Recursively include inputs for all inputs in disko closure.

2025-11-21 20:07:46 -05:00 · 2025-11-21 20:07:46 -05:00 · 39997dc4d4
commit 39997dc4d4
parent 3348feb613
11 changed files with 176 additions and 37 deletions
--- a/nix/configuration/flake.nix
+++ b/nix/configuration/flake.nix
@ -117,6 +117,40 @@
          ];
        }
      ) nodes;
+      installerConfig =
+        hostname: nodeConfig:
+        nixpkgs.lib.nixosSystem {
+          specialArgs = {
+            targetSystem = self.nixosConfigurations."${hostname}";
+          };
+          modules = [
+            ./formats/installer.nix
+            (
+              {
+                config,
+                lib,
+                pkgs,
+                ...
+              }:
+              let
+                repl_path = toString ./.;
+                nix-self-repl = pkgs.writeShellScriptBin "nix-self-repl" ''
+                  source /etc/set-environment
+                  nix repl "${repl_path}/repl.nix" "$@"
+                '';
+                # If we wanted the current version of a flake then we'd just launch
+                #   nix repl
+                # and then run:
+                #   :lf /path/to/flake
+              in
+              {
+                config = {
+                  environment.systemPackages = lib.mkIf config.nix.enable [ nix-self-repl ];
+                };
+              }
+            )
+          ];
+        };
    in
    {
      nixosConfigurations = (builtins.mapAttrs (name: value: value "toplevel") nixosConfigs);
@ -129,6 +163,7 @@
            iso = (nixosConfigs."${hostname}" "iso").config.system.build.isoImage;
            vm_iso = (nixosConfigs."${hostname}" "vm_iso").config.system.build.isoImage;
            sd = (nixosConfigs."${hostname}" "sd").config.system.build.sdImage;
+            installer = (installerConfig hostname nodes."${hostname}").config.system.build.isoImage;
          }) (nixpkgs.lib.attrsets.filterAttrs (hostname: nodeConfig: nodeConfig.system == system) nodes))
        )
      );
--- a/nix/configuration/formats/installer.nix
+++ b/nix/configuration/formats/installer.nix
@ -0,0 +1,71 @@
+{
+  config,
+  pkgs,
+  lib,
+  modulesPath,
+  targetSystem,
+  ...
+}:
+let
+  installer = pkgs.writeShellApplication {
+    name = "installer";
+    runtimeInputs = with pkgs; [
+      clevis
+      dosfstools
+      e2fsprogs
+      gawk
+      nixos-install-tools
+      util-linux
+      config.nix.package
+    ];
+    text = ''
+      set -euo pipefail
+
+      ${targetSystem.config.system.build.diskoScript}
+
+      nixos-install --no-channel-copy --no-root-password --option substituters "" --system ${targetSystem.config.system.build.toplevel}
+    '';
+  };
+  # installerFailsafe = pkgs.writeShellScript "failsafe" ''
+  #   ${lib.getExe installer} || echo "ERROR: Installation failure!"
+  #   sleep 3600
+  # '';
+in
+{
+  imports = [
+    (modulesPath + "/installer/cd-dvd/iso-image.nix")
+    (modulesPath + "/profiles/all-hardware.nix")
+  ];
+
+  boot.kernelParams = [
+    "quiet"
+    # "systemd.unit=getty.target"
+  ];
+  boot.supportedFilesystems.zfs = true;
+  boot.initrd.systemd.enable = true;
+
+  networking.hostId = "04581ecf";
+
+  isoImage.makeEfiBootable = true;
+  isoImage.makeUsbBootable = true;
+  isoImage.squashfsCompression = "zstd -Xcompression-level 15";
+
+  environment.systemPackages = [
+    installer
+  ];
+
+  # systemd.services."getty@tty1" = {
+  #   overrideStrategy = "asDropin";
+  #   serviceConfig = {
+  #     ExecStart = [
+  #       ""
+  #       installerFailsafe
+  #     ];
+  #     Restart = "no";
+  #     StandardInput = "null";
+  #   };
+  # };
+
+  # system.stateVersion = lib.mkDefault lib.trivial.release;
+  system.stateVersion = "24.11";
+}
--- a/nix/configuration/formats/iso.nix
+++ b/nix/configuration/formats/iso.nix
@ -1,6 +1,8 @@
 {
+  config,
  lib,
  modulesPath,
+  pkgs,
  ...
 }:

@ -20,12 +22,15 @@
    me.disko.enable = true;
    me.disko.offline.enable = true;
    me.mountPersistence = lib.mkForce false;
-    me.optimizations.enable = lib.mkForce false;
+    # me.optimizations.enable = lib.mkForce false;

    # Not doing image_based_appliance because this might be an install ISO, in which case we'd need nix to do the install.
    # me.image_based_appliance.enable = true;

    # TODO: Should I use this instead of doing a mkIf for the disk config?
    # disko.enableConfig = false;
+
+    # Faster image generation for testing/development.
+    isoImage.squashfsCompression = "zstd -Xcompression-level 15";
  };
 }
--- a/nix/configuration/hosts/odowork/DEPLOY_BOOT
+++ b/nix/configuration/hosts/odowork/DEPLOY_BOOT
@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 TARGET=odowork

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
-
 nixos-rebuild boot --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/DEPLOY_SWITCH
+++ b/nix/configuration/hosts/odowork/DEPLOY_SWITCH
@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 TARGET=odowork

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
-
 nixos-rebuild switch --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/INSTALLER
+++ b/nix/configuration/hosts/odowork/INSTALLER
@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+#
+set -euo pipefail
+IFS=$'\n\t'
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+
+: "${JOBS:="1"}"
+
+nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.installer" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/ISO
+++ b/nix/configuration/hosts/odowork/ISO
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 : "${JOBS:="1"}"

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.iso" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_BOOT
+++ b/nix/configuration/hosts/odowork/SELF_BOOT
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 : "${JOBS:="1"}"

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild boot --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_BUILD
+++ b/nix/configuration/hosts/odowork/SELF_BUILD
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 : "${JOBS:="1"}"

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild build --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_SWITCH
+++ b/nix/configuration/hosts/odowork/SELF_SWITCH
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"

 : "${JOBS:="1"}"

-for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild switch --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/roles/disko/default.nix
+++ b/nix/configuration/roles/disko/default.nix
@ -7,32 +7,49 @@
  ...
 }:

-let
-  flakeOutPaths =
-    let
-      collector =
-        parent:
-        map (
-          child:
-          [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ])
-        ) (lib.attrValues parent.inputs);
-    in
-    lib.unique (lib.flatten (collector self));
-  dependencies = [
-    this_nixos_config.pkgs.stdenv.drvPath
-    (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
+# let
+#   flakeOutPaths =
+#     let
+#       collector =
+#         parent:
+#         map (
+#           child:
+#           [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ])
+#         ) (lib.attrValues parent.inputs);
+#     in
+#     lib.unique (lib.flatten (collector self));
+#   dependencies = [
+#     this_nixos_config.pkgs.stdenv.drvPath
+#     (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath

-    # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342
-    this_nixos_config.pkgs.perlPackages.ConfigIniFiles
-    this_nixos_config.pkgs.perlPackages.FileSlurp
+#     # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342
+#     this_nixos_config.pkgs.perlPackages.ConfigIniFiles
+#     this_nixos_config.pkgs.perlPackages.FileSlurp

-    this_nixos_config.config.system.build.toplevel
-    this_nixos_config.config.system.build.diskoScript
-  ]
-  ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
-  # ++ flakeOutPaths;
-  closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
-in
+#     this_nixos_config.config.system.build.toplevel
+#     # this_nixos_config.config.system.build.toplevel.drvPath
+
+#     this_nixos_config.config.system.build.diskoScript
+#     this_nixos_config.config.system.build.diskoScript.drvPath
+#     this_nixos_config.config.system.build.destroyScript.drvPath
+#     this_nixos_config.config.system.build.formatScript.drvPath
+#     this_nixos_config.config.system.build.mountScript.drvPath
+#     this_nixos_config.config.system.build.destroyScript
+#     this_nixos_config.config.system.build.formatScript
+#     this_nixos_config.config.system.build.mountScript
+
+#     # config.system.build.diskoScript
+#     # config.system.build.diskoScript.drvPath
+#     # config.system.build.destroyScript.drvPath
+#     # config.system.build.formatScript.drvPath
+#     # config.system.build.mountScript.drvPath
+#     # config.system.build.destroyScript
+#     # config.system.build.formatScript
+#     # config.system.build.mountScript
+#   ]
+#   ++ flakeOutPaths;
+#   closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
+# in
 {
  imports = [ ];

@ -60,17 +77,27 @@ in
        ];
      }
      (lib.mkIf config.me.disko.offline.enable {
+        # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries
+        #${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix'
+
        environment.systemPackages = with pkgs; [
          (pkgs.writeShellScriptBin "install-nixos-unattended" ''
            set -xeuo pipefail
            IFS=$'\n\t'
-            # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries
-            ${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix'
-            ${pkgs.nixos-install}/bin/nixos-install --substituters "http://10.0.2.2:8080?trusted=1 https://cache.nixos.org/" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}'
+
+            #${this_nixos_config.config.system.build.destroyScript}
+
+            #${this_nixos_config.config.system.build.formatScript}
+
+            ${this_nixos_config.config.system.build.mountScript}
+
+            ${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}'
+
+            #${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --system '${this_nixos_config.config.system.build.toplevel}'
          '')
        ];

-        environment.etc."install-closure".source = "${closureInfo}/store-paths";
+        # environment.etc."install-closure".source = "${closureInfo}/store-paths";
      })
    ]
  );