cleanup some tmp backward compat code

Signed-off-by: Brian McGillion <bmg.avoin@gmail.com>

Author: brianmcgillion

modules/common/global-config.nix

@@ -3,72 +3,39 @@
 #
 # Global Configuration Options Module
 #
-# This module defines the ghaf.global-config options that propagate to all VMs.
-# Settings here are the "single source of truth" for configuration values
-# that should be consistent across host and all guest VMs.
-#
-# Supports versioned profiles via lib.ghaf.profiles and lib.ghaf.mkGlobalConfig.
+# This module defines the ghaf.global-config option type for host-level settings.
+# The actual global config values are created by lib.ghaf.mkGlobalConfig and
+# passed to VMs via specialArgs (globalConfig).
 #
 # Usage:
-#   # Use a predefined profile
-#   ghaf.global-config = lib.ghaf.profiles.debug;
-#
-#   # Or customize a profile
-#   ghaf.global-config = lib.ghaf.mkGlobalConfig "debug" {
-#     storage.encryption.enable = true;
-#   };
+#   # Set options on host (these propagate via lib.ghaf.mkGlobalConfig)
+#   ghaf.profiles.debug.enable = true;
+#   ghaf.development.ssh.daemon.enable = true;
 #
-#   # Or set options directly
-#   ghaf.global-config = {
-#     debug.enable = true;
-#     development.ssh.daemon.enable = true;
-#   };
+#   # VMs receive globalConfig via specialArgs, created by profiles
+#   # See: modules/profiles/laptop-x86.nix, lib/global-config.nix
 #
-# Backward Compatibility:
-#   This module provides sync from existing ghaf.* options → global-config.
-#   Old-style settings will automatically populate global-config so that
-#   VMs using the new pattern receive correct values.
 {
   config,
   lib,
-  options,
   ...
 }:
-let
-
-  # Helper to check if an option path exists in the options tree
-  optionExists = path: lib.hasAttrByPath path options;
-
-  # Helper to get config value if option exists, otherwise use default
-  configOrDefault =
-    path: default: if optionExists path then lib.getAttrFromPath path config else default;
-in
 {
   _file = ./global-config.nix;
 
   options.ghaf.global-config = lib.mkOption {
     type = lib.types.globalConfig;
     default = { };
     description = ''
-      Global configuration options that automatically propagate to all VMs.
+      Global configuration options that propagate to all VMs.
 
       These settings represent the "single source of truth" for values that
       should be consistent across the host and all guest virtual machines.
 
-      You can use predefined profiles:
-        ghaf.global-config = lib.ghaf.profiles.debug;
-
-      Or customize a profile:
-        ghaf.global-config = lib.ghaf.mkGlobalConfig "debug" {
-          storage.encryption.enable = true;
-        };
-
-      Or set options directly:
-        ghaf.global-config = {
-          debug.enable = true;
-          development.ssh.daemon.enable = true;
-          storage.encryption.enable = true;
-        };
+      The actual propagation to VMs happens via:
+      1. lib.ghaf.mkGlobalConfig creates globalConfig from host config
+      2. Profiles pass globalConfig to VM bases via specialArgs
+      3. VMs read from globalConfig specialArg
 
       Hardware-specific VM configurations go via hardware definition:
         ghaf.hardware.definition.guivm.extraModules = [{
@@ -85,86 +52,5 @@ in
       hostSystem = lib.mkDefault config.nixpkgs.hostPlatform.system;
       timeZone = lib.mkDefault (if config.time.timeZone != null then config.time.timeZone else "UTC");
     };
-
-    # Backward compatibility: sync from old-style ghaf.* options → global-config
-    # Use lib.mkOverride 900 so explicit global-config settings (priority 1000) take precedence
-    # but these defaults take precedence over the type defaults (priority 1500)
-
-    # Debug settings
-    ghaf.global-config.debug.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "profiles" "debug" "enable" ] false
-    );
-
-    # Development settings
-    ghaf.global-config.development.ssh.daemon.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "development" "ssh" "daemon" "enable" ] false
-    );
-
-    ghaf.global-config.development.debug.tools.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "development" "debug" "tools" "enable" ] false
-    );
-
-    ghaf.global-config.development.nix-setup.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "development" "nix-setup" "enable" ] false
-    );
-
-    # Logging settings
-    ghaf.global-config.logging.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "logging" "enable" ] false
-    );
-
-    ghaf.global-config.logging.listener.address = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "logging" "listener" "address" ] ""
-    );
-
-    ghaf.global-config.logging.server.endpoint = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "logging" "server" "endpoint" ] ""
-    );
-
-    # Security settings
-    ghaf.global-config.security.audit.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "security" "audit" "enable" ] false
-    );
-
-    # GIVC settings
-    ghaf.global-config.givc.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "givc" "enable" ] false
-    );
-
-    ghaf.global-config.givc.debug = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "givc" "debug" ] false
-    );
-
-    # Services settings
-    ghaf.global-config.services.power-manager.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "services" "power-manager" "enable" ] false
-    );
-
-    ghaf.global-config.services.performance.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "services" "performance" "enable" ] false
-    );
-
-    # Storage settings
-    ghaf.global-config.storage.encryption.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "virtualization" "storagevm-encryption" "enable" ] false
-    );
-
-    ghaf.global-config.storage.storeOnDisk = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "virtualization" "microvm" "storeOnDisk" ] false
-    );
-
-    # Shared memory settings
-    ghaf.global-config.shm.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "shm" "enable" ] false
-    );
-
-    ghaf.global-config.shm.serverSocketPath = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "shm" "serverSocketPath" ] ""
-    );
-
-    # IDS VM settings
-    ghaf.global-config.idsvm.mitmproxy.enable = lib.mkOverride 900 (
-      configOrDefault [ "ghaf" "virtualization" "microvm" "idsvm" "mitmproxy" "enable" ] false
-    );
   };
 }

modules/profiles/flake-module.nix

@@ -35,5 +35,12 @@
       inputs.self.nixosModules.microvm
       ./orin.nix
     ];
+
+    # Profile for VM targets that run GUI on host (no gui-vm)
+    profiles-vm.imports = [
+      inputs.self.nixosModules.profiles
+      inputs.self.nixosModules.microvm
+      ./vm.nix
+    ];
   };
 }

modules/profiles/vm.nix

@@ -0,0 +1,176 @@
+# SPDX-FileCopyrightText: 2022-2026 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# Profile for VM targets that run GUI on the host (no gui-vm microvm).
+# This profile creates VM bases for: netvm, audiovm, adminvm
+# but NOT guivm (since GUI runs on host).
+#
+{
+  config,
+  lib,
+  inputs,
+  ...
+}:
+let
+  cfg = config.ghaf.profiles.vm;
+  hostGlobalConfig = config.ghaf.global-config;
+in
+{
+  _file = ./vm.nix;
+
+  options.ghaf.profiles.vm = {
+    enable = lib.mkEnableOption "VM target profile (GUI runs on host, no gui-vm)";
+
+    # Net VM base configuration
+    netvmBase = lib.mkOption {
+      type = lib.types.unspecified;
+      readOnly = true;
+      description = ''
+        VM profile Net VM base configuration.
+        Use extendModules to add hardware passthrough and GIVC overrides.
+      '';
+    };
+
+    # Audio VM base configuration
+    audiovmBase = lib.mkOption {
+      type = lib.types.unspecified;
+      readOnly = true;
+      description = ''
+        VM profile Audio VM base configuration.
+        Use extendModules to add GIVC socket proxy configuration.
+      '';
+    };
+
+    # Admin VM base configuration
+    adminvmBase = lib.mkOption {
+      type = lib.types.unspecified;
+      readOnly = true;
+      description = ''
+        VM profile Admin VM base configuration.
+      '';
+    };
+
+    # App VM factory function
+    mkAppVm = lib.mkOption {
+      type = lib.types.unspecified;
+      readOnly = true;
+      description = ''
+        Function to create App VM configurations.
+        Takes a vmDef attribute set and returns a NixOS configuration.
+        The result can be extended with:
+          (mkAppVm vmDef).extendModules { modules = [ ... ]; }
+      '';
+    };
+  };
+
+  config = lib.mkIf cfg.enable {
+
+    # Export Net VM base
+    ghaf.profiles.vm.netvmBase = lib.nixosSystem {
+      inherit (inputs.nixpkgs.legacyPackages.x86_64-linux) system;
+      modules = [
+        inputs.microvm.nixosModules.microvm
+        inputs.self.nixosModules.netvm-base
+        {
+          nixpkgs.overlays = config.nixpkgs.overlays;
+          nixpkgs.config = config.nixpkgs.config;
+        }
+      ];
+      specialArgs = lib.ghaf.vm.mkSpecialArgs {
+        inherit lib inputs;
+        globalConfig = hostGlobalConfig;
+        hostConfig =
+          lib.ghaf.vm.mkHostConfig {
+            inherit config;
+            vmName = "net-vm";
+          }
+          // {
+            netvm = {
+              wifi = config.ghaf.virtualization.microvm.netvm.wifi or false;
+            };
+          };
+      };
+    };
+
+    # Export Audio VM base
+    ghaf.profiles.vm.audiovmBase = lib.nixosSystem {
+      inherit (inputs.nixpkgs.legacyPackages.x86_64-linux) system;
+      modules = [
+        inputs.microvm.nixosModules.microvm
+        inputs.self.nixosModules.audiovm-base
+        {
+          nixpkgs.overlays = config.nixpkgs.overlays;
+          nixpkgs.config = config.nixpkgs.config;
+        }
+      ];
+      specialArgs = lib.ghaf.vm.mkSpecialArgs {
+        inherit lib inputs;
+        globalConfig = hostGlobalConfig;
+        hostConfig =
+          lib.ghaf.vm.mkHostConfig {
+            inherit config;
+            vmName = "audio-vm";
+          }
+          // {
+            audiovm = {
+              audio = config.ghaf.virtualization.microvm.audiovm.audio or false;
+            };
+          };
+      };
+    };
+
+    # Export Admin VM base
+    ghaf.profiles.vm.adminvmBase = lib.nixosSystem {
+      inherit (inputs.nixpkgs.legacyPackages.x86_64-linux) system;
+      modules = [
+        inputs.microvm.nixosModules.microvm
+        inputs.self.nixosModules.adminvm-base
+        inputs.self.nixosModules.adminvm-features
+        {
+          nixpkgs.overlays = config.nixpkgs.overlays;
+          nixpkgs.config = config.nixpkgs.config;
+        }
+      ];
+      specialArgs = lib.ghaf.vm.mkSpecialArgs {
+        inherit lib inputs;
+        globalConfig = hostGlobalConfig;
+        hostConfig = lib.ghaf.vm.mkHostConfig {
+          inherit config;
+          vmName = "admin-vm";
+        };
+      };
+    };
+
+    # Export mkAppVm function for creating App VMs
+    ghaf.profiles.vm.mkAppVm =
+      vmDef:
+      lib.nixosSystem {
+        inherit (inputs.nixpkgs.legacyPackages.x86_64-linux) system;
+        modules = [
+          inputs.microvm.nixosModules.microvm
+          inputs.self.nixosModules.appvm-base
+          {
+            nixpkgs.overlays = config.nixpkgs.overlays;
+            nixpkgs.config = config.nixpkgs.config;
+          }
+        ];
+        specialArgs = lib.ghaf.vm.mkSpecialArgs {
+          inherit lib inputs;
+          globalConfig = hostGlobalConfig;
+          hostConfig =
+            lib.ghaf.vm.mkHostConfig {
+              inherit config;
+              vmName = "${vmDef.name}-vm";
+            }
+            // {
+              appvm = vmDef;
+              sharedVmDirectory =
+                config.ghaf.virtualization.microvm-host.sharedVmDirectory or {
+                  enable = false;
+                  vms = [ ];
+                };
+            };
+        };
+      };
+  };
+}