Recursively include inputs for all inputs in disko closure.

2025-11-21 20:07:46 -05:00 · 2025-11-21 20:07:46 -05:00 · 39997dc4d4
commit 39997dc4d4
parent 3348feb613
11 changed files with 176 additions and 37 deletions
--- a/nix/configuration/flake.nix
+++ b/nix/configuration/flake.nix
@ -117,6 +117,40 @@
          ];
        }
      ) nodes;
      installerConfig =
        hostname: nodeConfig:
        nixpkgs.lib.nixosSystem {
          specialArgs = {
            targetSystem = self.nixosConfigurations."${hostname}";
          };
          modules = [
            ./formats/installer.nix
            (
              {
                config,
                lib,
                pkgs,
                ...
              }:
              let
                repl_path = toString ./.;
                nix-self-repl = pkgs.writeShellScriptBin "nix-self-repl" ''
                  source /etc/set-environment
                  nix repl "${repl_path}/repl.nix" "$@"
                '';
                # If we wanted the current version of a flake then we'd just launch
                #   nix repl
                # and then run:
                #   :lf /path/to/flake
              in
              {
                config = {
                  environment.systemPackages = lib.mkIf config.nix.enable [ nix-self-repl ];
                };
              }
            )
          ];
        };
    in
    {
      nixosConfigurations = (builtins.mapAttrs (name: value: value "toplevel") nixosConfigs);
@ -129,6 +163,7 @@
            iso = (nixosConfigs."${hostname}" "iso").config.system.build.isoImage;
            vm_iso = (nixosConfigs."${hostname}" "vm_iso").config.system.build.isoImage;
            sd = (nixosConfigs."${hostname}" "sd").config.system.build.sdImage;
            installer = (installerConfig hostname nodes."${hostname}").config.system.build.isoImage;
          }) (nixpkgs.lib.attrsets.filterAttrs (hostname: nodeConfig: nodeConfig.system == system) nodes))
        )
      );
--- a/nix/configuration/formats/installer.nix
+++ b/nix/configuration/formats/installer.nix
@ -0,0 +1,71 @@
 {
  config,
  pkgs,
  lib,
  modulesPath,
  targetSystem,
  ...
 }:
 let
  installer = pkgs.writeShellApplication {
    name = "installer";
    runtimeInputs = with pkgs; [
      clevis
      dosfstools
      e2fsprogs
      gawk
      nixos-install-tools
      util-linux
      config.nix.package
    ];
    text = ''
      set -euo pipefail
      ${targetSystem.config.system.build.diskoScript}
      nixos-install --no-channel-copy --no-root-password --option substituters "" --system ${targetSystem.config.system.build.toplevel}
    '';
  };
  # installerFailsafe = pkgs.writeShellScript "failsafe" ''
  #   ${lib.getExe installer} || echo "ERROR: Installation failure!"
  #   sleep 3600
  # '';
 in
 {
  imports = [
    (modulesPath + "/installer/cd-dvd/iso-image.nix")
    (modulesPath + "/profiles/all-hardware.nix")
  ];
  boot.kernelParams = [
    "quiet"
    # "systemd.unit=getty.target"
  ];
  boot.supportedFilesystems.zfs = true;
  boot.initrd.systemd.enable = true;
  networking.hostId = "04581ecf";
  isoImage.makeEfiBootable = true;
  isoImage.makeUsbBootable = true;
  isoImage.squashfsCompression = "zstd -Xcompression-level 15";
  environment.systemPackages = [
    installer
  ];
  # systemd.services."getty@tty1" = {
  #   overrideStrategy = "asDropin";
  #   serviceConfig = {
  #     ExecStart = [
  #       ""
  #       installerFailsafe
  #     ];
  #     Restart = "no";
  #     StandardInput = "null";
  #   };
  # };
  # system.stateVersion = lib.mkDefault lib.trivial.release;
  system.stateVersion = "24.11";
 }
--- a/nix/configuration/formats/iso.nix
+++ b/nix/configuration/formats/iso.nix
@ -1,6 +1,8 @@
 {
  config,
  lib,
  modulesPath,
  pkgs,
  ...
 }:
@ -20,12 +22,15 @@
    me.disko.enable = true;
    me.disko.offline.enable = true;
    me.mountPersistence = lib.mkForce false;
-    me.optimizations.enable = lib.mkForce false;
+    # me.optimizations.enable = lib.mkForce false;
    # Not doing image_based_appliance because this might be an install ISO, in which case we'd need nix to do the install.
    # me.image_based_appliance.enable = true;
    # TODO: Should I use this instead of doing a mkIf for the disk config?
    # disko.enableConfig = false;
    # Faster image generation for testing/development.
    isoImage.squashfsCompression = "zstd -Xcompression-level 15";
  };
 }
--- a/nix/configuration/hosts/odowork/DEPLOY_BOOT
+++ b/nix/configuration/hosts/odowork/DEPLOY_BOOT
@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 TARGET=odowork
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild boot --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/DEPLOY_SWITCH
+++ b/nix/configuration/hosts/odowork/DEPLOY_SWITCH
@ -8,6 +8,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 TARGET=odowork
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild switch --flake "$DIR/../../#odowork" --target-host "$TARGET" --build-host "$TARGET" --fast --sudo --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/INSTALLER
+++ b/nix/configuration/hosts/odowork/INSTALLER
@ -0,0 +1,9 @@
 #!/usr/bin/env bash
 #
 set -euo pipefail
 IFS=$'\n\t'
 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 : "${JOBS:="1"}"
 nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.installer" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/ISO
+++ b/nix/configuration/hosts/odowork/ISO
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 : "${JOBS:="1"}"
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nix build --extra-experimental-features nix-command --extra-experimental-features flakes "$DIR/../..#odowork.iso" --max-jobs "$JOBS" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_BOOT
+++ b/nix/configuration/hosts/odowork/SELF_BOOT
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 : "${JOBS:="1"}"
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild boot --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_BUILD
+++ b/nix/configuration/hosts/odowork/SELF_BUILD
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 : "${JOBS:="1"}"
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild build --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/hosts/odowork/SELF_SWITCH
+++ b/nix/configuration/hosts/odowork/SELF_SWITCH
@ -6,5 +6,4 @@ DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
 : "${JOBS:="1"}"
 for f in /persist/manual/manual_add_to_store/*; do nix-store --add-fixed sha256 "$f"; done
 nixos-rebuild switch --show-trace --sudo --max-jobs "$JOBS" --flake "$DIR/../../#odowork" --log-format internal-json -v "${@}" |& nom --json
--- a/nix/configuration/roles/disko/default.nix
+++ b/nix/configuration/roles/disko/default.nix
@ -7,32 +7,49 @@
  ...
 }:
-let
+# let
-  flakeOutPaths =
+#   flakeOutPaths =
-    let
+#     let
-      collector =
+#       collector =
-        parent:
+#         parent:
-        map (
+#         map (
-          child:
+#           child:
-          [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ])
+#           [ child.outPath ] ++ (if child ? inputs && child.inputs != { } then (collector child) else [ ])
-        ) (lib.attrValues parent.inputs);
+#         ) (lib.attrValues parent.inputs);
-    in
+#     in
-    lib.unique (lib.flatten (collector self));
+#     lib.unique (lib.flatten (collector self));
-  dependencies = [
+#   dependencies = [
-    this_nixos_config.pkgs.stdenv.drvPath
+#     this_nixos_config.pkgs.stdenv.drvPath
-    (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
+#     (this_nixos_config.pkgs.closureInfo { rootPaths = [ ]; }).drvPath
-    # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342
+#     # https://github.com/NixOS/nixpkgs/blob/f2fd33a198a58c4f3d53213f01432e4d88474956/nixos/modules/system/activation/top-level.nix#L342
-    this_nixos_config.pkgs.perlPackages.ConfigIniFiles
+#     this_nixos_config.pkgs.perlPackages.ConfigIniFiles
-    this_nixos_config.pkgs.perlPackages.FileSlurp
+#     this_nixos_config.pkgs.perlPackages.FileSlurp
-    this_nixos_config.config.system.build.toplevel
+#     this_nixos_config.config.system.build.toplevel
-    this_nixos_config.config.system.build.diskoScript
+#     # this_nixos_config.config.system.build.toplevel.drvPath
-  ]
+
-  ++ builtins.map (i: i.outPath) (builtins.attrValues self.inputs);
+#     this_nixos_config.config.system.build.diskoScript
 #     this_nixos_config.config.system.build.diskoScript.drvPath
 #     this_nixos_config.config.system.build.destroyScript.drvPath
 #     this_nixos_config.config.system.build.formatScript.drvPath
 #     this_nixos_config.config.system.build.mountScript.drvPath
 #     this_nixos_config.config.system.build.destroyScript
 #     this_nixos_config.config.system.build.formatScript
 #     this_nixos_config.config.system.build.mountScript
 #     # config.system.build.diskoScript
 #     # config.system.build.diskoScript.drvPath
 #     # config.system.build.destroyScript.drvPath
 #     # config.system.build.formatScript.drvPath
 #     # config.system.build.mountScript.drvPath
 #     # config.system.build.destroyScript
 #     # config.system.build.formatScript
 #     # config.system.build.mountScript
 #   ]
 #   ++ flakeOutPaths;
-  closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
+#   closureInfo = pkgs.closureInfo { rootPaths = dependencies; };
-in
+# in
 {
  imports = [ ];
@ -60,17 +77,27 @@ in
        ];
      }
      (lib.mkIf config.me.disko.offline.enable {
        # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries
        #${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix'
        environment.systemPackages = with pkgs; [
          (pkgs.writeShellScriptBin "install-nixos-unattended" ''
            set -xeuo pipefail
            IFS=$'\n\t'
-            # exec ${pkgs.disko}/bin/disko-install --flake '${self}#${config.networking.hostName}' --disk main '/dev/nvme0n1' --write-efi-boot-entries
+
-            ${pkgs.disko}/bin/disko --mode destroy,format,mount '${self}/hosts/${config.networking.hostName}/disk-config.nix'
+            #${this_nixos_config.config.system.build.destroyScript}
-            ${pkgs.nixos-install}/bin/nixos-install --substituters "http://10.0.2.2:8080?trusted=1 https://cache.nixos.org/" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}'
+
            #${this_nixos_config.config.system.build.formatScript}
            ${this_nixos_config.config.system.build.mountScript}
            ${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --flake '${self}#${config.networking.hostName}'
            #${pkgs.nixos-install}/bin/nixos-install --substituters "" --no-channel-copy --no-root-password --system '${this_nixos_config.config.system.build.toplevel}'
          '')
        ];
-        environment.etc."install-closure".source = "${closureInfo}/store-paths";
+        # environment.etc."install-closure".source = "${closureInfo}/store-paths";
      })
    ]
  );