diff --git a/nix/configuration/flake.nix b/nix/configuration/flake.nix index 3b857a9e..a8e55cce 100644 --- a/nix/configuration/flake.nix +++ b/nix/configuration/flake.nix @@ -117,6 +117,40 @@ ]; } ) nodes; + installerConfig = + hostname: nodeConfig: + nixpkgs.lib.nixosSystem { + specialArgs = { + targetSystem = self.nixosConfigurations."${hostname}"; + }; + modules = [ + ./formats/installer.nix + ( + { + config, + lib, + pkgs, + ... + }: + let + repl_path = toString ./.; + nix-self-repl = pkgs.writeShellScriptBin "nix-self-repl" '' + source /etc/set-environment + nix repl "${repl_path}/repl.nix" "$@" + ''; + # If we wanted the current version of a flake then we'd just launch + # nix repl + # and then run: + # :lf /path/to/flake + in + { + config = { + environment.systemPackages = lib.mkIf config.nix.enable [ nix-self-repl ]; + }; + } + ) + ]; + }; in { nixosConfigurations = (builtins.mapAttrs (name: value: value "toplevel") nixosConfigs); @@ -129,6 +163,7 @@ iso = (nixosConfigs."${hostname}" "iso").config.system.build.isoImage; vm_iso = (nixosConfigs."${hostname}" "vm_iso").config.system.build.isoImage; sd = (nixosConfigs."${hostname}" "sd").config.system.build.sdImage; + installer = (installerConfig hostname nodes."${hostname}").config.system.build.isoImage; }) (nixpkgs.lib.attrsets.filterAttrs (hostname: nodeConfig: nodeConfig.system == system) nodes)) ) ); diff --git a/nix/configuration/formats/installer.nix b/nix/configuration/formats/installer.nix new file mode 100644 index 00000000..f5131590 --- /dev/null +++ b/nix/configuration/formats/installer.nix @@ -0,0 +1,71 @@ +{ + config, + pkgs, + lib, + modulesPath, + targetSystem, + ... +}: +let + installer = pkgs.writeShellApplication { + name = "installer"; + runtimeInputs = with pkgs; [ + clevis + dosfstools + e2fsprogs + gawk + nixos-install-tools + util-linux + config.nix.package + ]; + text = '' + set -euo pipefail + + ${targetSystem.config.system.build.diskoScript} + + nixos-install --no-channel-copy --no-root-password --option substituters "" --system ${targetSystem.config.system.build.toplevel} + ''; + }; + # installerFailsafe = pkgs.writeShellScript "failsafe" '' + # ${lib.getExe installer} || echo "ERROR: Installation failure!" + # sleep 3600 + # ''; +in +{ + imports = [ + (modulesPath + "/installer/cd-dvd/iso-image.nix") + (modulesPath + "/profiles/all-hardware.nix") + ]; + + boot.kernelParams = [ + "quiet" + # "systemd.unit=getty.target" + ]; + boot.supportedFilesystems.zfs = true; + boot.initrd.systemd.enable = true; + + networking.hostId = "04581ecf"; + + isoImage.makeEfiBootable = true; + isoImage.makeUsbBootable = true; + isoImage.squashfsCompression = "zstd -Xcompression-level 15"; + + environment.systemPackages = [ + installer + ]; + + # systemd.services."getty@tty1" = { + # overrideStrategy = "asDropin"; + # serviceConfig = { + # ExecStart = [ + # "" + # installerFailsafe + # ]; + # Restart = "no"; + # StandardInput = "null"; + # }; + # }; + + # system.stateVersion = lib.mkDefault lib.trivial.release; + system.stateVersion = "24.11"; +} diff --git a/nix/configuration/formats/iso.nix b/nix/configuration/formats/iso.nix index 0c8bb2e4..974d7106 100644 --- a/nix/configuration/formats/iso.nix +++ b/nix/configuration/formats/iso.nix @@ -1,6 +1,8 @@ { + config, lib, modulesPath, + pkgs, ... }: @@ -20,12 +22,15 @@ me.disko.enable = true; me.disko.offline.enable = true; me.mountPersistence = lib.mkForce false; - me.optimizations.enable = lib.mkForce false; + # me.optimizations.enable = lib.mkForce false; # Not doing image_based_appliance because this might be an install ISO, in which case we'd need nix to do the install. # me.image_based_appliance.enable = true; # TODO: Should I use this instead of doing a mkIf for the disk config? # disko.enableConfig = false; + + # Faster image generation for testing/development. + isoImage.squashfsCompression = "zstd -Xcompression-level 15"; }; } diff --git a/nix/configuration/hosts/odowork/DEPLOY_BOOT b/nix/configuration/hosts/odowork/DEPLOY_BOOT index aca543f5..84f026aa 100755 --- a/nix/configuration/hosts/odowork/DEPLOY_BOOT +++ b/nix/configuration/hosts/odowork/DEPLOY_BOOT @@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" TARGET=odowork -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done - nixos-rebuild boot --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/DEPLOY_SWITCH b/nix/configuration/hosts/odowork/DEPLOY_SWITCH index 21800c00..53b4e89f 100755 --- a/nix/configuration/hosts/odowork/DEPLOY_SWITCH +++ b/nix/configuration/hosts/odowork/DEPLOY_SWITCH @@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" TARGET=odowork -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done - nixos-rebuild switch --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/INSTALLER b/nix/configuration/hosts/odowork/INSTALLER new file mode 100755 index 00000000..2dd62df6 --- /dev/null +++ b/nix/configuration/hosts/odowork/INSTALLER @@ -0,0 +1,9 @@ +#!/usr/bin/env bash +# +set -euo pipefail +IFS=$'\n\t' +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +: "${JOBS:="1"}" + +nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.installer" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/ISO b/nix/configuration/hosts/odowork/ISO index b4445976..581a575b 100755 --- a/nix/configuration/hosts/odowork/ISO +++ b/nix/configuration/hosts/odowork/ISO @@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" : "${JOBS:="1"}" -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.iso" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/SELF_BOOT b/nix/configuration/hosts/odowork/SELF_BOOT index cb64f513..55d395e0 100755 --- a/nix/configuration/hosts/odowork/SELF_BOOT +++ b/nix/configuration/hosts/odowork/SELF_BOOT @@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" : "${JOBS:="1"}" -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done nixos-rebuild boot --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/SELF_BUILD b/nix/configuration/hosts/odowork/SELF_BUILD index 20fe28bd..a06c4988 100755 --- a/nix/configuration/hosts/odowork/SELF_BUILD +++ b/nix/configuration/hosts/odowork/SELF_BUILD @@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" : "${JOBS:="1"}" -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done nixos-rebuild build --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/hosts/odowork/SELF_SWITCH b/nix/configuration/hosts/odowork/SELF_SWITCH index e3a04e36..84a1825d 100755 --- a/nix/configuration/hosts/odowork/SELF_SWITCH +++ b/nix/configuration/hosts/odowork/SELF_SWITCH @@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" : "${JOBS:="1"}" -for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done nixos-rebuild switch --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json diff --git a/nix/configuration/roles/disko/default.nix b/nix/configuration/roles/disko/default.nix index 8251cc7e..56ca2416 100644 --- a/nix/configuration/roles/disko/default.nix +++ b/nix/configuration/roles/disko/default.nix @@ -7,32 +7,49 @@ ... }: -let - flakeOutPaths = - let - collector = - parent: - map ( - child: - [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ]) - ) (lib.attrValues parent.inputs); - in - lib.unique (lib.flatten (collector self)); - dependencies = [ - this_nixos_config.pkgs.stdenv.drvPath - (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath +# let +# flakeOutPaths = +# let +# collector = +# parent: +# map ( +# child: +# [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ]) +# ) (lib.attrValues parent.inputs); +# in +# lib.unique (lib.flatten (collector self)); +# dependencies = [ +# this_nixos_config.pkgs.stdenv.drvPath +# (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath - # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342 - this_nixos_config.pkgs.perlPackages.ConfigIniFiles - this_nixos_config.pkgs.perlPackages.FileSlurp +# # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342 +# this_nixos_config.pkgs.perlPackages.ConfigIniFiles +# this_nixos_config.pkgs.perlPackages.FileSlurp - this_nixos_config.config.system.build.toplevel - this_nixos_config.config.system.build.diskoScript - ] - ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs); - # ++ flakeOutPaths; - closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; -in +# this_nixos_config.config.system.build.toplevel +# # this_nixos_config.config.system.build.toplevel.drvPath + +# this_nixos_config.config.system.build.diskoScript +# this_nixos_config.config.system.build.diskoScript.drvPath +# this_nixos_config.config.system.build.destroyScript.drvPath +# this_nixos_config.config.system.build.formatScript.drvPath +# this_nixos_config.config.system.build.mountScript.drvPath +# this_nixos_config.config.system.build.destroyScript +# this_nixos_config.config.system.build.formatScript +# this_nixos_config.config.system.build.mountScript + +# # config.system.build.diskoScript +# # config.system.build.diskoScript.drvPath +# # config.system.build.destroyScript.drvPath +# # config.system.build.formatScript.drvPath +# # config.system.build.mountScript.drvPath +# # config.system.build.destroyScript +# # config.system.build.formatScript +# # config.system.build.mountScript +# ] +# ++ flakeOutPaths; +# closureInfo = pkgs.closureInfo { rootPaths = dependencies; }; +# in { imports = [ ]; @@ -60,17 +77,27 @@ in ]; } (lib.mkIf config.me.disko.offline.enable { + # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries + #${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix' + environment.systemPackages = with pkgs; [ (pkgs.writeShellScriptBin "install-nixos-unattended" '' set -xeuo pipefail IFS=$'\n\t' - # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries - ${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix' - ${pkgs.nixos-install}/bin/nixos-install --substituters "http://10.0.2.2:8080?trusted=1 https://cache.nixos.org/" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}' + + #${this_nixos_config.config.system.build.destroyScript} + + #${this_nixos_config.config.system.build.formatScript} + + ${this_nixos_config.config.system.build.mountScript} + + ${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}' + + #${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --system '${this_nixos_config.config.system.build.toplevel}' '') ]; - environment.etc."install-closure".source = "${closureInfo}/store-paths"; + # environment.etc."install-closure".source = "${closureInfo}/store-paths"; }) ] );