From 757f1cb3cd0104cc975c7b6a0031ebf5689f4571 Mon Sep 17 00:00:00 2001
From: Franziska Kunsmann <hi@kunsmann.eu>
Date: Fri, 11 Mar 2022 13:58:38 +0100
Subject: [PATCH] bundles/vmhost: prepare for arch linux

---
 bundles/vmhost/items.py    | 10 ++++++++--
 bundles/vmhost/metadata.py |  9 +++++++++
 nodes/kunsi-p14s.py        | 14 +++++++++++++-
 3 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/bundles/vmhost/items.py b/bundles/vmhost/items.py
index c8ff9e1..29411fe 100644
--- a/bundles/vmhost/items.py
+++ b/bundles/vmhost/items.py
@@ -4,10 +4,10 @@ files = {
     },
 }
 
-if node.has_bundle('nftables'):
+if node.has_bundle('nftables') and node.has_bundle('apt'):
     # libvirt on debian depends on either iptables or firewalld. Since
     # we're managing firewall rules using bundlewrap, we don't want either
-    # of thos to interfere. So we install firewalld, then ensure it is
+    # of those to interfere. So we install firewalld, then ensure it is
     # never running. After that, we ensure the bundlewrap managed rules
     # are active.
     svc_systemd['firewalld'] = {
@@ -24,3 +24,9 @@ if node.has_bundle('nftables'):
             'svc_systemd:nftables:reload',
         },
     }
+
+if node.has_bundle('pacman'):
+    svc_systemd['libvirtd'] = {}
+    svc_systemd['virtlogd'] = {
+        'enabled': None, # triggered via .socket
+    }
diff --git a/bundles/vmhost/metadata.py b/bundles/vmhost/metadata.py
index f70adc7..9e91f1a 100644
--- a/bundles/vmhost/metadata.py
+++ b/bundles/vmhost/metadata.py
@@ -21,6 +21,12 @@ defaults = {
             },
         },
     },
+    'pacman': {
+        'packages': {
+            'libvirt': {},
+            'qemu-headless': {},
+        },
+    },
 }
 
 if node.os == 'debian' and node.os_version[0] < 11:
@@ -36,6 +42,9 @@ if node.has_bundle('nftables'):
         },
     }
 
+if node.has_bundle('arch-with-gui'):
+    defaults['pacman']['packages']['virt-manager'] = {}
+
 
 @metadata_reactor.provides(
     'users',
diff --git a/nodes/kunsi-p14s.py b/nodes/kunsi-p14s.py
index da4ce64..784e74e 100644
--- a/nodes/kunsi-p14s.py
+++ b/nodes/kunsi-p14s.py
@@ -8,6 +8,7 @@ nodes['kunsi-p14s'] = {
         'nfs-client',
         'systemd-boot',
         'telegraf-battery-usage',
+        'vmhost',
         'zfs',
     },
     'groups': {
@@ -92,7 +93,6 @@ nodes['kunsi-p14s'] = {
                 'mosquitto': {},
                 'perl-musicbrainz-discid': {}, # for abcde
                 'perl-webservice-musicbrainz': {}, # for abcde
-                'virt-manager': {},
                 'xf86-input-wacom': {},
             },
         },
@@ -149,10 +149,22 @@ nodes['kunsi-p14s'] = {
                 # this is not a complete list, but we can't create that
                 # structure using bundlewrap anyway, so there's no point
                 # in adding it here.
+                'zroot': {
+                    'compression': 'lz4',
+                    'relatime': 'on',
+                    'xattr': 'sa',
+                    # encryption is enabled, too.
+                },
                 'zroot/system/journal': {
                     'mountpoint': '/var/log/journal',
                     'acltype': 'posix',
                 },
+                'zroot/system/libvirt': {
+                    'mountpoint': '/var/lib/libvirt',
+                    'needed_by': {
+                        'bundle:vmhost',
+                    },
+                },
                 'zroot/system/root': {
                     'canmount': 'noauto',
                     'mountpoint': '/',