microvm-nix · felbinger · Oct 20, 2025
diff --git a/lib/runner.nix b/lib/runner.nix
@@ -6,7 +6,7 @@
 let
   inherit (pkgs) lib;
 
-  inherit (microvmConfig) hostName vmHostPackages;
+  inherit (microvmConfig) fqdnOrHostName vmHostPackages;
 
   inherit (import ./. { inherit lib; }) makeMacvtap withDriveLetters extractOptValues extractParamValue;
   inherit (import ./volumes.nix { pkgs = microvmConfig.vmHostPackages; }) createVolumesScript;
@@ -25,7 +25,7 @@ let
   setBalloonScript = hypervisorConfig.setBalloonScript or null;
 
   execArg = lib.optionalString microvmConfig.prettyProcnames
-    ''-a "microvm@${hostName}"'';
+    ''-a "microvm@${fqdnOrHostName}"'';
 
 
   binScripts = microvmConfig.binScripts // {
@@ -54,11 +54,11 @@ let
   };
 
   binScriptPkgs = lib.mapAttrs (scriptName: lines:
-    vmHostPackages.writeShellScript "microvm-${hostName}-${scriptName}" lines
+    vmHostPackages.writeShellScript "microvm-${fqdnOrHostName}-${scriptName}" lines
   ) binScripts;
 in
 
-vmHostPackages.buildPackages.runCommand "microvm-${microvmConfig.hypervisor}-${hostName}"
+vmHostPackages.buildPackages.runCommand "microvm-${microvmConfig.hypervisor}-${fqdnOrHostName}"
 {
   # for `nix run`
   meta.mainProgram = "microvm-run";

diff --git a/lib/runners/qemu.nix b/lib/runners/qemu.nix
@@ -53,7 +53,7 @@ let
     then "io_uring"
     else "threads";
 
-  inherit (microvmConfig) hostName vcpu mem balloon initialBalloonMem deflateOnOOM hotplugMem hotpluggedMem user interfaces shares socket forwardPorts devices vsock graphics storeOnDisk kernel initrdPath storeDisk credentialFiles;
+  inherit (microvmConfig) fqdnOrHostName vcpu mem balloon initialBalloonMem deflateOnOOM hotplugMem hotpluggedMem user interfaces shares socket forwardPorts devices vsock graphics storeOnDisk kernel initrdPath storeDisk credentialFiles;
   inherit (microvmConfig.qemu) machine extraArgs serialConsole;
 
 
@@ -184,7 +184,7 @@ lib.warnIf (mem == 2048) ''
   else lib.escapeShellArgs (
     [
       "${qemu}/bin/qemu-system-${arch}"
-      "-name" hostName
+      "-name" fqdnOrHostName
       "-M" machineConfig
       "-m" (toString mem)
       "-smp" (toString vcpu)
@@ -268,7 +268,7 @@ lib.warnIf (mem == 2048) ''
     lib.warnIf (
       forwardPorts != [] &&
       ! builtins.any ({ type, ... }: type == "user") interfaces
-    ) "${hostName}: forwardPortsOptions only running with user network" (
+    ) "${fqdnOrHostName}: forwardPortsOptions only running with user network" (
       builtins.concatMap ({ type, id, mac, bridge, ... }: [
         "-netdev" (
           lib.concatStringsSep "," (

diff --git a/nixos-modules/host/default.nix b/nixos-modules/host/default.nix
@@ -66,7 +66,7 @@ in
         description = "Install MicroVM '${name}'";
         before = [
           "microvm@${name}.service"
-          "microvm-tap-interfaces@${name}.service"
+          "microvm-tap-interfaces@${name}.service" # TODO split after first .
           "microvm-pci-devices@${name}.service"
           "microvm-virtiofsd@${name}.service"
         ];

diff --git a/nixos-modules/host/options.nix b/nixos-modules/host/options.nix
@@ -44,7 +44,7 @@
                     extraConfig = ({ lib, ... }: {
                       _file = "module at ${__curPos.file}:${toString __curPos.line}";
                       config = {
-                        networking.hostName = lib.mkDefault name;
+                        networking.fqdnOrHostName = lib.mkDefault name;
                       };
                     });
                   in [

diff --git a/nixos-modules/microvm/asserts.nix b/nixos-modules/microvm/asserts.nix
@@ -1,6 +1,6 @@
 { config, lib, ... }:
 let
-  inherit (config.networking) hostName;
+  inherit (config.networking) fqdnOrHostName;
 
 in
 lib.mkIf config.microvm.guest.enable {
@@ -9,7 +9,7 @@ lib.mkIf config.microvm.guest.enable {
     map (volumes: {
       assertion = builtins.length volumes == 1;
       message = ''
-        MicroVM ${hostName}: volume image "${(builtins.head volumes).image}" is used ${toString (builtins.length volumes)} > 1 times.
+        MicroVM ${fqdnOrHostName}: volume image "${(builtins.head volumes).image}" is used ${toString (builtins.length volumes)} > 1 times.
       '';
     }) (
       builtins.attrValues (
@@ -21,7 +21,7 @@ lib.mkIf config.microvm.guest.enable {
     map (interfaces: {
       assertion = builtins.length interfaces == 1;
       message = ''
-        MicroVM ${hostName}: interface id "${(builtins.head interfaces).id}" is used ${toString (builtins.length interfaces)} > 1 times.
+        MicroVM ${fqdnOrHostName}: interface id "${(builtins.head interfaces).id}" is used ${toString (builtins.length interfaces)} > 1 times.
       '';
     }) (
       builtins.attrValues (
@@ -35,14 +35,14 @@ lib.mkIf config.microvm.guest.enable {
       then {
         assertion = bridge != null;
         message = ''
-          MicroVM ${hostName}: interface ${id} is of type "bridge"
+          MicroVM ${fqdnOrHostName}: interface ${id} is of type "bridge"
           but doesn't have a bridge to attach to defined.
         '';
       }
       else {
         assertion = bridge == null;
         message = ''
-          MicroVM ${hostName}: interface ${id} is not of type "bridge"
+          MicroVM ${fqdnOrHostName}: interface ${id} is not of type "bridge"
           and therefore shouldn't have a "bridge" option defined.
         '';
       }
@@ -52,7 +52,7 @@ lib.mkIf config.microvm.guest.enable {
     map ({ id, ... }: {
       assertion = builtins.stringLength id <= 15;
       message = ''
-        MicroVM ${hostName}: interface name ${id} is longer than the
+        MicroVM ${fqdnOrHostName}: interface name ${id} is longer than the
         the maximum length of 15 characters on Linux.
       '';
     }) config.microvm.interfaces
@@ -61,7 +61,7 @@ lib.mkIf config.microvm.guest.enable {
     map (shares: {
       assertion = builtins.length shares == 1;
       message = ''
-        MicroVM ${hostName}: share tag "${(builtins.head shares).tag}" is used ${toString (builtins.length shares)} > 1 times.
+        MicroVM ${fqdnOrHostName}: share tag "${(builtins.head shares).tag}" is used ${toString (builtins.length shares)} > 1 times.
       '';
     }) (
       builtins.attrValues (
@@ -73,7 +73,7 @@ lib.mkIf config.microvm.guest.enable {
     map (shares: {
       assertion = builtins.length shares == 1;
       message = ''
-        MicroVM ${hostName}: share socket "${(builtins.head shares).socket}" is used ${toString (builtins.length shares)} > 1 times.
+        MicroVM ${fqdnOrHostName}: share socket "${(builtins.head shares).socket}" is used ${toString (builtins.length shares)} > 1 times.
       '';
     }) (
       builtins.attrValues (
@@ -88,7 +88,7 @@ lib.mkIf config.microvm.guest.enable {
     map ({ tag, socket, ... }: {
       assertion = socket != null;
       message = ''
-        MicroVM ${hostName}: virtiofs share with tag "${tag}" is missing a `socket` path.
+        MicroVM ${fqdnOrHostName}: virtiofs share with tag "${tag}" is missing a `socket` path.
       '';
     }) (
       builtins.filter ({ proto, ... }: proto == "virtiofs")
@@ -103,22 +103,22 @@ lib.mkIf config.microvm.guest.enable {
           builtins.any ({ type, ... }: type == "user") config.microvm.interfaces
         );
       message = ''
-        MicroVM ${hostName}: `config.microvm.forwardPorts` works only with qemu and one network interface with `type = "user"`
+        MicroVM ${fqdnOrHostName}: `config.microvm.forwardPorts` works only with qemu and one network interface with `type = "user"`
       '';
     } ]
     ++
     # cloud-hypervisor specific asserts
     lib.optionals (config.microvm.hypervisor == "cloud-hypervisor") [ {
       assertion = ! (lib.any (str: lib.hasInfix "oem_strings" str) config.microvm.cloud-hypervisor.platformOEMStrings);
       message = ''
-        MicroVM ${hostName}: `config.microvm.cloud-hypervisor.platformOEMStrings` items must not contain `oem_strings`
+        MicroVM ${fqdnOrHostName}: `config.microvm.cloud-hypervisor.platformOEMStrings` items must not contain `oem_strings`
       '';
     } ];
 
 
   warnings =
     # 32 MB is just an optimistic guess, not based on experience
     lib.optional (config.microvm.mem < 32) ''
-      MicroVM ${hostName}: ${toString config.microvm.mem} MB of RAM is uncomfortably narrow.
+      MicroVM ${fqdnOrHostName}: ${toString config.microvm.mem} MB of RAM is uncomfortably narrow.
     '';
 }
diff --git a/nixos-modules/microvm/default.nix b/nixos-modules/microvm/default.nix
@@ -28,7 +28,7 @@ in
       microvm-lib.buildRunner {
         inherit pkgs;
         microvmConfig = config.microvm // {
-          inherit (config.networking) hostName;
+          inherit (config.networking) fqdnOrHostName;
           inherit hypervisor;
         };
         inherit (config.system.build) toplevel;

diff --git a/nixos-modules/microvm/options.nix b/nixos-modules/microvm/options.nix
@@ -5,7 +5,7 @@ let
   };
 
   cfg = config.microvm;
-  hostName = config.networking.hostName or "$HOSTNAME";
+  fqdnOrHostName = config.networking.fqdnOrHostName or "$fqdnOrHostName";
   kernelAtLeast = lib.versionAtLeast config.boot.kernelPackages.kernel.version;
 in
 {
@@ -66,8 +66,8 @@ in
 
     socket = mkOption {
       description = "Hypervisor control socket path";
-      default = "${hostName}.sock";
-      defaultText = literalExpression ''"''${hostName}.sock"'';
+      default = "${fqdnOrHostName}.sock";
+      defaultText = literalExpression ''"''${fqdnOrHostName}.sock"'';
       type = with types; nullOr str;
     };
 
@@ -349,7 +349,7 @@ in
             type = nullOr str;
             default =
               if config.proto == "virtiofs"
-              then "${hostName}-virtiofs-${config.tag}.sock"
+              then "${fqdnOrHostName}-virtiofs-${config.tag}.sock"
               else null;
             description = "Socket for communication with virtiofs daemon";
           };
@@ -491,7 +491,7 @@ in
 
     graphics.socket = mkOption {
       type = types.str;
-      default = "${hostName}-gpu.sock";
+      default = "${fqdnOrHostName}-gpu.sock";
       description = ''
         Path of vhost-user socket
       '';

diff --git a/nixos-modules/microvm/ssh-deploy.nix b/nixos-modules/microvm/ssh-deploy.nix
@@ -1,7 +1,7 @@
 { config, lib, pkgs, ... }:
 
 let
-  hostName = config.networking.hostName or "$HOSTNAME";
+  fqdnOrHostName = config.networking.fqdnOrHostName or "$fqdnOrHostName";
   inherit (config.system.build) toplevel;
   inherit (config.microvm) declaredRunner;
   inherit (config) nix;
@@ -42,8 +42,8 @@ in
         `microvm.nixosModules.host`:
 
         ```
-        nix run .#nixosConfigurations.${hostName}.config.microvm.deploy.installOnHost [email protected]
-        ssh [email protected] systemctl restart microvm@${hostName}
+        nix run .#nixosConfigurations.${fqdnOrHostName}.config.microvm.deploy.installOnHost [email protected]
+        ssh [email protected] systemctl restart microvm@${fqdnOrHostName}
         ```
 
         - Evaluate this MicroVM to a derivation
@@ -52,7 +52,7 @@ in
         - Install/update the MicroVM on the target host
 
         Can be followed by either:
-        - `systemctl restart microvm@${hostName}.service` on the
+        - `systemctl restart microvm@${fqdnOrHostName}.service` on the
           target host, or
         - `config.microvm.deploy.sshSwitch`
       '';
@@ -69,8 +69,8 @@ in
         `microvm.deploy.installOnHost` like this:
 
         ```
-        nix run .#nixosConfigurations.${hostName}.config.microvm.deploy.installOnHost [email protected]
-        nix run .#nixosConfigurations.${hostName}.config.microvm.deploy.sshSwitch [email protected] switch
+        nix run .#nixosConfigurations.${fqdnOrHostName}.config.microvm.deploy.installOnHost [email protected]
+        nix run .#nixosConfigurations.${fqdnOrHostName}.config.microvm.deploy.sshSwitch [email protected] switch
         ```
       '';
       type = with lib.types; nullOr package;
@@ -84,7 +84,7 @@ in
         MicroVM.
 
         ```
-        nix run .#nixosConfigurations.${hostName}.config.microvm.deploy.rebuild [email protected] [email protected] switch
+        nix run .#nixosConfigurations.${fqdnOrHostName}.config.microvm.deploy.rebuild [email protected] [email protected] switch
         ```
       '';
       type = with lib.types; nullOr package;
@@ -126,15 +126,15 @@ in
       ssh "$HOST" -- $SSH_CMD -e <<__SSH__
       set -eou pipefail
 
-      echo "Initializing MicroVM ${hostName} if necessary"
+      echo "Initializing MicroVM ${fqdnOrHostName} if necessary"
       mkdir -p /nix/var/nix/gcroots/microvm
-      mkdir -p /var/lib/microvms/${hostName}
-      cd /var/lib/microvms/${hostName}
+      mkdir -p /var/lib/microvms/${fqdnOrHostName}
+      cd /var/lib/microvms/${fqdnOrHostName}
       chown microvm:kvm .
       chmod 0755 .
-      ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${hostName}
-      ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${hostName}
-      ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${hostName}
+      ln -sfT \$PWD/current /nix/var/nix/gcroots/microvm/${fqdnOrHostName}
+      ln -sfT \$PWD/booted /nix/var/nix/gcroots/microvm/booted-${fqdnOrHostName}
+      ln -sfT \$PWD/old /nix/var/nix/gcroots/microvm/old-${fqdnOrHostName}
 
       echo "Building toplevel ${paths.toplevelOut}"
       nix build -L --accept-flake-config --no-link \
@@ -143,12 +143,12 @@ in
           closureInfoDrv
           toplevelDrv
         ]}
-      echo "Building MicroVM runner for ${hostName}"
+      echo "Building MicroVM runner for ${fqdnOrHostName}"
       nix build -L --accept-flake-config -o new \
         "${paths.runnerDrv}^out"
 
       if [[ $(realpath ./current) != $(realpath ./new) ]]; then
-        echo "Installing MicroVM ${hostName}"
+        echo "Installing MicroVM ${fqdnOrHostName}"
         rm -f old
         if [ -e current ]; then
           mv current old
@@ -164,7 +164,7 @@ in
           echo "Success."
         fi
       else
-        echo "MicroVM ${hostName} is already installed"
+        echo "MicroVM ${fqdnOrHostName} is already installed"
       fi
       __SSH__
     '';
@@ -195,9 +195,9 @@ in
         ssh "$TARGET" $SSH_CMD -e <<__SSH__
         set -eou pipefail
 
-        hostname=\$(cat /etc/hostname)
-        if [[ "\$hostname" != "${hostName}" ]]; then
-          echo "Attempting to deploy NixOS ${hostName} on host \$hostname"
+        fqdnOrHostName=\$(cat /etc/fqdn)
+        if [[ "\$fqdnOrHostName" != "${fqdnOrHostName}" ]]; then
+          echo "Attempting to deploy NixOS ${fqdnOrHostName} on host \$fqdnOrHostName"
           exit 1
         fi
 
@@ -233,7 +233,7 @@ in
       ${lib.getExe installOnHost} "$HOST" $OPTS
       ${if canSwitchViaSsh
         then ''${lib.getExe sshSwitch} "$TARGET" $OPTS''
-        else ''ssh "$HOST" -- systemctl restart "microvm@${hostName}.service"''
+        else ''ssh "$HOST" -- systemctl restart "microvm@${fqdnOrHostName}.service"''
        }
     '';
   };

diff --git a/nixos-modules/microvm/virtiofsd/default.nix b/nixos-modules/microvm/virtiofsd/default.nix
@@ -63,7 +63,7 @@ in
         );
 
         supervisordConfigFile =
-          pkgs.writeText "${config.networking.hostName}-virtiofsd-supervisord.conf" (
+          pkgs.writeText "${config.networking.fqdnOrHostName}-virtiofsd-supervisord.conf" (
             lib.generators.toINI {} supervisordConfig
           );
 

diff --git a/pkgs/build-microvm.nix b/pkgs/build-microvm.nix
@@ -54,7 +54,7 @@ writeShellScriptBin "build-microvm" ''
   in self.lib.buildRunner {
     inherit pkgs;
     microvmConfig = {
-      inherit (extended.config.networking) hostName;
+      inherit (extended.config.networking) fqdnOrHostName;
     } // extended.config.microvm;
     inherit (extended.config.system.build) toplevel;
   }"