add riscv64 kexec image

This commit is contained in:
Jörg Thalheim 2024-06-23 15:13:27 +02:00
parent 6d917c1e38
commit 2d72a425a2
4 changed files with 106 additions and 40 deletions

View file

@ -36,7 +36,7 @@ integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations
## Iso installer images
## ISO installer images
This image allows to boot a NixOS installer off a USB-Stick.
This installer has been optimized for remote installation i.e.

View file

@ -5,20 +5,39 @@
inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];
nixConfig.extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
nixConfig.extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
outputs = { self, nixos-unstable, nixos-stable }:
let
supportedSystems = [ "aarch64-linux" "x86_64-linux" ];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
in
outputs =
{
packages = forAllSystems (system:
self,
nixos-unstable,
nixos-stable,
}:
let
supportedSystems = [
"aarch64-linux"
"x86_64-linux"
];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
packages = forAllSystems (
system:
let
netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system};
kexec-installer = nixpkgs: modules: (nixpkgs.legacyPackages.${system}.nixos (modules ++ [ self.nixosModules.kexec-installer ])).config.system.build.kexecTarball;
netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ]).config.system.build.netboot;
image-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ]).config.system.build.isoImage;
kexec-installer =
nixpkgs: modules:
(nixpkgs.legacyPackages.${system}.nixos (modules ++ [ self.nixosModules.kexec-installer ]))
.config.system.build.kexecTarball;
netboot-installer =
nixpkgs:
(nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ])
.config.system.build.netboot;
image-installer =
nixpkgs:
(nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ])
.config.system.build.isoImage;
in
{
netboot-nixos-unstable = netboot nixos-unstable;
@ -30,21 +49,40 @@
image-installer-nixos-stable = image-installer nixos-stable;
kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [
{
system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
}
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
self.nixosModules.noninteractive
];
kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable [
{
system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
}
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
self.nixosModules.noninteractive
];
netboot-installer-nixos-unstable = netboot-installer nixos-unstable;
netboot-installer-nixos-stable = netboot-installer nixos-stable;
});
}
);
crossPackages = {
x86_64-linux =
let
kexec-installer =
nixpkgs: modules:
(nixpkgs.legacyPackages.x86_64-linux.pkgsCross.riscv64.nixos (
modules
++ [
self.nixosModules.kexec-installer
self.nixosModules.noninteractive
]
)).config.system.build.kexecTarball;
in
{
kexec-installer-nixos-unstable-noninteractive-riscv64 = kexec-installer nixos-unstable [ ];
kexec-installer-nixos-stable-noninteractive-riscv64 = kexec-installer nixos-stable [ ];
};
};
in
{
packages = nixos-unstable.lib.recursiveUpdate packages crossPackages;
nixosModules = {
kexec-installer = ./nix/kexec-installer/module.nix;
noninteractive = ./nix/noninteractive.nix;
@ -55,7 +93,12 @@
checks =
let
# re-export the packages as checks
packages = forAllSystems (system: nixos-unstable.lib.mapAttrs' (n: nixos-unstable.lib.nameValuePair "package-${n}") self.packages.${system});
packages = forAllSystems (
system:
nixos-unstable.lib.mapAttrs' (
n: nixos-unstable.lib.nameValuePair "package-${n}"
) self.packages.${system}
);
checks =
let
pkgs = nixos-unstable.legacyPackages.x86_64-linux;
@ -64,16 +107,13 @@
kexec-installer-unstable = pkgs.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-unstable-noninteractive;
};
shellcheck = pkgs.runCommand "shellcheck"
{
nativeBuildInputs = [ pkgs.shellcheck ];
} ''
shellcheck = pkgs.runCommand "shellcheck" { nativeBuildInputs = [ pkgs.shellcheck ]; } ''
shellcheck ${(pkgs.nixos [ self.nixosModules.kexec-installer ]).config.system.build.kexecRun}
touch $out
'';
kexec-installer-stable = nixos-stable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-stable-noninteractive;
};
kexec-installer-stable =
nixos-stable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix
{ kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-stable-noninteractive; };
};
in
nixos-unstable.lib.recursiveUpdate packages { x86_64-linux = checks; };

View file

@ -1,10 +1,33 @@
{ config, lib, modulesPath, pkgs, ... }:
{
config,
lib,
modulesPath,
pkgs,
...
}:
let
restore-network = pkgs.writers.writePython3 "restore-network" { flakeIgnore = [ "E501" ]; }
./restore_routes.py;
restore-network = pkgs.writers.writePython3 "restore-network" {
flakeIgnore = [ "E501" ];
} ./restore_routes.py;
# does not link with iptables enabled
iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };
kexec-tools = pkgs.pkgsStatic.kexec-tools.overrideAttrs (old: {
patches = old.patches ++ [
(pkgs.fetchpatch {
url = "https://marc.info/?l=kexec&m=166636009110699&q=mbox";
hash = "sha256-wi0/Ajy/Ac+7npKEvDsMzgNhEWhOMFeoUWcpgGrmVDc=";
})
];
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
pkgs.pkgsStatic.buildPackages.autoreconfHook
];
meta = old.meta // {
badPlatforms = [ ]; # allow riscv64
};
});
in
{
imports = [
@ -27,7 +50,9 @@ in
config = {
# This is a variant of the upstream kexecScript that also allows embedding
# a ssh key.
system.build.kexecRun = pkgs.runCommand "kexec-run" { } ''
system.build.kexecRun =
pkgs.runCommand "kexec-run" { nativeBuildInputs = [ pkgs.buildPackages.shellcheck ]; }
''
install -D -m 0755 ${./kexec-run.sh} $out
sed -i \
@ -35,7 +60,7 @@ in
-e 's|@kernelParams@|${lib.escapeShellArgs config.boot.kernelParams}|' \
$out
${pkgs.shellcheck}/bin/shellcheck $out
shellcheck $out
'';
system.build.kexecTarball = pkgs.runCommand "kexec-tarball" { } ''
@ -43,7 +68,7 @@ in
cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd
cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage
cp "${config.system.build.kexecRun}" kexec/run
cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" kexec/kexec
cp "${kexec-tools}/bin/kexec" kexec/kexec
cp "${iprouteStatic}/bin/ip" kexec/ip
${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) ''
kexec/ip -V

View file

@ -5,8 +5,9 @@ let
# this overrides saves 10MB
samba = pkgs.coreutils;
};
hasZfs = lib.meta.availableOn pkgs.stdenv.hostPlatform config.boot.zfs.package;
in
{
lib.mkIf hasZfs {
services.udev.packages = [ zfs ]; # to hook zvol naming, etc.
# unsure if need this, but in future udev rules could potentially point to systemd services.
systemd.packages = [ zfs ];