sysvm: Create a registry of the available vms

brianmcgillion · brianmcgillion · commit d85657c9d5fc · 2026-02-18T18:21:53.000+04:00
Creates a registry of both the registered, available and enabled system
vms. In the future we can add "features" to the system vms that could be
queried to define the functionality that they support or make available
to the system, similar to how the appvms currently make their features
available to the guivm.

Signed-off-by: Brian McGillion &lt;bmg.avoin@gmail.com&gt;
diff --git a/lib/global-config.nix b/lib/global-config.nix
@@ -636,6 +636,8 @@ rec {
         # AppVM configurations (needed by guivm for launcher generation)
         # Use enabledVms which has derived values including applications from vmDef
         appvms = config.ghaf.virtualization.microvm.appvm.enabledVms or { };
+        # System VM configurations (for dynamic discovery of enabled system VMs)
+        sysvms = config.ghaf.virtualization.microvm.sysvm.enabledVms or { };
         # GUIVM applications (needed by guivm for local launcher generation)
         guivm = {
           applications = config.ghaf.virtualization.microvm.guivm.applications or [ ];
diff --git a/modules/microvm/flake-module.nix b/modules/microvm/flake-module.nix
@@ -18,6 +18,7 @@ _: {
       ./sysvms/audiovm.nix
       ./sysvms/idsvm/idsvm.nix
       ./common/microvm-store-mode.nix
+      ./sysvm-registry.nix
       ./vm-config.nix
     ];
 
diff --git a/modules/microvm/sysvm-registry.nix b/modules/microvm/sysvm-registry.nix
@@ -0,0 +1,68 @@
+# SPDX-FileCopyrightText: 2022-2026 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+#
+# System VM Registry
+#
+# Defines the sysvm.vms attrsOf option where each system VM module
+# self-registers. This mirrors the appvm.vms pattern — the registry
+# names zero VMs; each VM module contributes its own entry.
+#
+# Use sysvm.enabledVms for the filtered view of active VMs.
+#
+{
+  config,
+  lib,
+  ...
+}:
+let
+  cfg = config.ghaf.virtualization.microvm.sysvm;
+in
+{
+  _file = ./sysvm-registry.nix;
+
+  options.ghaf.virtualization.microvm.sysvm = {
+    vms = lib.mkOption {
+      type = lib.types.attrsOf (
+        lib.types.submodule {
+          options = {
+            enable = lib.mkEnableOption "this system VM";
+
+            vmName = lib.mkOption {
+              type = lib.types.str;
+              description = "VM name with hyphen (e.g., gui-vm, net-vm).";
+            };
+
+            evaluatedConfig = lib.mkOption {
+              type = lib.types.nullOr lib.types.unspecified;
+              default = null;
+              description = "Pre-evaluated NixOS configuration for this system VM.";
+            };
+
+            extraNetworking = lib.mkOption {
+              type = lib.types.networking;
+              default = { };
+              description = "Extra networking configuration for this system VM.";
+            };
+          };
+        }
+      );
+      default = { };
+      description = ''
+        System VM registry. Each system VM module self-registers here.
+        Keys are vmType names (guivm, netvm, etc.) matching vmConfig.sysvms keys.
+        Use enabledVms for the filtered view of active VMs.
+      '';
+    };
+
+    enabledVms = lib.mkOption {
+      type = lib.types.attrsOf lib.types.unspecified;
+      readOnly = true;
+      description = ''
+        Read-only attrset of enabled system VMs.
+        Filtered from sysvm.vms to only include VMs with enable = true.
+      '';
+    };
+  };
+
+  config.ghaf.virtualization.microvm.sysvm.enabledVms = lib.filterAttrs (_: vm: vm.enable) cfg.vms;
+}
diff --git a/modules/microvm/sysvms/adminvm.nix b/modules/microvm/sysvms/adminvm.nix
@@ -43,26 +43,34 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = cfg.evaluatedConfig != null;
-        message = ''
-          ghaf.virtualization.microvm.adminvm.evaluatedConfig must be set.
-          Use adminvmBase.extendModules from a profile (laptop-x86, orin, etc.).
-          Example:
-            ghaf.virtualization.microvm.adminvm.evaluatedConfig =
-              config.ghaf.profiles.laptop-x86.adminvmBase.extendModules { modules = [...]; };
-        '';
-      }
-    ];
+  config = lib.mkMerge [
+    {
+      ghaf.virtualization.microvm.sysvm.vms.adminvm = {
+        inherit vmName;
+        inherit (cfg) enable evaluatedConfig extraNetworking;
+      };
+    }
+    (lib.mkIf cfg.enable {
+      assertions = [
+        {
+          assertion = cfg.evaluatedConfig != null;
+          message = ''
+            ghaf.virtualization.microvm.adminvm.evaluatedConfig must be set.
+            Use adminvmBase.extendModules from a profile (laptop-x86, orin, etc.).
+            Example:
+              ghaf.virtualization.microvm.adminvm.evaluatedConfig =
+                config.ghaf.profiles.laptop-x86.adminvmBase.extendModules { modules = [...]; };
+          '';
+        }
+      ];
 
-    ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
+      ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
 
-    microvm.vms."${vmName}" = {
-      autostart = true;
-      inherit (inputs) nixpkgs;
-      inherit (cfg) evaluatedConfig;
-    };
-  };
+      microvm.vms."${vmName}" = {
+        autostart = true;
+        inherit (inputs) nixpkgs;
+        inherit (cfg) evaluatedConfig;
+      };
+    })
+  ];
 }
diff --git a/modules/microvm/sysvms/audiovm.nix b/modules/microvm/sysvms/audiovm.nix
@@ -43,26 +43,34 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = cfg.evaluatedConfig != null;
-        message = ''
-          ghaf.virtualization.microvm.audiovm.evaluatedConfig must be set.
-          Use audiovmBase.extendModules from a profile (laptop-x86, orin, etc.).
-          Example:
-            ghaf.virtualization.microvm.audiovm.evaluatedConfig =
-              config.ghaf.profiles.laptop-x86.audiovmBase.extendModules { modules = [...]; };
-        '';
-      }
-    ];
+  config = lib.mkMerge [
+    {
+      ghaf.virtualization.microvm.sysvm.vms.audiovm = {
+        inherit vmName;
+        inherit (cfg) enable evaluatedConfig extraNetworking;
+      };
+    }
+    (lib.mkIf cfg.enable {
+      assertions = [
+        {
+          assertion = cfg.evaluatedConfig != null;
+          message = ''
+            ghaf.virtualization.microvm.audiovm.evaluatedConfig must be set.
+            Use audiovmBase.extendModules from a profile (laptop-x86, orin, etc.).
+            Example:
+              ghaf.virtualization.microvm.audiovm.evaluatedConfig =
+                config.ghaf.profiles.laptop-x86.audiovmBase.extendModules { modules = [...]; };
+          '';
+        }
+      ];
 
-    ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
+      ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
 
-    microvm.vms."${vmName}" = {
-      autostart = !config.ghaf.microvm-boot.enable;
-      inherit (inputs) nixpkgs;
-      inherit (cfg) evaluatedConfig;
-    };
-  };
+      microvm.vms."${vmName}" = {
+        autostart = !config.ghaf.microvm-boot.enable;
+        inherit (inputs) nixpkgs;
+        inherit (cfg) evaluatedConfig;
+      };
+    })
+  ];
 }
diff --git a/modules/microvm/sysvms/guivm.nix b/modules/microvm/sysvms/guivm.nix
@@ -51,29 +51,37 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = cfg.evaluatedConfig != null;
-        message = ''
-          ghaf.virtualization.microvm.guivm.evaluatedConfig must be set.
-          Use guivmBase.extendModules from a profile (laptop-x86, orin, etc.).
-          Example:
-            ghaf.virtualization.microvm.guivm.evaluatedConfig =
-              lib.ghaf.vm.applyVmConfig {
-                baseConfig = config.ghaf.profiles.laptop-x86.guivmBase.extendModules { ... };
-                ...
-              };
-        '';
-      }
-    ];
+  config = lib.mkMerge [
+    {
+      ghaf.virtualization.microvm.sysvm.vms.guivm = {
+        inherit vmName;
+        inherit (cfg) enable evaluatedConfig extraNetworking;
+      };
+    }
+    (lib.mkIf cfg.enable {
+      assertions = [
+        {
+          assertion = cfg.evaluatedConfig != null;
+          message = ''
+            ghaf.virtualization.microvm.guivm.evaluatedConfig must be set.
+            Use guivmBase.extendModules from a profile (laptop-x86, orin, etc.).
+            Example:
+              ghaf.virtualization.microvm.guivm.evaluatedConfig =
+                lib.ghaf.vm.applyVmConfig {
+                  baseConfig = config.ghaf.profiles.laptop-x86.guivmBase.extendModules { ... };
+                  ...
+                };
+          '';
+        }
+      ];
 
-    ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
+      ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
 
-    microvm.vms."${vmName}" = {
-      autostart = !config.ghaf.microvm-boot.enable;
-      inherit (inputs) nixpkgs;
-      inherit (cfg) evaluatedConfig;
-    };
-  };
+      microvm.vms."${vmName}" = {
+        autostart = !config.ghaf.microvm-boot.enable;
+        inherit (inputs) nixpkgs;
+        inherit (cfg) evaluatedConfig;
+      };
+    })
+  ];
 }
diff --git a/modules/microvm/sysvms/idsvm/idsvm.nix b/modules/microvm/sysvms/idsvm/idsvm.nix
@@ -47,26 +47,34 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = cfg.evaluatedConfig != null;
-        message = ''
-          ghaf.virtualization.microvm.idsvm.evaluatedConfig must be set.
-          Use idsvmBase.extendModules from a profile (laptop-x86, etc.).
-          Example:
-            ghaf.virtualization.microvm.idsvm.evaluatedConfig =
-              config.ghaf.profiles.laptop-x86.idsvmBase.extendModules { modules = [...]; };
-        '';
-      }
-    ];
+  config = lib.mkMerge [
+    {
+      ghaf.virtualization.microvm.sysvm.vms.idsvm = {
+        inherit vmName;
+        inherit (cfg) enable evaluatedConfig extraNetworking;
+      };
+    }
+    (lib.mkIf cfg.enable {
+      assertions = [
+        {
+          assertion = cfg.evaluatedConfig != null;
+          message = ''
+            ghaf.virtualization.microvm.idsvm.evaluatedConfig must be set.
+            Use idsvmBase.extendModules from a profile (laptop-x86, etc.).
+            Example:
+              ghaf.virtualization.microvm.idsvm.evaluatedConfig =
+                config.ghaf.profiles.laptop-x86.idsvmBase.extendModules { modules = [...]; };
+          '';
+        }
+      ];
 
-    ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
+      ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
 
-    microvm.vms."${vmName}" = {
-      autostart = true;
-      inherit (inputs) nixpkgs;
-      inherit (cfg) evaluatedConfig;
-    };
-  };
+      microvm.vms."${vmName}" = {
+        autostart = true;
+        inherit (inputs) nixpkgs;
+        inherit (cfg) evaluatedConfig;
+      };
+    })
+  ];
 }
diff --git a/modules/microvm/sysvms/netvm.nix b/modules/microvm/sysvms/netvm.nix
@@ -39,34 +39,42 @@ in
     };
   };
 
-  config = lib.mkIf cfg.enable {
-    assertions = [
-      {
-        assertion = cfg.evaluatedConfig != null;
-        message = ''
-          ghaf.virtualization.microvm.netvm.evaluatedConfig must be set.
-          Use a profile that provides netvmBase (laptop-x86 or orin).
+  config = lib.mkMerge [
+    {
+      ghaf.virtualization.microvm.sysvm.vms.netvm = {
+        inherit vmName;
+        inherit (cfg) enable evaluatedConfig extraNetworking;
+      };
+    }
+    (lib.mkIf cfg.enable {
+      assertions = [
+        {
+          assertion = cfg.evaluatedConfig != null;
+          message = ''
+            ghaf.virtualization.microvm.netvm.evaluatedConfig must be set.
+            Use a profile that provides netvmBase (laptop-x86 or orin).
 
-          For x86 laptops:
-            netvm.evaluatedConfig = config.ghaf.profiles.laptop-x86.netvmBase.extendModules {
-              modules = config.ghaf.hardware.definition.netvm.extraModules or [];
-            };
+            For x86 laptops:
+              netvm.evaluatedConfig = config.ghaf.profiles.laptop-x86.netvmBase.extendModules {
+                modules = config.ghaf.hardware.definition.netvm.extraModules or [];
+              };
 
-          For Jetson (Orin):
-            netvm.evaluatedConfig = config.ghaf.profiles.orin.netvmBase.extendModules {
-              modules = config.ghaf.hardware.definition.netvm.extraModules or [];
-            };
-        '';
-      }
-    ];
+            For Jetson (Orin):
+              netvm.evaluatedConfig = config.ghaf.profiles.orin.netvmBase.extendModules {
+                modules = config.ghaf.hardware.definition.netvm.extraModules or [];
+              };
+          '';
+        }
+      ];
 
-    ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
+      ghaf.common.extraNetworking.hosts.${vmName} = cfg.extraNetworking;
 
-    microvm.vms."${vmName}" = {
-      autostart = !config.ghaf.microvm-boot.enable;
-      restartIfChanged = false;
-      inherit (inputs) nixpkgs;
-      inherit (cfg) evaluatedConfig;
-    };
-  };
+      microvm.vms."${vmName}" = {
+        autostart = !config.ghaf.microvm-boot.enable;
+        restartIfChanged = false;
+        inherit (inputs) nixpkgs;
+        inherit (cfg) evaluatedConfig;
+      };
+    })
+  ];
 }
