs-overlay \ + --privileged + ''; + }; + }; + }; + +}