forked from Fediversity/Fediversity
Kiara Grouwstra
dd5a6335b1
pass in description fix syntax configure proxmox provider typo add doc comment in existing modules add comment allow insecure proxmox connection for use in dev wip proxmox progress use service configurations moved to machine-independent location wire settings directly without option block terraform adjust cwd try tf on null input update .envrc.sample with sample proxmox credentials
68 lines
2 KiB
Nix
68 lines
2 KiB
Nix
/**
|
|
Convert a NixOS configuration to one for a minimal installer ISO
|
|
|
|
WARNING: Running this installer will format the target disk!
|
|
*/
|
|
|
|
{
|
|
nixpkgs ? <nixpkgs>,
|
|
hostKeys ? { },
|
|
system ? builtins.currentSystem, # may need build on remote
|
|
nixosConfiguration ? import ../infra/common/nixos/base.nix,
|
|
conf ? import "${nixpkgs}/nixos/lib/eval-config.nix" {
|
|
system = builtins.currentSystem;
|
|
modules = [ nixosConfiguration ];
|
|
},
|
|
}:
|
|
|
|
let
|
|
inherit (builtins) concatStringsSep attrValues mapAttrs;
|
|
|
|
installer =
|
|
{
|
|
pkgs,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
bootstrap = pkgs.writeShellApplication {
|
|
name = "bootstrap";
|
|
runtimeInputs = with pkgs; [ nixos-install-tools ];
|
|
text = ''
|
|
${conf.config.system.build.diskoScript}
|
|
nixos-install --no-root-password --no-channel-copy --system ${conf.config.system.build.toplevel}
|
|
${concatStringsSep "\n" (
|
|
attrValues (
|
|
mapAttrs (kind: keys: ''
|
|
cp ${keys.private} /mnt/etc/ssh/ssh_host_${kind}_key
|
|
chmod 600 /mnt/etc/ssh/ssh_host_${kind}_key
|
|
cp ${keys.public} /mnt/etc/ssh/ssh_host_${kind}_key.pub
|
|
chmod 644 /mnt/etc/ssh/ssh_host_${kind}_key.pub
|
|
'') hostKeys
|
|
)
|
|
)}
|
|
poweroff
|
|
'';
|
|
};
|
|
in
|
|
{
|
|
imports = [
|
|
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix"
|
|
];
|
|
nixpkgs.hostPlatform = system;
|
|
services.getty.autologinUser = lib.mkForce "root";
|
|
programs.bash.loginShellInit = pkgs.lib.getExe bootstrap;
|
|
|
|
isoImage = {
|
|
compressImage = false;
|
|
squashfsCompression = "lz4";
|
|
isoName = lib.mkForce "installer.iso";
|
|
## ^^ FIXME: Use a more interesting name or keep the default name and
|
|
## use `isoImage.isoName` in the tests.
|
|
};
|
|
};
|
|
in
|
|
(import "${nixpkgs}/nixos/lib/eval-config.nix" {
|
|
inherit system;
|
|
modules = [ installer ];
|
|
}).config.system.build.isoImage
|