boinc service: use an FHS environment

While BOINC itself is open source, many of the project applications it runs are not. Additionally, these project applications are checksummed before they are run, so they can't be patched. This means we can't make the project applications find required binaries/libraries on a NixOS system. The solution is therefore to make said binaries and libraries appear in the expected locations, by wrapping BOINC in an FHS-compatible environment [1]. An `extraEnvPackages` is also added to allow more packages to be added into this environment. The documentation for this option describes some practical use cases for it. [1] https://nixos.org/nixpkgs/manual/#sec-fhs-environments Version 2: fixed Docbook list formatting, minor rewording Version 3: rebase onto master (9c048f4fb6) Version 4: fix usage of targetPkgs argument to buildFHSUserEnv
2024-11-16 14:54:29 +01:00 · 2017-10-28 22:29:53 +01:00 · 2017-10-28 22:29:53 +01:00 · 9fad70f1de
commit 9fad70f1de
parent 9c048f4fb6
1 changed files with 45 additions and 1 deletions
--- a/nixos/modules/services/computing/boinc/client.nix
+++ b/nixos/modules/services/computing/boinc/client.nix
@ -6,6 +6,13 @@ let
  cfg = config.services.boinc;
  allowRemoteGuiRpcFlag = optionalString cfg.allowRemoteGuiRpc "--allow_remote_gui_rpc";

+  fhsEnv = pkgs.buildFHSUserEnv {
+    name = "boinc-fhs-env";
+    targetPkgs = pkgs': [ cfg.package ] ++ cfg.extraEnvPackages;
+    runScript = "/bin/boinc_client";
+  };
+  fhsEnvExecutable = "${fhsEnv}/bin/${fhsEnv.name}";
+
 in
  {
    options.services.boinc = {
@ -49,6 +56,43 @@ in
          See also: <link xlink:href="http://boinc.berkeley.edu/wiki/Controlling_BOINC_remotely#Remote_access"/>
        '';
      };
+
+      extraEnvPackages = mkOption {
+        type = types.listOf types.package;
+        default = [];
+        example = "[ pkgs.virtualbox ]";
+        description = ''
+          Additional packages to make available in the environment in which
+          BOINC will run. Common choices are:
+          <variablelist>
+            <varlistentry>
+              <term><varname>pkgs.virtualbox</varname></term>
+              <listitem><para>
+                The VirtualBox virtual machine framework. Required by some BOINC
+                projects, such as ATLAS@home.
+              </para></listitem>
+            </varlistentry>
+            <varlistentry>
+              <term><varname>pkgs.ocl-icd</varname></term>
+              <listitem><para>
+                OpenCL infrastructure library. Required by BOINC projects that
+                use OpenCL, in addition to a device-specific OpenCL driver.
+              </para></listitem>
+            </varlistentry>
+            <varlistentry>
+              <term><varname>pkgs.linuxPackages.nvidia_x11</varname></term>
+              <listitem><para>
+                Provides CUDA libraries. Required by BOINC projects that use
+                CUDA. Note that this requires an NVIDIA graphics device to be
+                present on the system.
+              </para><para>
+                Also provides OpenCL drivers for NVIDIA GPUs;
+                <varname>pkgs.ocl-icd</varname> is also needed in this case.
+              </para></listitem>
+            </varlistentry>
+          </variablelist>
+        '';
+      };
    };

    config = mkIf cfg.enable {
@ -70,7 +114,7 @@ in
          chown boinc ${cfg.dataDir}
        '';
        script = ''
-          ${cfg.package}/bin/boinc_client --dir ${cfg.dataDir} --redirectio ${allowRemoteGuiRpcFlag}
+          ${fhsEnvExecutable} --dir ${cfg.dataDir} --redirectio ${allowRemoteGuiRpcFlag}
        '';
        serviceConfig = {
          PermissionsStartOnly = true; # preStart must be run as root