fix: add incus-agent systemd service to NixOS module#11
Merged
ethannortharc merged 11 commits intomainfrom Mar 10, 2026
Merged
Conversation
…re boot for Incus' (#4) from fix/incus-nixos-image into main Reviewed-on: https://git.giomni.com/ethan/devbox/pulls/4
…n Linux' (#5) from fix/doctor-linux-deps into main Reviewed-on: https://git.giomni.com/ethan/devbox/pulls/5
…#6) from fix/incus-wait-agent into main Reviewed-on: https://git.giomni.com/ethan/devbox/pulls/6
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…ioning incus exec doesn't source NixOS login profile, so system binaries (sudo, base64, nixos-generate-config) in /run/current-system/sw/bin/ aren't in PATH. Also wait for DNS to be ready before downloading packages. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
The images:nixos/25.11 Incus image has no nix channels configured, causing nixos-rebuild to fail with "nixpkgs/nixos not found". Also ensure the user's home directory exists before writing config files, since the user is created by nixos-rebuild via devbox-module.nix. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
…tivity - devbox doctor now checks incusbr0 bridge, IP forwarding, iptables FORWARD rules, NAT masquerade, and tests VM connectivity on Linux - devbox create now fails fast with actionable fix commands if the VM has no internet, instead of silently timing out on every download Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Explicitly set NIX_PATH to include the channel profile path so nixos-rebuild can find <nixpkgs/nixos> after nix-channel --update - Run interactive incus exec sessions as the non-root user (UID >= 1000) with correct HOME and /workspace as working directory - Make channel update interactive so progress is visible Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
exec_cmd always runs as root (needed for provisioning). New exec_as_user method runs interactive sessions as the first non-root user with correct HOME and /workspace CWD. Also fixes NIX_PATH to include channel profile path for nixos-rebuild. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
nixos-rebuild switch stops incus-agent during activation, dropping the websocket (exit 255). Now we detect this, wait for the agent to restart, then continue provisioning. Also default Incus VMs to 4GiB memory since NixOS rebuild evaluation needs 2-4GB (default 1GB causes OOM kills). Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
After nixos-rebuild switch, the new system config replaces the original image config. Without an explicit incus-agent service definition, the agent never restarts, making the VM unreachable via `incus exec`. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
incus execTest plan
devbox create --name test --tools goon Incus/Linux completes successfully🤖 Generated with Claude Code