From d0ddd53bcc8efb9dd09544db08a6c459271ae112 Mon Sep 17 00:00:00 2001
From: Sridhar Ratnakumar <srid@srid.ca>
Date: Thu, 30 Sep 2021 01:23:17 +0000
Subject: [PATCH] add nixos-wsl config

---
 hosts/wsl.nix           | 54 +++++++++++++++++++++++++++++++++++++++++
 hosts/wsl/syschdemd.nix | 15 ++++++++++++
 hosts/wsl/syschdemd.sh  | 26 ++++++++++++++++++++
 3 files changed, 95 insertions(+)
 create mode 100644 hosts/wsl.nix
 create mode 100644 hosts/wsl/syschdemd.nix
 create mode 100644 hosts/wsl/syschdemd.sh

diff --git a/hosts/wsl.nix b/hosts/wsl.nix
new file mode 100644
index 0000000..4ab70d7
--- /dev/null
+++ b/hosts/wsl.nix
@@ -0,0 +1,54 @@
+{ lib, pkgs, config, modulesPath, ... }:
+
+with lib;
+let
+  defaultUser = "srid";
+  syschdemd = import ./wsl/syschdemd.nix { inherit lib pkgs config defaultUser; };
+in
+{
+  imports = [
+    "${modulesPath}/profiles/minimal.nix"
+  ];
+
+  # WSL is closer to a container than anything else
+  boot.isContainer = true;
+
+  environment.etc.hosts.enable = false;
+  environment.etc."resolv.conf".enable = false;
+
+  networking.dhcpcd.enable = false;
+  networking.hostName = "wsl";
+
+  users.users.${defaultUser} = {
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+  };
+
+  users.users.root = {
+    shell = "${syschdemd}/bin/syschdemd";
+    # Otherwise WSL fails to login as root with "initgroups failed 5"
+    extraGroups = [ "root" ];
+  };
+
+  nix = {
+    package = pkgs.nixUnstable;
+    extraOptions = ''
+      experimental-features = nix-command flakes
+    '';
+   };
+
+  security.sudo.wheelNeedsPassword = false;
+
+  # Disable systemd units that don't make sense on WSL
+  systemd.services."serial-getty@ttyS0".enable = false;
+  systemd.services."serial-getty@hvc0".enable = false;
+  systemd.services."getty@tty1".enable = false;
+  systemd.services."autovt@".enable = false;
+
+  systemd.services.firewall.enable = false;
+  systemd.services.systemd-resolved.enable = false;
+  systemd.services.systemd-udevd.enable = false;
+
+  # Don't allow emergency mode, because we don't have a console.
+  systemd.enableEmergencyMode = false;
+}
diff --git a/hosts/wsl/syschdemd.nix b/hosts/wsl/syschdemd.nix
new file mode 100644
index 0000000..29b7817
--- /dev/null
+++ b/hosts/wsl/syschdemd.nix
@@ -0,0 +1,15 @@
+{ lib, pkgs, config, defaultUser, ... }:
+
+pkgs.substituteAll {
+  name = "syschdemd";
+  src = ./syschdemd.sh;
+  dir = "bin";
+  isExecutable = true;
+
+  buildInputs = with pkgs; [ daemonize ];
+
+  inherit (pkgs) daemonize;
+  inherit defaultUser;
+  inherit (config.security) wrapperDir;
+  fsPackagesPath = lib.makeBinPath config.system.fsPackages;
+}
diff --git a/hosts/wsl/syschdemd.sh b/hosts/wsl/syschdemd.sh
new file mode 100644
index 0000000..bf94dda
--- /dev/null
+++ b/hosts/wsl/syschdemd.sh
@@ -0,0 +1,26 @@
+#! @shell@
+
+set -e
+
+sw="/nix/var/nix/profiles/system/sw/bin"
+systemPath=`${sw}/readlink -f /nix/var/nix/profiles/system`
+
+# Needs root to work
+if [[ $EUID -ne 0 ]]; then
+    echo "[ERROR] Requires root! :( Make sure the WSL default user is set to root"
+    exit 1
+fi
+
+if [ ! -e "/run/current-system" ]; then
+    /nix/var/nix/profiles/system/activate
+fi
+
+if [ ! -e "/run/systemd.pid" ]; then
+    PATH=/run/current-system/systemd/lib/systemd:@fsPackagesPath@ \
+        LOCALE_ARCHIVE=/run/current-system/sw/lib/locale/locale-archive \
+        @daemonize@/bin/daemonize /run/current-system/sw/bin/unshare -fp --mount-proc systemd
+    /run/current-system/sw/bin/pgrep -xf systemd > /run/systemd.pid
+fi
+
+userShell=$($sw/getent passwd @defaultUser@ | $sw/cut -d: -f7)
+exec $sw/nsenter -t $(< /run/systemd.pid) -p -m --wd="$PWD" -- @wrapperDir@/su -s $userShell @defaultUser@ "$@"