emily/nixos-images
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

upgrade to nixos 24.05

Browse source
This commit is contained in:
Jörg Thalheim 2024-06-07 10:25:52 +02:00
parent 47bfb55316
commit 3e2e064af0
5 changed files with 27 additions and 48 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
build-images.sh
View file

@ -5,8 +5,8 @@ set -xeuo pipefail
shopt -s lastpipe shopt -s lastpipe
build_netboot_image() { build_netboot_image() {
declare -r tag=$1 arch=$2 tmp=$3 declare -r tag=$1 channel=$2 arch=$3 tmp=$4
img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-${tag//./}") img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-${channel//./}")
kernel=$(echo "$img"/*Image) kernel=$(echo "$img"/*Image)
kernelName=$(basename "$kernel") kernelName=$(basename "$kernel")
ln -s "$kernel" "$tmp/$kernelName-$arch" ln -s "$kernel" "$tmp/$kernelName-$arch"
@ -22,14 +22,14 @@ build_netboot_image() {
} }
build_kexec_installer() { build_kexec_installer() {
declare -r tag=$1 arch=$2 tmp=$3 variant=$4 declare -r channel=$1 arch=$2 tmp=$3 variant=$4
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-${tag//./}${variant}") out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-${channel}${variant}")
echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz" echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz"
} }
build_image_installer() { build_image_installer() {
declare -r tag=$1 arch=$2 tmp=$3 declare -r channel=$1 arch=$2 tmp=$3
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.image-installer-${tag//./}") out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.image-installer-${channel//./}")
echo "$out/iso/nixos-installer-${arch}.iso" echo "$out/iso/nixos-installer-${arch}.iso"
} }
@ -38,10 +38,11 @@ main() {
tmp="$(mktemp -d)" tmp="$(mktemp -d)"
trap 'rm -rf -- "$tmp"' EXIT trap 'rm -rf -- "$tmp"' EXIT
( (
build_kexec_installer "$tag" "$arch" "$tmp" "" channel=$(if [[ "$tag" == nixos-unstable ]]; then echo "unstable"; else echo "stable"; fi)
build_kexec_installer "$tag" "$arch" "$tmp" "-noninteractive" build_kexec_installer "$channel" "$arch" "$tmp" ""
build_netboot_image "$tag" "$arch" "$tmp" build_kexec_installer "$channel" "$arch" "$tmp" "-noninteractive"
build_image_installer "$tag" "$arch" "$tmp" build_netboot_image "$tag" "$channel" "$arch" "$tmp"
build_image_installer "$channel" "$arch" "$tmp"
) | readarray -t assets ) | readarray -t assets
for asset in "${assets[@]}"; do for asset in "${assets[@]}"; do
pushd "$(dirname "$asset")" pushd "$(dirname "$asset")"

12
flake.lock
View file

@ -1,17 +1,17 @@
{ {
"nodes": { "nodes": {
"nixos-2311": { "nixos-stable": {
"locked": { "locked": {
"lastModified": 1717017538, "lastModified": 1717555607,
"narHash": "sha256-S5kltvDDfNQM3xx9XcvzKEOyN2qk8Sa+aSOLqZ+1Ujc=", "narHash": "sha256-WZ1s48OODmRJ3DHC+I/DtM3tDRuRJlNqMvxvAPTD7ec=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "64e468fd2652105710d86cd2ae3e65a5a6d58dec", "rev": "0b8e7a1ae5a94da2e1ee3f3030a32020f6254105",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "release-23.11", "ref": "nixos-24.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@ -34,7 +34,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"nixos-2311": "nixos-2311", "nixos-stable": "nixos-stable",
"nixos-unstable": "nixos-unstable" "nixos-unstable": "nixos-unstable"
} }
} }

18
flake.nix
View file

@ -2,12 +2,12 @@
description = "NixOS images"; description = "NixOS images";
inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
inputs.nixos-2311.url = "github:NixOS/nixpkgs/release-23.11"; inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
nixConfig.extra-substituters = [ "https://numtide.cachix.org" ]; nixConfig.extra-substituters = [ "https://numtide.cachix.org" ];
nixConfig.extra-trusted-public-keys = [ "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" ]; nixConfig.extra-trusted-public-keys = [ "numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE=" ];
outputs = { self, nixos-unstable, nixos-2311 }: outputs = { self, nixos-unstable, nixos-stable }:
let let
supportedSystems = [ "aarch64-linux" "x86_64-linux" ]; supportedSystems = [ "aarch64-linux" "x86_64-linux" ];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems; forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
@ -22,12 +22,12 @@
in in
{ {
netboot-nixos-unstable = netboot nixos-unstable; netboot-nixos-unstable = netboot nixos-unstable;
netboot-nixos-2311 = netboot nixos-2311; netboot-nixos-stable = netboot nixos-stable;
kexec-installer-nixos-unstable = kexec-installer nixos-unstable [ ]; kexec-installer-nixos-unstable = kexec-installer nixos-unstable [ ];
kexec-installer-nixos-2311 = kexec-installer nixos-2311 [ ]; kexec-installer-nixos-stable = kexec-installer nixos-stable [ ];
image-installer-nixos-unstable = image-installer nixos-unstable; image-installer-nixos-unstable = image-installer nixos-unstable;
image-installer-nixos-2311 = image-installer nixos-2311; image-installer-nixos-stable = image-installer nixos-stable;
kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [ kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [
{ {
@ -35,7 +35,7 @@
} }
self.nixosModules.noninteractive self.nixosModules.noninteractive
]; ];
kexec-installer-nixos-2311-noninteractive = kexec-installer nixos-2311 [ kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable [
{ {
system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
} }
@ -43,7 +43,7 @@
]; ];
netboot-installer-nixos-unstable = netboot-installer nixos-unstable; netboot-installer-nixos-unstable = netboot-installer nixos-unstable;
netboot-installer-nixos-2311 = netboot-installer nixos-2311; netboot-installer-nixos-stable = netboot-installer nixos-stable;
}); });
nixosModules = { nixosModules = {
kexec-installer = ./nix/kexec-installer/module.nix; kexec-installer = ./nix/kexec-installer/module.nix;
@ -71,8 +71,8 @@
shellcheck ${(pkgs.nixos [self.nixosModules.kexec-installer]).config.system.build.kexecRun} shellcheck ${(pkgs.nixos [self.nixosModules.kexec-installer]).config.system.build.kexecRun}
touch $out touch $out
''; '';
kexec-installer-2311 = nixos-2311.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix { kexec-installer-stable = nixos-stable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-2311-noninteractive; kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-stable-noninteractive;
}; };
}; };
in in

5
nix/installer.nix
View file

@ -5,10 +5,6 @@
modulesPath, modulesPath,
... ...
}: }:
let
# can be dropped after 23.11 is removed
hasPerlless = builtins.pathExists "${modulesPath}/profiles/perlless.nix";
in
{ {
# more descriptive hostname than just "nixos" # more descriptive hostname than just "nixos"
networking.hostName = lib.mkDefault "nixos-installer"; networking.hostName = lib.mkDefault "nixos-installer";
@ -36,7 +32,6 @@ in
imports = [ imports = [
./nix-settings.nix ./nix-settings.nix
# reduce closure size by removing perl # reduce closure size by removing perl
] ++ lib.optionals hasPerlless [
"${modulesPath}/profiles/perlless.nix" "${modulesPath}/profiles/perlless.nix"
# FIXME: we still are left with nixos-generate-config due to nixos-install-tools # FIXME: we still are left with nixos-generate-config due to nixos-install-tools
{ system.forbiddenDependenciesRegexes = lib.mkForce []; } { system.forbiddenDependenciesRegexes = lib.mkForce []; }

19
nix/restore-remote-access.nix
View file

@ -1,10 +1,6 @@
{ lib, ... }:
let
is2405 = lib.versionAtLeast lib.version "24.05pre";
in
{ {
# We have a bug in 23.11 in combination with netboot. # We have a bug in 23.11 in combination with netboot.
boot.initrd.systemd.enable = is2405; boot.initrd.systemd.enable = true;
boot.initrd.systemd.services.restore-state-from-initrd = { boot.initrd.systemd.services.restore-state-from-initrd = {
unitConfig = { unitConfig = {
DefaultDependencies = false; DefaultDependencies = false;
@ -30,17 +26,4 @@ in
fi fi
''; '';
}; };
boot.initrd.postMountCommands = lib.mkIf (!is2405) ''
mkdir -m 700 -p /mnt-root/root/.ssh
mkdir -m 755 -p /mnt-root/etc/ssh
mkdir -m 755 -p /mnt-root/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /mnt-root/root/.ssh
fi
install -m 400 ssh/ssh_host_* /mnt-root/etc/ssh
cp *.json /mnt-root/root/network/
if [[ -f machine-id ]]; then
cp machine-id /mnt-root/etc/machine-id
fi
'';
} }