Merge pull request #39 from nix-community/ci

add images also to flake
2022-12-16 14:03:02 +00:00 · 2022-12-16 14:03:02 +00:00 · 0c631c8212
commit 0c631c8212
parent ad3f70c71a a28cf85a1a
5 changed files with 79 additions and 10 deletions
--- a/README.md
+++ b/README.md
@ -35,9 +35,9 @@ The kexec installer comes with the following features:

 - Re-uses ssh host keys from the sshd to not break `.ssh/known_hosts`
 - Authorized ssh keys are read from `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and `/etc/ssh/authorized_keys.d/root`
- Static ip addresses and routes are restored after reboot. Interface that had
-  dynamic addresses before are configured with DHCP and to accept prefixes from
-  ipv6 router advertisment.
+- (experimental, only tested for nixos-unstable) Static ip addresses and routes
+  are restored after reboot. Interface that had dynamic addresses before are
+  configured with DHCP and to accept prefixes from ipv6 router advertisment


 The actual kexec happens with a slight delay (6s).  This allows for easier
--- a/flake.lock
+++ b/flake.lock
@ -0,0 +1,44 @@
+{
+  "nodes": {
+    "nixos-2211": {
+      "locked": {
+        "lastModified": 1659446231,
+        "narHash": "sha256-hekabNdTdgR/iLsgce5TGWmfIDZ86qjPhxDg/8TlzhE=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "eabc38219184cc3e04a974fe31857d8e0eac098d",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "release-21.11",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "nixos-unstable": {
+      "locked": {
+        "lastModified": 1671179347,
+        "narHash": "sha256-EaGqNC5HtvhXi+LVg2dW3EhKomVz4TijyylCTSwEel8=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "f0c1df314b7b5fc64603bb07a50759267b285149",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixos-unstable-small",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixos-2211": "nixos-2211",
+        "nixos-unstable": "nixos-unstable"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}
--- a/flake.nix
+++ b/flake.nix
@ -1,7 +1,28 @@
 {
  description = "NixOS images";

-  outputs = { self }: {
-    nixosModules.kexec-installer = ./nix/kexec-installer/module.nix;
+  inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
+  inputs.nixos-2211.url = "github:NixOS/nixpkgs/release-21.11";
+
+  nixConfig.extra-substituters = [
+    "https://cache.garnix.io"
+  ];
+  nixConfig.extra-trusted-public-keys = [
+    "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
+  ];
+
+  outputs = { self, nixos-unstable, nixos-2211 }: {
+    packages.x86_64-linux = let
+      netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") {}).netboot.x86_64-linux;
+    in {
+      netboot-unstable = netboot nixos-unstable;
+      netboot-2211 = netboot nixos-2211;
+    };
+    nixosModules.kexec-installer = import ./nix/kexec-installer/module.nix;
+    checks.x86_64-linux = {
+      kexec-installer-unstable = nixos-unstable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix {};
+      # networkd fails to set ipv6 gateway in 2211
+      #kexec-installer-2211 = nixos-2211.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix {};
+    };
  };
 }
--- a/nix/kexec-installer/module.nix
+++ b/nix/kexec-installer/module.nix
@ -16,7 +16,7 @@ in {

  # This is a variant of the upstream kexecScript that also allows embedding
  # a ssh key.
-  system.build.kexecRun = lib.mkForce (pkgs.writeScript "kexec-run" ''
+  system.build.kexecRun = pkgs.writeScript "kexec-run" ''
    #!/usr/bin/env bash
    set -ex
    shopt -s nullglob
@ -72,7 +72,7 @@ in {
    # We will kexec in background so we can cleanly finish the script before the hosts go down.
    # This makes integration with tools like terraform easier.
    nohup bash -c "sleep 6 && '$SCRIPT_DIR/kexec' -e" &
-  '');
+  '';

  system.build.kexecTarball = pkgs.runCommand "kexec-tarball" {} ''
    mkdir kexec $out
--- a/nix/kexec-installer/test.nix
+++ b/nix/kexec-installer/test.nix
@ -93,9 +93,13 @@ in makeTest' {
            ipv6Prefixes = [
              { ipv6PrefixConfig = { Prefix = "2001:db8::/64"; AddressAutoconfiguration = true; OnLink = true; }; }
            ];
-            ipv6RoutePrefixes = [
-              { ipv6RoutePrefixConfig = { Route = "::/0"; LifetimeSec = 3600; }; }
-            ];
+            # does not work in 22.11
+            #ipv6RoutePrefixes = [ { ipv6RoutePrefixConfig = { Route = "::/0"; LifetimeSec = 3600; }; }];
+            extraConfig = ''
+              [IPv6RoutePrefix]
+              Route = ::/0
+              LifetimeSec = 3600
+            '';
            networkConfig = {
              DHCPServer = true;
              Address = "10.0.0.1/24";