nixos-images/nix/kexec-installer/module.nix

{
  config,
  lib,
  modulesPath,
  pkgs,
  ...
}:
let
  restore-network = pkgs.writers.writePython3 "restore-network" {
    flakeIgnore = [ "E501" ];
  } ./restore_routes.py;

  # does not link with iptables enabled
  iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };

  kexec-tools = pkgs.pkgsStatic.kexec-tools.overrideAttrs (old: {
    patches = old.patches ++ [
      (pkgs.fetchpatch {
        url = "https://marc.info/?l=kexec&m=166636009110699&q=mbox";
        hash = "sha256-wi0/Ajy/Ac+7npKEvDsMzgNhEWhOMFeoUWcpgGrmVDc=";
      })
    ];

    nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
      pkgs.pkgsStatic.buildPackages.autoreconfHook
    ];
    meta = old.meta // {
      badPlatforms = [ ]; # allow riscv64
    };
  });
in
{
  imports = [
    (modulesPath + "/installer/netboot/netboot-minimal.nix")
    ../installer.nix
    ../networkd.nix
    ../serial.nix
    ../restore-remote-access.nix
  ];
  options = {
    system.kexec-installer.name = lib.mkOption {
      type = lib.types.str;
      default = "nixos-kexec-installer";
      description = ''
        The variant of the kexec installer to use.
      '';
    };
  };

  config = {
    # This is a variant of the upstream kexecScript that also allows embedding
    # a ssh key.
    system.build.kexecRun =
      pkgs.runCommand "kexec-run" { nativeBuildInputs = [ pkgs.buildPackages.shellcheck ]; }
        ''
          install -D -m 0755 ${./kexec-run.sh} $out

          sed -i \
            -e 's|@init@|${config.system.build.toplevel}/init|' \
            -e 's|@kernelParams@|${lib.escapeShellArgs config.boot.kernelParams}|' \
            $out

          shellcheck $out
        '';

    system.build.kexecTarball = pkgs.runCommand "kexec-tarball" { } ''
      mkdir kexec $out
      cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd
      cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage
      cp "${config.system.build.kexecRun}" kexec/run
      cp "${kexec-tools}/bin/kexec" kexec/kexec
      cp "${iprouteStatic}/bin/ip" kexec/ip
      ${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) ''
        kexec/ip -V
        kexec/kexec --version
      ''}
      tar -czvf $out/${config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz kexec
    '';

    # for detection if we are on kexec
    environment.etc.is_kexec.text = "true";

    systemd.services.restore-network = {
      before = [ "network-pre.target" ];
      wants = [ "network-pre.target" ];
      wantedBy = [ "multi-user.target" ];

      serviceConfig = {
        Type = "oneshot";
        RemainAfterExit = true;
        ExecStart = [
          "${restore-network} /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network"
        ];
      };

      unitConfig.ConditionPathExists = [
        "/root/network/addrs.json"
        "/root/network/routes-v4.json"
        "/root/network/routes-v6.json"
      ];
    };
  };
}
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`{`
			`config,`
			`lib,`
			`modulesPath,`
			`pkgs,`
			`...`
			`}:`
kexec-installer: no need to put restoreNetwork into systemPackages 2022-11-25 10:08:39 +01:00			`let`
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`restore-network = pkgs.writers.writePython3 "restore-network" {`
			`flakeIgnore = [ "E501" ];`
			`} ./restore_routes.py;`
add static iproute binary This adds 500KB to the tarball but fixes hosts where iproute2 is old 2022-12-01 16:11:43 +01:00
			`# does not link with iptables enabled`
			`iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };`
add riscv64 kexec image 2024-06-23 15:13:27 +02:00
			`kexec-tools = pkgs.pkgsStatic.kexec-tools.overrideAttrs (old: {`
			`patches = old.patches ++ [`
			`(pkgs.fetchpatch {`
			`url = "https://marc.info/?l=kexec&m=166636009110699&q=mbox";`
			`hash = "sha256-wi0/Ajy/Ac+7npKEvDsMzgNhEWhOMFeoUWcpgGrmVDc=";`
			`})`
			`];`

			`nativeBuildInputs = (old.nativeBuildInputs or []) ++ [`
			`pkgs.pkgsStatic.buildPackages.autoreconfHook`
			`];`
			`meta = old.meta // {`
			`badPlatforms = [ ]; # allow riscv64`
			`};`
			`});`
move out code from kexec-installer into its own module 2023-05-15 14:54:05 +02:00			`in`
			`{`
add kexec installer 2022-09-04 14:57:14 +02:00			`imports = [`
			`(modulesPath + "/installer/netboot/netboot-minimal.nix")`
move out code from kexec-installer into its own module 2023-05-15 14:54:05 +02:00			`../installer.nix`
add image-installer add image-installer 2024-04-16 12:23:50 +02:00			`../networkd.nix`
			`../serial.nix`
			`../restore-remote-access.nix`
add kexec installer 2022-09-04 14:57:14 +02:00			`];`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`options = {`
			`system.kexec-installer.name = lib.mkOption {`
			`type = lib.types.str;`
			`default = "nixos-kexec-installer";`
			`description = ''`
			`The variant of the kexec installer to use.`
			`'';`
kexec-installer: fix static ip tests 2022-11-27 19:56:24 +01:00			`};`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`};`
kexec-installer: make iproute2 optional 2022-11-25 09:58:23 +01:00
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`config = {`
			`# This is a variant of the upstream kexecScript that also allows embedding`
			`# a ssh key.`
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`system.build.kexecRun =`
			`pkgs.runCommand "kexec-run" { nativeBuildInputs = [ pkgs.buildPackages.shellcheck ]; }`
			`''`
			`install -D -m 0755 ${./kexec-run.sh} $out`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`sed -i \`
			`-e 's\|@init@\|${config.system.build.toplevel}/init\|' \`
			`-e 's\|@kernelParams@\|${lib.escapeShellArgs config.boot.kernelParams}\|' \`
			`$out`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`shellcheck $out`
			`'';`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00
move out code from kexec-installer into its own module 2023-05-15 14:54:05 +02:00			`system.build.kexecTarball = pkgs.runCommand "kexec-tarball" { } ''`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`mkdir kexec $out`
			`cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd`
			`cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage`
			`cp "${config.system.build.kexecRun}" kexec/run`
add riscv64 kexec image 2024-06-23 15:13:27 +02:00			`cp "${kexec-tools}/bin/kexec" kexec/kexec`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`cp "${iprouteStatic}/bin/ip" kexec/ip`
kexec-installer: add smoketest for binaries 2023-05-15 12:04:37 +02:00			`${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) ''`
			`kexec/ip -V`
			`kexec/kexec --version`
			`''}`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`tar -czvf $out/${config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz kexec`
			`'';`

			`# for detection if we are on kexec`
			`environment.etc.is_kexec.text = "true";`

			`systemd.services.restore-network = {`
			`before = [ "network-pre.target" ];`
			`wants = [ "network-pre.target" ];`
			`wantedBy = [ "multi-user.target" ];`

			`serviceConfig = {`
			`Type = "oneshot";`
			`RemainAfterExit = true;`
			`ExecStart = [`
			`"${restore-network} /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network"`
			`];`
			`};`

			`unitConfig.ConditionPathExists = [`
			`"/root/network/addrs.json"`
			`"/root/network/routes-v4.json"`
			`"/root/network/routes-v6.json"`
kexec-installer: log network status after becoming online 2023-01-05 11:04:16 +01:00			`];`
			`};`
kexec-installer: build variants 2023-05-07 21:06:12 +02:00			`};`
add kexec installer 2022-09-04 14:57:14 +02:00			`}`