Package MirageOS

[copumpkin]

I'd love to be able to play with MirageOS and we have a decent amount of the underlying OCaml machinery and libraries already packaged. Would be cool to make carefully tailored MirageOS images inside Nix.

cc @maurer @vbgl as OCaml users I know of

[copumpkin]

I've been doing this while doing something else. Will push up what I have soon.

[copumpkin]

This is done but a bit messy on my local machine. I'll clean it up then push it up later.

[timbertson]

I do have mirageOS working under opam2nix (https://github.com/timbertson/opam2nix-packages), if that helps. I don't know if/when it'll be ready to merge into nix proper, but it could be a less arduous way of tracking opam upstream.

[copumpkin]

Oh that'll be nice. I need it in a non-OCaml package in the short term, unfortunately, so I'll probably merge my work soon regardless, then we can replace it with opam2nix!

[vbgl]

Any news on this topic? Thanks.

[puffnfresh]

@copumpkin this would help with my work on VPNKit!

[et4te]

I got it working here: https://gitlab.com/et4te/igloo/blob/master/nix/default.nix briefly. It uses opam2nix but unfortunately stopped working upon updating nixpkgs to master.

these derivations will be built:
  /nix/store/0lrmxbsvb4dhkks6xr5h18kziak0vd60-ppx_tools-5.0+4.05.0.drv
  /nix/store/sjpx9gv0gc1lanf8g478xxiyfznldx5b-result-1.3.drv
  /nix/store/31bv1427blk29czp782k84286av5qrw1-topkg-0.9.1.drv
  /nix/store/8g0mwwszzngr4d067jycwxgbymis58j0-rresult-0.5.0.drv
  /nix/store/gkgbfaafb7gw1xbcnsz0hbcfmpchm8k9-astring-0.8.3.drv
  /nix/store/mdc449m14vpdw5zfrz65sx5jmli0x8zz-fpath-0.7.2.drv
  /nix/store/i80yg72yq84sq51mybkkwjhkmycj4lq1-lwt-4.1.0.drv
  /nix/store/azwfaxx9ilxdirnrnphbxibmbj6jsjkh-uchar-0.0.2.drv
  /nix/store/zqx0saib7g336mw4l52ixmafcdqj2gz7-cmdliner-1.0.2.drv
  /nix/store/wjmkvs5vznfd3qhvbc3vhaj1cwhlzc60-fmt-0.8.5.drv
  /nix/store/w5zna8saygaz1mqhxsk4828gjynqrnpb-logs-0.6.2.drv
  /nix/store/pq8x1h11814y6678691pydzmn5if5437-bos-0.2.0.drv
  /nix/store/0r2zkvrfr1hhlak391jka63nnmvm6clk-functoria-2.2.1.drv
  /nix/store/8h5ddxsjmlh5svi4mcqrcr9ik7jg39fs-functoria-runtime-2.2.1.drv
  /nix/store/w2q091i732mf1f8g7316xngh1wgbzyaz-sexplib0-v0.11.0.drv
  /nix/store/xh8n5dkd982xlaiqm91mdcgb2v88yw1a-base-v0.11.1.drv
  /nix/store/dl2aa0lqrs5527l1j2bifbgdcnf37fws-stdio-v0.11.0.drv
  /nix/store/r8a2znidy50v2adh9vsp40jp4mcwrz68-ocaml-migrate-parsetree-1.0.11.drv
  /nix/store/m3gx8ikns7639nn7pj8bym3ns6d3f8dy-ppxlib-0.3.0.drv
  /nix/store/pxaanrh6illli14zllc1x4k92anyy0z0-ppx_sexp_conv-v0.11.2.drv
  /nix/store/z70vcn0axfxz076spk26bybabvwnpzn6-parsexp-v0.11.0.drv
  /nix/store/pz9qc8grz232y1b9c5wzgkgr7s9h9zrj-sexplib-v0.11.0.drv
  /nix/store/99h5fwbks54jvq4ryv616gj38xfdv4m8-ipaddr-2.8.0.drv
  /nix/store/0n2bw2wppyn8kcvv6vli0xbz04ziss10-mirage-runtime-3.1.1.drv
  /nix/store/7zap3ch8w69fihf67z9rvkgl251vgcv9-cstruct-3.2.1.drv
  /nix/store/5jps1xq63bmagpf42nk71q0wm3x5m00j-mirage-flow-1.5.0.drv
  /nix/store/8v07ak9vxpm6s8gynchl05y4f5gkva44-duration-0.1.1.drv
  /nix/store/hssppshnpp00qrip34cf0xxl4gnihsag-mirage-device-1.1.0.drv
  /nix/store/gjc9v8p0flm5xr55v85ys9zi847wsw6c-mirage-protocols-1.3.0.drv
  /nix/store/3dyn9aybys7ck6z5hffsrwvsnfac8h4f-mirage-protocols-lwt-1.3.0.drv
  /nix/store/7xb2fzayl719nr2d9rrsszwk1lc2bv6r-mirage-block-1.1.0.drv
  /nix/store/cqazfjm25myzxz299ic38inpd7fba98j-configurator-v0.11.0.drv
  /nix/store/vm8ry6l5mira5qm15ngcvsas3lppac0x-io-page-2.0.1.drv
  /nix/store/7v282gldjbrrwj603a45zw29409gj5lc-mirage-block-lwt-1.1.0.drv
  /nix/store/32fi471r7ww55cra5kq8y6d1r02l788k-mirage-console-2.3.5.drv
  /nix/store/5p4gv81r35ag7jkgc3d4sw41gfjsppy1-cstruct-lwt-3.2.1.drv
  /nix/store/940h2h63h8swpvqr20z44dly0q6cazk0-mirage-console-lwt-2.3.5.drv
  /nix/store/1wkgm5kks8r8s1xyb0rl0bqm2qrs1m13-mirage-fs-1.1.1.drv
  /nix/store/2ahxi1h5gyv6hzfm3z8ssn90hpp5vj4h-mirage-kv-1.1.1.drv
  /nix/store/b8ipajhzm79i4nj5i7rcskgig8bpifj6-mirage-kv-lwt-1.1.0.drv
  /nix/store/9j7xiqxcn90hy25hl1c2168af1n688cd-mirage-fs-lwt-1.1.1.drv
  /nix/store/8bkyj4954q5fm89ajyd2r23pal7yawsw-mirage-channel-3.1.0.drv
  /nix/store/a1km0x4ds4jwx3xbady92hrad11d8b0s-io-page-unix-2.0.1.drv
  /nix/store/zj9h8z66dx8snq4j287gs2r23718vh1l-mirage-clock-1.3.0.drv
  /nix/store/rrrxhd3n4r45ndzrjwc6vylxkaj05mgy-mirage-flow-lwt-1.5.0.drv
  /nix/store/9mcinjc5a6wv5rq9xaxd6n4xlfbssgng-mirage-channel-lwt-3.1.0.drv
  /nix/store/g73gyg1ll2gg1w269n4lm8rrz0qkzjqa-mirage-random-1.1.0.drv
  /nix/store/7j6m3jgsbakhpab5fy9y3s6z47d6xa2q-mirage-net-1.1.1.drv
  /nix/store/hrrk6z1f33x16c9bx7pq90j4jvaczlv6-mirage-net-lwt-1.1.0.drv
  /nix/store/jawkqv8r9qnd6kcpnh5kqc7nj7llpn4w-mirage-clock-lwt-1.3.0.drv
  /nix/store/xrik6qaafrxgs3nwgl0f12kwq9ffh2jv-mirage-stack-1.2.0.drv
  /nix/store/zq42irdq3gpiwkwsl8isvifgynxvrgbg-mirage-time-1.1.0.drv
  /nix/store/k8syks1mifwlhs8pxcsqd9bzzlimsx8z-mirage-types-3.1.1.drv
  /nix/store/m49z0s11iqz7xizlnyc33r4bcwlz2dvn-mirage-time-lwt-1.1.0.drv
  /nix/store/pd97j7caz63mn1hls1cwmwly7hc9wilk-mirage-stack-lwt-1.2.0.drv
  /nix/store/1g5k9pk6pgy23kipi7vwmqaqihgb3a6i-mirage-types-lwt-3.1.1.drv
  /nix/store/1sw3qm9cgvd5q33dhda9cdq7byjx3y2k-ppx_optcomp-v0.11.0.drv
  /nix/store/9lgz0rqfiwzvf7pzimyxc3vv6fpkxplc-variantslib-v0.11.0.drv
  /nix/store/33z83yb0cp55k73lv671yxh0xp2n4sz2-ppx_variants_conv-v0.11.1.drv
  /nix/store/5cvapm7al4rfhknmln40f47d6s90phsk-fieldslib-v0.11.0.drv
  /nix/store/dbfbnapaihvc2f6m7sjcf01ylbal45ky-ppx_fields_conv-v0.11.0.drv
  /nix/store/k3lwx3riic1zl274ny7azfsi3k0vgpb2-ppx_compare-v0.11.1.drv
  /nix/store/r317sqnp4534z0ryjrqj0nlk75gmnc9z-ppx_custom_printf-v0.11.0.drv
  /nix/store/imq4sl4myxqxyqcfv1aszpv98b7v9pir-bin_prot-v0.11.0.drv
  /nix/store/k1ivxz4nb1d7h9k2idpi81xz9ii72s3w-ppx_here-v0.11.0.drv
  /nix/store/6j8vj0ajbj4abpjqxkv9mskbw32nipk7-ppx_bin_prot-v0.11.1.drv
  /nix/store/h2mspgxv8b4acd77q0l5kcrg78kggzbx-ppx_inline_test-v0.11.0.drv
  /nix/store/ajdn70grdvqmslybwwnc4mz08l8yc67i-ppx_bench-v0.11.0.drv
  /nix/store/h9rijw7ycr2kpqj1fa3x1dphawgg4qpx-ppx_fail-v0.11.0.drv
  /nix/store/m71h94gny118cnslzl1xc9avxzbkqghz-octavius-1.2.0.drv
  /nix/store/pgvp2p8hsy4675xi8mkwcapbpcvfznb0-ppx_js_style-v0.11.0.drv
  /nix/store/v9p5qs6x49n6nbriyljbbd70p1hlm7jh-ppx_enumerate-v0.11.1.drv
  /nix/store/yiim0lfjdlbzi81da33r3a9lcyi4f2z7-ppx_hash-v0.11.1.drv
  /nix/store/i2fjbbz0yblhdffm7372v96mc00sqmrw-ppx_base-v0.11.0.drv
  /nix/store/v5hkbzw5s5j5p3cbg8hllxzlvlh2ynx7-typerep-v0.11.0.drv
  /nix/store/iklh8m70mhp2gncmhdbapz53labpphgq-ppx_typerep_conv-v0.11.1.drv
  /nix/store/iprhcv3bmkng4f0k8xhg5wq2ddqqxsam-ppx_let-v0.11.0.drv
  /nix/store/k7npbdyj5k3xm48dx9l01xdzihsndaa1-ppx_sexp_value-v0.11.0.drv
  /nix/store/pxzf89nsqz7ia4pfgvlirhhjvh9609rk-ppx_optional-v0.11.0.drv
  /nix/store/jgvyh2sv6k1drbznyq4bvif3w9pk2zvw-seq-0.1.drv
  /nix/store/cwv45izcf90kxli0hmlzgn6xp84p0252-re-1.8.0.drv
  /nix/store/wwz1ynbhmd051am3wb39m6kmkavdsca1-ppx_assert-v0.11.0.drv
  /nix/store/w444r2a4sb3pzwwycngd1iiwb0l7jag3-ppx_expect-v0.11.0.drv
  /nix/store/wrcs54c0xd9a56n63241mqafmxvl367g-ppx_pipebang-v0.11.0.drv
  /nix/store/x52gfyqnz71dy95niahx08m4n8rdc6ib-ppx_sexp_message-v0.11.0.drv
  /nix/store/4dh7inpb953gw6i913qm15qigvznkp62-ppx_jane-v0.11.0.drv
  /nix/store/xfw7wi8k89fi1jna8bm3296alf79cl0n-splittable_random-v0.11.0.drv
  /nix/store/2d8rls3yymypis95b4cm4rmp7hljrdmw-core_kernel-v0.11.1.drv
  /nix/store/42057624hmlbibkmj6ssy2kgqlhgnlbz-zarith-1.7.drv
  /nix/store/6z466i7pljsmilqvfx473wjz7sp8pqjh-tuntap-1.6.1.drv
  /nix/store/485f9xzcgs344k7bd367km8x609jlp6b-mirage-net-unix-2.4.1.drv
  /nix/store/846by83qpklasyp8zn9va80wan9hwdrk-mirage-3.1.1.drv
  /nix/store/p5axz2g2l0w6wf0myf02iglwr73hy93d-ptime-0.8.4.drv
  /nix/store/gb0h45kzy315krwzr1k53f24qa3a2hsf-ppx_tools_versioned-5.2.drv
  /nix/store/i36rx8r4z6n09bzky2fdrh2y2lc49w1b-ppx_cstruct-3.2.1.drv
  /nix/store/pvc1xf3ank1xm8g0535gp5mx9afz1j3v-mirage-profile-0.8.2.drv
  /nix/store/8l1d9dlyh9isrkzn74ar957ip2vnw7kl-mirage-logs-0.3.0.drv
  /nix/store/8qrbwbbmml18gbb7412bhwqqwnwvk1mb-randomconv-0.1.0.drv
  /nix/store/9p6x86r34waxwhl02s5fmrl6rr34wwpk-cppo_ocamlbuild-1.6.0.drv
  /nix/store/c4zfl8fbp560izq0ylcc672ij8sa3fj2-mirage-unix-3.0.8.drv
  /nix/store/jlx4nvrhalnnbhqlh0apcnma2m952894-ppx_deriving-4.2.1.drv
  /nix/store/zxnr01hh5gn6mlikn5sfrrjmg18ypyw3-mirage-clock-unix-1.4.1.drv
  /nix/store/nkmlizq4cpvc90lkgwwjzg4yydmly35c-tcpip-3.4.2.drv
  /nix/store/s496b4ads1100rsbr8kap6rk874cx7gz-mirage-console-unix-2.3.5.drv
  /nix/store/vsmi6cp39zn5781wlbksxz7x2d094qsd-lwt_ppx-1.2.1.drv
  /nix/store/qngv8kn7asclj4fwdd795waii7gnlvbq-igloo.drv
building '/nix/store/42057624hmlbibkmj6ssy2kgqlhgnlbz-zarith-1.7.drv'...
building '/nix/store/9p6x86r34waxwhl02s5fmrl6rr34wwpk-cppo_ocamlbuild-1.6.0.drv'...
building '/nix/store/0lrmxbsvb4dhkks6xr5h18kziak0vd60-ppx_tools-5.0+4.05.0.drv'...
building '/nix/store/sjpx9gv0gc1lanf8g478xxiyfznldx5b-result-1.3.drv'...
unpacking sources
unpacking source archive /nix/store/v449shlgsfkfvkpmacc1p4v6gmrvq1hx-5.0+4.05.0.tar.gz
source root is ppx_tools-5.0-4.05.0
setting SOURCE_DATE_EPOCH to timestamp 1488115400 of file ppx_tools-5.0-4.05.0/rewriter.ml
patching sources
configuring
building
unpacking sources
Loading /nix/store/71pd5hg18fh1497l6qm3sfsbfnqmi0cs-opam
creating /nix/store/simqzq3v97q45wk1wyzxc6172snmdkwb-ppx_tools-5.0+4.05.0/bin
+ make all
unpacking source archive /nix/store/bngbfbn0qd8l0kylvrdqnmlqiv3axvmf-result-1.3.tbz
source root is result-1.3
ocamlc -bin-annot -w +A-4-17-44-45 -I +compiler-libs -safe-string -c ast_convenience.mli
ocamlc -bin-annot -w +A-4-17-44-45 -I +compiler-libs -safe-string -c ast_convenience.ml
setting SOURCE_DATE_EPOCH to timestamp 1517821444 of file result-1.3/which_result.ml
patching sources
configuring
building
Loading /nix/store/vv2s9g2mcjc7qj5wxrx6i8b6vqzkrdil-opam
creating /nix/store/6zb7vi40rlbr562b4kcn5xk0kgjk9yr6-result-1.3/bin
+ jbuilder build -p result -j 1
ocamlc -bin-annot -w +A-4-17-44-45 -I +compiler-libs -safe-string -c ast_mapper_class.mli
ocamlc -bin-annot -w +A-4-17-44-45 -I +compiler-libs -safe-string -c ast_mapper_class.ml
unpacking sources
unpacking source archive /nix/store/20v43p34jr9nmcyppxls5j05x2hq3dyw-release-1.7.tar.gz
File "ast_mapper_class.ml", line 41, characters 40-41:
Error: This expression has type Parsetree.object_field list
       but an expression was expected of type
         ('a * Parsetree.attributes * Parsetree.core_type) list
       Type Parsetree.object_field is not compatible with type
         'a * Parsetree.attributes * Parsetree.core_type
make: *** [Makefile:69: ast_mapper_class.cmo] Error 2
Command failed.
source root is Zarith-release-1.7
builder for '/nix/store/0lrmxbsvb4dhkks6xr5h18kziak0vd60-ppx_tools-5.0+4.05.0.drv' failed with exit code 2
building '/nix/store/m71h94gny118cnslzl1xc9avxzbkqghz-octavius-1.2.0.drv'...
cannot build derivation '/nix/store/jlx4nvrhalnnbhqlh0apcnma2m952894-ppx_deriving-4.2.1.drv': 1 dependencies couldn't be built
building '/nix/store/jgvyh2sv6k1drbznyq4bvif3w9pk2zvw-seq-0.1.drv'...
building '/nix/store/w2q091i732mf1f8g7316xngh1wgbzyaz-sexplib0-v0.11.0.drv'...
building '/nix/store/azwfaxx9ilxdirnrnphbxibmbj6jsjkh-uchar-0.0.2.drv'...
cannot build derivation '/nix/store/qngv8kn7asclj4fwdd795waii7gnlvbq-igloo.drv': 1 dependencies couldn't be built
error: build of '/nix/store/qngv8kn7asclj4fwdd795waii7gnlvbq-igloo.drv' failed

[deliciouslytyped]

I will be going to Bobkonf this friday (would be nice to meet with any nix-ers! :D ) and there's going to be a tutorial on MirageOS (https://bobkonf.de/2019/mehnert.html). I haven't used any of the ocaml infrastructure yet and I don't know how much work I can put into it over the week, but it would be nice if someone could have another peek at this?

@copumpkin did you manage to post any of your work?

[deliciouslytyped]

For the record, I tried just using opam and following https://mirage.io/wiki/install and https://mirage.io/wiki/hello-world ; and that seems to have worked pretty much flawlessly. I just tried running the noop example and there were no problems.

[armijnhemel]

I had a very quick chat with Hannes from MirageOS people and he is intrigued. So whoever wants to work on this should contact him, if this is still relevant (because of for example b90908aead3a4bad4d122b3f1d2bfacd0cfd1677 )

[ehmry]

I've built the Mirage tool with Nix before: https://github.com/ehmry/mirage-nix

[Ericson2314]

Great! I've long wanted to see something along these lines. That would be @hannesm?

Another thing I've long term wanted to see was replacing the few C bits (Solo5, OCaml) with Rust, and coincidentally enough, we're just in the midst of getting better bare metal Rust cross compilation support thanks to @aaronjanse's work for Redox.

Typically the more obscure toolchains need to be wrangled, the brighter Nix shines, so I figured something like that would be a good opportunity to show of Nix.

[ehmry]

Also, Solo5 is in the tree (dd8423f86550ef7a63d704b220d361e977142b29).

[hannesm]

Yes, that is me. AFAICT the solo5 toolchain is already packaged in nix, and the mirage utility can be (or is already? -- if not, are there any showstoppers?). Once these pieces are in place, we should think about packaging concrete unikernels into nixOS (I have some ideas about how to achieve that - in the end a configured MirageOS unikernel is an opam package).

So for now, I have two questions:

• is the mirage command line utility (opam package mirage) packaged in nixOS?
• is it easy to package an opam package into nixOS?

[Ericson2314]

@hannesm So the slickest way to package opam modules with Nix is to on-demand generate the Nix code using tools like that opam2nix. Unfortunately, Nixpkgs doesn't allow generated code on the fly due to an issue with our CI tool (not Nix itself), so we have to vendor the output for opam packages we want to include.

So, to answer your questions

is it easy to package an opam package into nixOS?

Yes, very.

is the mirage command line utility (opam package mirage) packaged in nixOS?

It might not be, but it should be no harder than other opam package. Just a matter of articulating the motivation and vendoring the code that's easy to generate.

---

I think if you/we start with @ehmry's https://github.com/ehmry/mirage-nix, we won't even be blocked on the previous two steps (it also uses opam2nix). We can go straight to packaging concrete unikernels into NixOS by writing the requisite NixOS modules in there. Once the whole thing works end-to-end, I think there will be no trouble justifying moving the code to Nixpkgs proper :).

That plan allows iterating with the dynamic Nix code generation and only "baking" it at the end, which should be much more ergonomic.

[ehmry]

From what I remember, the dependencies of a Mirage unikernel are determined at configuration time, which means that a NixOS module for something Mirage would break the no-import-from-derivation rule in Nixpkgs. That may require the Mirage stuff to be hosted outside the main tree, but that's less of an inconvenience these days.

Also, opam2nix is probably the better way of managing the dependencies than managing them manually. Opam has good metadata so this should be safe to do.

I believe this implies that to realize a configuration written in Nix would require a derivation that calls mirage to generate an Opam package that corresponds to the Nix configuration, processing that package with opam2nix, and then building the unikernel from that.

[Ericson2314]

Yeah, I suspect the Mirage CLI and Nix ecosystem are going to have a bit of a turf war, but otherwise things should be fine.

[sternenseemann]

To see how far we've come and what challenges we still have to overcome, I tried to build the stub-resolver unikernel from roburio/unikernels today.

I'm pleased to announce that in terms of MirageOS unikernels for the unix target we are basically already there! We are just missing MirageOS libraries here and there, but the fundamentals are there and work fine. My endeavour lead to #107907, #107914 and #107922.

With the following, frankly trivial shell.nix (and the PRs merged into a local nixpkgs) it's a matter of nix-shell --run "mirage configure && mirage build":

let
  pkgs = import <nixpkgs> {};

  op = pkgs.ocamlPackages;

  baseTools = with op; [
    ocaml dune_2 ocamlbuild findlib
  ];

  baseLibraries = with op; [
    mirage mirage-unix mirage-types mirage-types-lwt mirage-logs
    mirage-crypto-rng-mirage mirage-clock-unix mirage-bootvar-unix tcpip
  ];

  unikernelDeps = with op; [
    dns-resolver dns-server logs
  ];
in

pkgs.mkShell rec {
  buildInputs = baseTools ++ baseLibraries ++ unikernelDeps;
}

The predicted turf war between mirage and the nix infrastructure is also not happening, as it is pretty well behaved and uses standard ocaml tools like dune, ocamlfind and ocamlbuild which we have already figured out.

Here's a screenshot of stub-resolver built on NixOS answering a request on my my machine:

Next steps for MirageOS in nixpkgs as I see it would be:

• [ ] Package missing mirage libraries
• [ ] Add infrastructure for building MirageOS unikernels (should be as lightly altered buildDunePackage) and maybe even deploying it
• [ ] Test and figure out other MirageOS targets like Xen

[Ericson2314]

@sternenseemann Congrats! Your PRs all looked perfectly fin to me and I merged them.

The predicted turf war between mirage and the nix infrastructure is also not happening, as it is pretty well behaved and uses standard ocaml tools like dune, ocamlfind and ocamlbuild which we have already figured out.

Glad to be wrong so far!

Test and figure out other MirageOS targets like Xen

...but I suspect once we get into these interesting cross compilation cases, things will emerge :).

[Ericson2314]

I wonder if anyone has tried a statically linked Unix target with Musl, since that's a vageuly kindred spirit of a target to Unikernels.

[sternenseemann]

I wonder if anyone has tried a statically linked Unix target with Musl, since that's a vageuly kindred spirit of a target to Unikernels.

Seems like it is planned, but not yet implemented: https://github.com/mirage/mirage/issues/880

Although you can probalby achieve it already by messing around in the build files mirage configure generates.

[sternenseemann]

As an update: With a preliminary setup for this I've managed to build the stub_resolver unikernel for the xen target as well (although I couldn't test it because I have nowhere to set up a Xen hypervisor unfortunately). The interesting commits for this are the following (on a temp branch of mine):

• https://github.com/sternenseemann/nixpkgs/commit/6238ee157476824c821651b3e33c002ef4c7d405
• https://github.com/sternenseemann/nixpkgs/commit/d8a3832ac4f656fd00e812a6b4bb183e745c712e

Having a Unikernel which supports multiple targets is relatively ugly and annoying to set up currently (since, as pointed out before, the dependency resolution is quite complex). With the current state of MirageOS this could probably be made nicer for nix by using import from derivation or code generation (for nixpkgs).

However, MirageOS 4 and its migration to dune promises to make things simpler for us as well (stuff like virtual libraries could be used to handle the different backends for targets for example). Additionally the build system for solo5 and mirage / ocaml-freestanding will likely change in the future (most likely for the better). Therefore I'll probably not do too much further on this until MirageOS 4 is released.

[sternenseemann]

MirageOS 4 related upstream issues/PRs:

• https://github.com/mirage/mirage/issues/1217
• https://github.com/Solo5/solo5/pull/494
• https://github.com/mirage/mirage/pull/1226
• https://github.com/mirage/ocaml-freestanding/pull/92

[stale[bot]]

I marked this as stale due to inactivity. → More info

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/linux-unikernel/22648/2

[RyanGibb]

I've written hillingar which uses opam-nix to build mirage unikernels. I've written a blog post on the project here: https://ryan.freumh.org/blog/hillingar/

[patka-123]

Hello 👋

To me it seems like there is a MirageOS package at https://github.com/NixOS/nixpkgs/blob/nixos-unstable/pkgs/development/ocaml-modules/mirage/default.nix

Can this issue be closed since the requested package exists?

(I'm just going through older issues to see what can be closed. Don't mind me if this is still an issue for you)

[asymmetric]

Good catch, this can be closed.

[sternenseemann]

Untrue, MirageOS is not packaged in a meaningful/workable form. Some libraries related to it are packaged, but it is not possible to build/package MirageOS unikernels.