deliciouslytyped
commented
5 months ago At the least, node/yarn and redis is involved.
Open deliciouslytyped opened 5 months ago
deliciouslytyped
commented
5 months ago At the least, node/yarn and redis is involved.
hehongbo
commented
4 months ago Also spent some time on this last year (and did not succeed).
Not sure if trying to package this is a good idea either, but I think it might be a good thing to run Xen Orchestra with pure Node.js runtime if it is made of Node.js in the first place, instead of importing a virtual machine appliance like VMware VCSA.
It is somewhat unfriendly to build with Nix in my opinion, but it shouldn't be impossible. I chucked their yarn.lock into yarn2nix mkYarnWorkspace directly, got a "too many open files", lifted the limitation and carried on, and after fetching a lot of Node.js packages, it ends here:
Running phase: fixupPhase
shrinking RPATHs of ELF executables and libraries in /nix/store/qvn8570mczan3s6jmafqpfinmjjlyqp0-vates-event-listeners-manager-modules-1.0.1
yarn install v1.22.19
[1/4] Resolving packages...
[2/4] Fetching packages...
warning Pattern ["strip-ansi@^6.0.1"] is trying to unpack in the same destination "/build/yarn_home/.cache/yarn/v6/npm-strip-ansi-cjs-6.0.1-9e26c63d30f53443e9489495b2105d37b67a85d9-integrity/node_modules/strip-ansi-cjs" as pattern ["strip-ansi-cjs@npm:strip-ansi@^6.0.1"]. This could result in non-deterministic behavior, skipping.
warning Pattern ["string-width@^4.1.0"] is trying to unpack in the same destination "/build/yarn_home/.cache/yarn/v6/npm-string-width-cjs-4.2.3-269c7117d27b05ad2e536830a8ec895ef9c6d010-integrity/node_modules/string-width-cjs" as pattern ["string-width-cjs@npm:string-width@^4.2.0"]. This could result in non-deterministic behavior, skipping.
warning Pattern ["strip-ansi@^6.0.0"] is trying to unpack in the same destination "/build/yarn_home/.cache/yarn/v6/npm-strip-ansi-cjs-6.0.1-9e26c63d30f53443e9489495b2105d37b67a85d9-integrity/node_modules/strip-ansi-cjs" as pattern ["strip-ansi-cjs@npm:strip-ansi@^6.0.1"]. This could result in non-deterministic behavior, skipping.
[] 0/490[] 13/490[] 16/490[] 18/490[] 21/490[] 23/490[] 25/490[] 28/490[] 29/490[] 32/490[] 36/490[] 39/490[] 43/490[] 44/490[] 46/490[] 48/490[] 51/490[] 55/490[] 60/490[] 64/490[] 66/490[] 68/490[] 71/490[] 72/490[] 74/490[] 77/490[] 79/490[] 82/490[] 85/490[] 90/490[] 94/490[] 96/490[] 99/490[] 100/490[] 106/490[] 109/490[] 111/490[] 113/490[] 117/490[] 119/490[] 123/490[] 128/490[] 132/490[] 137/490[] 140/490[] 144/490[] 149/490[] 150/490[] 153/490[] 155/490[] 158/490[] 161/490[] 166/490[] 174/490[] 184/490[] 192/490[] 201/490[] 207/490[] 214/490[] 221/490[] 231/490[] 239/490[] 244/490[] 251/490[] 255/490[] 259/490[] 261/490[] 262/490[] 264/490[] 267/490[] 270/490error An unexpected error occurred: "EACCES: permission denied, unlink '/nix/store/chnj65n0h1zbn05k9klqapdmyzf23fdw-offline/fuse_shared_library_linux___fuse_shared_library_linux_1.0.1.tgz'".
info If you think this is a bug, please open a bug report with the information provided in "/build/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/install for documentation about this command.
checking for references to /build/ in /nix/store/qvn8570mczan3s6jmafqpfinmjjlyqp0-vates-event-listeners-manager-modules-1.0.1...
error: builder for '/nix/store/08g8ighxpdg1p3nrf6540d12lm6v2fwi-vates-fuse-vhd-modules-2.1.0.drv' failed with exit code 1
error: 1 dependencies of derivation '/nix/store/8033mscqw05g0bbx88pbzmjda0daxirb-xoa.drv' failed to build
error: build of '/nix/store/0ghgxhff6h36xm49kwbwjf9c07d56s3p-xoa.drv', '/nix/store/0yb66anygnalfplrbfzfk9ghyh7ifsmp-xoa.drv', '/nix/store/15241ccyrc1qz229ld0kiqlvsw6gx3vm-xoa.drv', '/nix/store/1lyjs5rmvvqdcah2slsissf72a52ka1k-xoa.drv', '/nix/store/1svj3y0gbybnzpnwn86p821pgn4xvwig-xoa.drv', '/nix/store/258ypq2lba8zpl06r1r01ih2fbgimlsg-xoa.drv', '/nix/store/37ws21bdfi60nk5ycqgf2yxswc64py18-xoa.drv', '/nix/store/44slz5x2g3niss6b18a0x6kfaiwc3gx5-xoa.drv', '/nix/store/4jkdcscc0v1s1jr37smi302g8bfk2mvz-xoa.drv', '/nix/store/58wzagj60cz82mrf7z0vcfc4vjk2bf15-xoa.drv', '/nix/store/5cs71jhpsw9h7w3cf529ln0bi68v63if-xoa.drv', '/nix/store/5ijv4qhqgar75rds4r7r27l06qpf1gcd-xoa.drv', '/nix/store/5qrs5k12n6dv6n29f5wxj161iq25y091-xoa.drv', '/nix/store/6jryq8bgfj3zp26pizk8z8dh7klymvml-xoa.drv', '/nix/store/6m141hl3gq6kkcgv6kncmxb913vvwyzh-xoa.drv', '/nix/store/708sahcjrj933rrbradsddf1ng73d8gf-xoa.drv', '/nix/store/7qshcisz4cf8dg7ky4rcy6hdkpvd2kn8-xoa.drv', '/nix/store/7wwxs2a5j40vhii8cvfqhn42bx193h1z-xoa.drv', '/nix/store/8033mscqw05g0bbx88pbzmjda0daxirb-xoa.drv', '/nix/store/8yjmcal7kh3vjh8wmzr26vgq03497gfw-xoa.drv', '/nix/store/8zg2cp1bc3inzzk0l3w7n9lzanp1gg7d-xoa.drv', '/nix/store/8zz6rzbmyyrj30fqs27whc1l6lhl6ndm-xoa.drv', '/nix/store/91s0lys0425bbnc76jzmh691aam51yri-xoa.drv', '/nix/store/9aipj7ivjgf5mpx09byfzl4ip3zq9j9a-xoa.drv', '/nix/store/9anv82k3f559z0y7aim97khknzbc2wrl-xoa.drv', '/nix/store/9j9q443yjgm2kbvipgkrmyxygq1ixhi6-xoa.drv', '/nix/store/9kcphqj8asvxb5rsdiipkpdnzgf7ykkr-xoa.drv', '/nix/store/9p99aw06r1pis3nh10ja79zakxls4fl5-xoa.drv', '/nix/store/ac8fddjlpyr9a2f7rgd38q9x9qralq9x-xoa.drv', '/nix/store/acz8dm2h4hm9z7iyj34ms8kydcdwz3aq-xoa.drv', '/nix/store/aid2khapdv0z7rq1q369ahv81h6icbl3-xoa.drv', '/nix/store/bbpl5kwv074rg7h79d6pzjm95g8pjnfq-xoa.drv', '/nix/store/bsx06clg73adja42c20p3wxrjnk62k5h-xoa.drv', '/nix/store/c0hmhrjsfvpym50jg7nvx22qdygmcwg4-xoa.drv', '/nix/store/c1ln3gis6x97z3qhkqn6yldbml7r8qqz-xoa.drv', '/nix/store/d0s922i7j888ibxqdy0hrqm552bf639c-xoa.drv', '/nix/store/d1fis70fs99i6sig4g745an198pck536-xoa.drv', '/nix/store/dn8mbnwr37glsr0m43m4bhwpf5iw56vw-xoa.drv', '/nix/store/f0zingmm73d7zjdswpbj2d2xpsc3bd6y-xoa.drv', '/nix/store/ffjs1wdvhi8g8cma9qsyy347g1s41gz4-xoa.drv', '/nix/store/gpfd2w56hw6dkwxa7d2lszba7hvq8hjx-xoa.drv', '/nix/store/gx6pbj7ka98nds7qscpvq8v7dvnqd2vk-xoa.drv', '/nix/store/h5gb4zm9krfmayy13njjlv0jvmddym6h-xoa.drv', '/nix/store/hrzsf53n3wmm2yjjnf550a4yv054f5v8-xoa.drv', '/nix/store/hylfqbxfxswfsw14yjs47vss47z1m34g-xoa.drv', '/nix/store/i1ig0lrc11nhm72rii7l2525jyyxssrc-xoa.drv', '/nix/store/i70qg7xf52dglvpwcv5zbyjwq8zijsdg-xoa.drv', '/nix/store/isbgkw6kj1qdyhhz7w8zpnfyrc493kyd-xoa.drv', '/nix/store/iy9ypn04kal90zvcd8cqw5advrjs2igj-xoa.drv', '/nix/store/jdkm3qhvn6174xhf8dhl6c706wdj3rd5-xoa.drv', '/nix/store/k1c9lwpsq2zz8pxbknyy8bhkgvcmpqm7-xoa.drv', '/nix/store/k95q5syk7lin6wn8phrrm3zf4yrv7p2v-xoa.drv', '/nix/store/lgzkn6gvm39ij0pimm7kpyrrskd7203v-xoa.drv', '/nix/store/m5cickafhf87npf3mkq1pinvika4450k-xoa.drv', '/nix/store/n9xn75z0vm5b45c4l6634zh62blwasy2-xoa.drv', '/nix/store/nzd6nq92kjxi9nx0xf2a41gca49syyy3-xoa.drv', '/nix/store/ph6hm8xg2sdslz8w9vhf7l2i0bxiyxaa-xoa.drv', '/nix/store/pnb1s7649k4wph66h3yw5i05lzh00m9x-xoa.drv', '/nix/store/q8vvryzffz569jba0bsc1x5fdf241y9g-xoa.drv', '/nix/store/qnliw9bhqsb2ggyc44jsp4f035rkj5rw-xoa.drv', '/nix/store/racdp3qn7np8r9pm1clvh5s0hi1wy2fq-xoa.drv', '/nix/store/slx37b76ld2jbh3m0lrapvqwxnnjm4s8-xoa.drv', '/nix/store/sni1rbwxgvzfvaj8mvxv9r3sl3jn0fby-xoa.drv', '/nix/store/snsj9lbz6xm4mspskxandfipcj61bim4-xoa.drv', '/nix/store/v0vx3m55bwyxjnbb0l2qwa9h78rw9r2a-xoa.drv', '/nix/store/vipc1lqi9xv4kappl61lnlidl41nr8mv-xoa.drv', '/nix/store/vqdanwp17i3xsnmsxqw8kcqcc7b5fp1c-xoa.drv', '/nix/store/vxf04wbnryhblz124334x9rjg42r05kx-xoa.drv', '/nix/store/w3z8znp452m2430s61ckc5w9p8dqxqga-xoa.drv', '/nix/store/w6xlc56494nxa1xcp6jj6nm659wrbrkb-xoa.drv', '/nix/store/wimyb82lxpzqxgncvzr4yip2hjxxc1nm-xoa.drv', '/nix/store/wls91fpvi9q1dhb4j63p72mwmc93swq6-xoa.drv', '/nix/store/wnk0ycjjlxigc5fdwj2nykmrmndxlcgm-xoa.drv', '/nix/store/xm43767wxj9w71pfr0svc6zs5slwvxfb-xoa.drv', '/nix/store/xrqzg2zi0sj46pm2ip6nfvma1nga8q84-xoa.drv', '/nix/store/xzawmjn21bhafnbx2wal7ffzgb3i6wzb-xoa.drv', '/nix/store/y94g79p0vfmdfn7bkz6bxf5921pc2rs9-xoa.drv', '/nix/store/yb6lrgsi278968pyybpp5ff8mzmfpvry-xoa.drv', '/nix/store/z3lc15icy6q0ka012hbnnqfrpjp22ccg-xoa.drv', '/nix/store/z69k7472rkdfmhn61y644348khrcavw4-xoa.drv', '/nix/store/zjgjh2hl5ig08bdnxam1vkp18m53rjjz-xoa.drv', '/nix/store/zw5x4d9r7zjz4069wss6jr6y98amqh6i-xoa.drv' failedThe build process is stopped by @vates/fuse-vhd, followed by fuse-native and eventually fuse-shared-library-linux if that's the platform that running the build. And looks like it has some native binaries that need patching.
Sorry because my attempts end here, I don't know what awaits. Earlier this year I'm planning to move away from XCP-ng to a bare Xen setup, thus no more time investments on this.
Also, the fact that this package is offered as a monorepo also makes it tricky for Nix to fetch and/or checkout, since the xo-web and xo-server reside in the same repo, at different commit heights/revs. I tried yarn build on the HEAD on master or some commits that "look like a release" on my working macOS machines (both Intel and Apple) and got unstable results, which lost connection to my XCP-ng servers and kicked me out to the welcome page that prompts me to add a server, this is not something I will encounter with the version in the virtual machine image they offered. Or maybe the wrong source is not the cause, but my macOS environment is, since this application is only intended to be shipped within their appliance image, which is Linux.
These are all that I know about packaging this in Nix. Maybe someone who is familiar with working with Node.js and Yarn monorepos can help.
SigmaSquadron
commented
1 month ago It's kind of funny to me that this PR was opened while Xen on Nixpkgs was still horribly insecure. I can try to take a stab at it once the immediate Xen PRs are done.
deliciouslytyped
commented
1 month ago What do you mean?
SigmaSquadron
commented
1 month ago Well, before July, Nixpkgs had Xen 4.15, which was EOL and vulnerable to a number of XSAs. I don't really see the usability of XO outside of managing a Xen host, so it doesn't make much sense for a package request for XO to be opened before Xen itself.
deliciouslytyped
commented
1 month ago Ah, ok. I'm not arguing; Well, that's kind of why I said "You don't need to use XCP-ng to use Xen Orchestra", the management environment is a separate thing, and I would have been running Xen with something else.
SigmaSquadron
commented
1 month ago Ah, of course. Still, NixOS has some questionable support for being a PV(H) guest. We have a module for using Citrix's guest tools, but I was hoping to eventually produce a profile for PVH guests that use the upstream tools instead.
hehongbo
commented
1 month ago before July, Nixpkgs had Xen 4.15, which was EOL and vulnerable to a number of XSAs. I don't really see the usability of XO outside of managing a Xen host, so it doesn't make much sense for a package request for XO to be opened before Xen itself.
That's kind of okay I guess, Xen Orchestra is mainly for managing XenServer (XCP-ng or Citrix, correct me from wrong), and I can imagine those who need XO available in Nixpkgs might be the one:
So a package request on XO might still be somehow meaningful for those use cases, even before the Xen package itself and the Dom0 module become ready (which your contributions go into in the past few months). Also, given the complexity of XenServer, I might question if there are many people trying to build the entire thing with Xen and XAPI from scratch on a NixOS Dom0, which XO might be able to talk to.
NixOS has some questionable support for being a PV(H) guest.
NixOS is okay to run as a PVH DomU, with the main obstacle being #121514. There is a real-world example of a hosting provider deploying PVH guests at scale and they also mentioned NixOS in their wiki. PV is a little bit more problematic because the PV variant of GRUB binary cannot load a zstd-compressed kernel image (changing that requires prolonged build time on kernel). And most importantly, PVH is not supported by XCP-ng currently, and that's why I'm moving away to look for a more customized Xen and Dom0 setup.
I'm not actually sure if trying to package this is a good idea, but here it is anyway.
Xen Orchestra is some kind of management frontend for (also?) XCP-ng (and XenServer? - which is apparently the Citrix variant?). Apparently doing a source build will get you the full-featured version. You don't need to use XCP-ng to use Xen Orchestra, the below is provided for additional context.
https://xen-orchestra.com/docs/
For additional background: XCP-ng is a Xen based hypervisor distribution (something like that?) which (IIUC?) doesn't really provide a management interface, and one way to manage it is a Xen Orchestra instance you can run also as a guest, or on a separate system, and communicates with and controls the XCP-ng server.
https://docs.xcp-ng.org/
Some helpful resources:
We don't provide pro support for this installation method. We cannot guarantee anything if it's used in production. Use it at your own risk!Please consider using XOA before trying to play with the manual build, which can be difficult if you are not used to NodeJS and NPM.As you may have seen in other parts of the documentation, XO is composed of two parts: xo-server and xo-web. They can be installed separately, even on different machines, but for the sake of simplicity we will set them up together.There are some helpful videos (for example) here for additional context:
Metadata
Add a :+1: reaction to issues you find important.