From 7663de114a365259f07425aa582b3c5890c00874 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 16 Mar 2018 09:58:54 +0000
Subject: [PATCH] lxd: 2.16 -> 3.0.0

---
 nixos/modules/tasks/filesystems/zfs.nix |   2 +
 nixos/modules/virtualisation/lxc.nix    |   5 +-
 nixos/modules/virtualisation/lxd.nix    |  60 +++++----
 pkgs/tools/admin/lxd/default.nix        |  38 ++++--
 pkgs/tools/admin/lxd/deps.nix           | 165 ------------------------
 5 files changed, 65 insertions(+), 205 deletions(-)
 delete mode 100644 pkgs/tools/admin/lxd/deps.nix

diff --git a/nixos/modules/tasks/filesystems/zfs.nix b/nixos/modules/tasks/filesystems/zfs.nix
index 50cf30cc48de..c3bf897d51fd 100644
--- a/nixos/modules/tasks/filesystems/zfs.nix
+++ b/nixos/modules/tasks/filesystems/zfs.nix
@@ -305,6 +305,8 @@ in
         }
       ];
 
+      virtualisation.lxd.zfsSupport = true;
+
       boot = {
         kernelModules = [ "spl" "zfs" ] ;
         extraModulePackages = with packages; [ spl zfs ];
diff --git a/nixos/modules/virtualisation/lxc.nix b/nixos/modules/virtualisation/lxc.nix
index 2310fe984325..9b5adaf08249 100644
--- a/nixos/modules/virtualisation/lxc.nix
+++ b/nixos/modules/virtualisation/lxc.nix
@@ -74,6 +74,9 @@ in
     systemd.tmpfiles.rules = [ "d /var/lib/lxc/rootfs 0755 root root -" ];
 
     security.apparmor.packages = [ pkgs.lxc ];
-    security.apparmor.profiles = [ "${pkgs.lxc}/etc/apparmor.d/lxc-containers" ];
+    security.apparmor.profiles = [
+      "${pkgs.lxc}/etc/apparmor.d/lxc-containers"
+      "${pkgs.lxc}/etc/apparmor.d/usr.bin.lxc-start"
+    ];
   };
 }
diff --git a/nixos/modules/virtualisation/lxd.nix b/nixos/modules/virtualisation/lxd.nix
index 4988886baf60..3e76cdacfc4b 100644
--- a/nixos/modules/virtualisation/lxd.nix
+++ b/nixos/modules/virtualisation/lxd.nix
@@ -15,28 +15,34 @@ in
 
   options = {
 
-    virtualisation.lxd.enable =
-      mkOption {
+    virtualisation.lxd = {
+      enable = mkOption {
         type = types.bool;
         default = false;
-        description =
-          ''
-            This option enables lxd, a daemon that manages
-            containers. Users in the "lxd" group can interact with
-            the daemon (e.g. to start or stop containers) using the
-            <command>lxc</command> command line tool, among others.
-          '';
+        description = ''
+          This option enables lxd, a daemon that manages
+          containers. Users in the "lxd" group can interact with
+          the daemon (e.g. to start or stop containers) using the
+          <command>lxc</command> command line tool, among others.
+        '';
       };
-
+      zfsSupport = mkOption {
+        type = types.bool;
+        default = false;
+        description = ''
+          enables lxd to use zfs as a storage for containers.
+          This option is enabled by default if a zfs pool is configured
+          with nixos.
+        '';
+      };
+    };
   };
 
-
   ###### implementation
 
   config = mkIf cfg.enable {
 
-    environment.systemPackages =
-      [ pkgs.lxd ];
+    environment.systemPackages = [ pkgs.lxd ];
 
     security.apparmor = {
       enable = true;
@@ -47,31 +53,31 @@ in
       packages = [ pkgs.lxc ];
     };
 
-    systemd.services.lxd =
-      { description = "LXD Container Management Daemon";
+    systemd.services.lxd = {
+      description = "LXD Container Management Daemon";
 
-        wantedBy = [ "multi-user.target" ];
-        after = [ "systemd-udev-settle.service" ];
+      wantedBy = [ "multi-user.target" ];
+      after = [ "systemd-udev-settle.service" ];
 
-        # TODO(wkennington): Add lvm2 and thin-provisioning-tools
-        path = with pkgs; [ acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables ];
+      path = lib.optional cfg.zfsSupport pkgs.zfs;
 
-        preStart = ''
-          mkdir -m 0755 -p /var/lib/lxc/rootfs
-        '';
+      preStart = ''
+        mkdir -m 0755 -p /var/lib/lxc/rootfs
+      '';
 
-        serviceConfig.ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --syslog --group lxd";
-        serviceConfig.Type = "simple";
-        serviceConfig.KillMode = "process"; # when stopping, leave the containers alone
+      serviceConfig = {
+        ExecStart = "@${pkgs.lxd.bin}/bin/lxd lxd --group lxd";
+        Type = "simple";
+        KillMode = "process"; # when stopping, leave the containers alone
       };
 
+    };
+
     users.extraGroups.lxd.gid = config.ids.gids.lxd;
 
     users.extraUsers.root = {
       subUidRanges = [ { startUid = 1000000; count = 65536; } ];
       subGidRanges = [ { startGid = 1000000; count = 65536; } ];
     };
-
   };
-
 }
diff --git a/pkgs/tools/admin/lxd/default.nix b/pkgs/tools/admin/lxd/default.nix
index 64ec5e9b418e..cfbb90fdc308 100644
--- a/pkgs/tools/admin/lxd/default.nix
+++ b/pkgs/tools/admin/lxd/default.nix
@@ -1,23 +1,37 @@
-{ stdenv, lib, pkgconfig, lxc, buildGoPackage, fetchFromGitHub }:
+{ stdenv, lib, pkgconfig, lxc, buildGoPackage, fetchurl
+, makeWrapper, acl, rsync, gnutar, xz, btrfs-progs, gzip, dnsmasq, squashfsTools, iproute, iptables
+}:
 
 buildGoPackage rec {
-  name = "lxd-${version}";
-  version = "2.16";
-  rev = "lxd-${version}";
+  name = "lxd-3.0.0";
 
   goPackagePath = "github.com/lxc/lxd";
 
-  src = fetchFromGitHub {
-    inherit rev;
-    owner = "lxc";
-    repo = "lxd";
-    sha256 = "0i2mq9m8k9kznwz1i0xb48plp1ffpzvbdrvqvagis4sm17yab3fn";
+  src = fetchurl {
+    url = "https://github.com/lxc/lxd/releases/download/${name}/${name}.tar.gz";
+    sha256 = "0m5prdf9sk8k5bws1zva4n9ycggmy76wnjr6wb423066pszz24ww";
   };
 
-  goDeps = ./deps.nix;
+  preBuild = ''
+    # unpack vendor
+    pushd go/src/github.com/lxc/lxd
+    rm dist/src/github.com/lxc/lxd
+    cp -r dist/src/* ../../..
+    rm -r dist
+    popd
+  '';
 
-  nativeBuildInputs = [ pkgconfig ];
-  buildInputs = [ lxc ];
+  postInstall = ''
+    # binaries from test/
+    rm $bin/bin/{deps,macaroon-identity}
+
+    wrapProgram $bin/bin/lxd --prefix PATH ":" ${stdenv.lib.makeBinPath [
+      acl rsync gnutar xz btrfs-progs gzip dnsmasq squashfsTools iproute iptables
+    ]}
+  '';
+
+  nativeBuildInputs = [ pkgconfig makeWrapper ];
+  buildInputs = [ lxc acl ];
 
   meta = with stdenv.lib; {
     description = "Daemon based on liblxc offering a REST API to manage containers";
diff --git a/pkgs/tools/admin/lxd/deps.nix b/pkgs/tools/admin/lxd/deps.nix
deleted file mode 100644
index e0f591a23d1e..000000000000
--- a/pkgs/tools/admin/lxd/deps.nix
+++ /dev/null
@@ -1,165 +0,0 @@
-# This file was generated by https://github.com/kamilchm/go2nix v1.2.0
-[
-  {
-    goPackagePath = "github.com/dustinkirkland/golang-petname";
-    fetch = {
-      type = "git";
-      url = "https://github.com/dustinkirkland/golang-petname";
-      rev = "4f77bdee0b67a08d17afadc0d5a4a3d1cb7d8d14";
-      sha256 = "1cizm3xywsp9vc381k02dhjq5a6c772wc05w60m4gfdmp2kmd4di";
-    };
-  }
-  {
-    goPackagePath = "github.com/golang/protobuf";
-    fetch = {
-      type = "git";
-      url = "https://github.com/golang/protobuf";
-      rev = "2bba0603135d7d7f5cb73b2125beeda19c09f4ef";
-      sha256 = "1xy0bj66qks2xlzxzlfma16w7m8g6rrwawmlhlv68bcw2k5hvvib";
-    };
-  }
-  {
-    goPackagePath = "github.com/gorilla/mux";
-    fetch = {
-      type = "git";
-      url = "https://github.com/gorilla/mux";
-      rev = "599cba5e7b6137d46ddf58fb1765f5d928e69604";
-      sha256 = "0wd6jjii1kg5s0nk3ri6gqriz6hbd6bbcn6x4jf8n7ncrb8qsxyz";
-    };
-  }
-  {
-    goPackagePath = "github.com/gorilla/websocket";
-    fetch = {
-      type = "git";
-      url = "https://github.com/gorilla/websocket";
-      rev = "a91eba7f97777409bc2c443f5534d41dd20c5720";
-      sha256 = "13cg6wwkk2ddqbm0nh9fpx4mq7f6qym12ch4lvs53n028ycdgw87";
-    };
-  }
-  {
-    goPackagePath = "github.com/mattn/go-colorable";
-    fetch = {
-      type = "git";
-      url = "https://github.com/mattn/go-colorable";
-      rev = "ded68f7a9561c023e790de24279db7ebf473ea80";
-      sha256 = "0q019h59jq815jfl9rgk4yrpkn5rpcx9s6dksdm48rp1abafwvfc";
-    };
-  }
-  {
-    goPackagePath = "github.com/mattn/go-sqlite3";
-    fetch = {
-      type = "git";
-      url = "https://github.com/mattn/go-sqlite3";
-      rev = "cf7286f069c3ef596efcc87781a4653a2e7607bd";
-      sha256 = "19ipf6bf1xd7w2fm8dnv5my4jp3lhwhlrhfwhwq559amp1h4nwyq";
-    };
-  }
-  {
-    goPackagePath = "github.com/pborman/uuid";
-    fetch = {
-      type = "git";
-      url = "https://github.com/pborman/uuid";
-      rev = "1b00554d822231195d1babd97ff4a781231955c9";
-      sha256 = "0rjkcf85sagdwzsycj1bbjyx5bgmrc1i8l5qf1f44z24rhbbkaan";
-    };
-  }
-  {
-    goPackagePath = "github.com/syndtr/gocapability";
-    fetch = {
-      type = "git";
-      url = "https://github.com/syndtr/gocapability";
-      rev = "e7cb7fa329f456b3855136a2642b197bad7366ba";
-      sha256 = "1i65kyjhbaya45zj9zqkb17plbqf92sfvl9fcz9s9qslg0qab2i1";
-    };
-  }
-  {
-    goPackagePath = "golang.org/x/crypto";
-    fetch = {
-      type = "git";
-      url = "https://go.googlesource.com/crypto";
-      rev = "3543873453996aaab2fc6b3928a35fc5ca2b5afb";
-      sha256 = "1d7pjqzh5893mzkz60bv5ypmr9zgyvb9z2gvcjrsqniwcqlhbk2c";
-    };
-  }
-  {
-    goPackagePath = "golang.org/x/net";
-    fetch = {
-      type = "git";
-      url = "https://go.googlesource.com/net";
-      rev = "da118f7b8e5954f39d0d2130ab35d4bf0e3cb344";
-      sha256 = "09xpndqc6a2r0lw42cyl1pkhfddl01sd9c3qqjjwp3vmxm004whv";
-    };
-  }
-  {
-    goPackagePath = "gopkg.in/flosch/pongo2.v3";
-    fetch = {
-      type = "git";
-      url = "https://gopkg.in/flosch/pongo2.v3";
-      rev = "5e81b817a0c48c1c57cdf1a9056cf76bdee02ca9";
-      sha256 = "0fd7d79644zmcirsb1gvhmh0l5vb5nyxmkzkvqpmzzcg6yfczph8";
-    };
-  }
-  {
-    goPackagePath = "gopkg.in/inconshreveable/log15.v2";
-    fetch = {
-      type = "git";
-      url = "https://gopkg.in/inconshreveable/log15.v2";
-      rev = "b105bd37f74e5d9dc7b6ad7806715c7a2b83fd3f";
-      sha256 = "18rldvi60i7b3lljfrsqgcc24gdkw2pcixxydznyggaqhh96l6a8";
-    };
-  }
-  {
-    goPackagePath = "gopkg.in/lxc/go-lxc.v2";
-    fetch = {
-      type = "git";
-      url = "https://gopkg.in/lxc/go-lxc.v2";
-      rev = "8304875cc3423823032ec93556beee076c6ba687";
-      sha256 = "12vrx9ilxkl1nxc5k81c6b2a1i715843r23fra681digdjnd8bpk";
-    };
-  }
-  {
-    goPackagePath = "gopkg.in/tomb.v2";
-    fetch = {
-      type = "git";
-      url = "https://gopkg.in/tomb.v2";
-      rev = "d5d1b5820637886def9eef33e03a27a9f166942c";
-      sha256 = "1sv15sri99szkdz1bkh0ir46w9n8prrwx5hfai13nrhkawfyfy10";
-    };
-  }
-  {
-    goPackagePath = "gopkg.in/yaml.v2";
-    fetch = {
-      type = "git";
-      url = "https://gopkg.in/yaml.v2";
-      rev = "cd8b52f8269e0feb286dfeef29f8fe4d5b397e0b";
-      sha256 = "1hj2ag9knxflpjibck0n90jrhsrqz7qvad4qnif7jddyapi9bqzl";
-    };
-  }
-  {
-      goPackagePath = "github.com/gosexy/gettext";
-      fetch = {
-        type = "git";
-        url = "https://github.com/gosexy/gettext";
-        rev = "74466a0a0c4a62fea38f44aa161d4bbfbe79dd6b";
-        sha256 = "0asphx8nd7zmp88wk6aakk5292np7yw73akvfdvlvs9q5r5ahkgi";
-      };
-  }
-  {
-      goPackagePath = "github.com/olekukonko/tablewriter";
-      fetch = {
-        type = "git";
-        url = "https://github.com/olekukonko/tablewriter";
-        rev = "febf2d34b54a69ce7530036c7503b1c9fbfdf0bb";
-        sha256 = "1ir7bs4m5rk8v9vpycjj7mn6sc6j9wvxkd63i9b6fmrdsx9q0x4g";
-      };
-  }
-  {
-      goPackagePath = "github.com/mattn/go-runewidth";
-      fetch = {
-        type = "git";
-        url = "https://github.com/mattn/go-runewidth";
-        rev = "14207d285c6c197daabb5c9793d63e7af9ab2d50";
-        sha256 = "0y6yq9zd4kh7fimnc00r3h9pr2pwa5j85b3jcn5dyfamsnm2xdsv";
-      };
-  }
-]