Merge pull request #135 from nix-community/nixpkgs-upstream

switch back to nixpkgs upstream
2023-11-02 09:54:17 +00:00 · 2023-11-02 09:54:17 +00:00 · dd2e96b4a4
commit dd2e96b4a4
parent 87bccdbdfb fba4a2bf0d
8 changed files with 46 additions and 34 deletions
--- a/build-images.sh
+++ b/build-images.sh
@ -38,10 +38,8 @@ main() {
  ) | readarray -t assets
  for asset in "${assets[@]}"; do
    pushd "$(dirname "$asset")"
-    sha256sum "$(basename "$asset")" >>"$TMP/sha256sums"
    popd
  done
-  assets+=("$TMP/sha256sums")

  if ! gh release view "$tag"; then
    gh release create --title "$tag (build $(date +"%Y-%m-%d"))" "$tag"
--- a/flake.lock
+++ b/flake.lock
@ -2,32 +2,32 @@
  "nodes": {
    "nixos-2305": {
      "locked": {
-        "lastModified": 1691214239,
-        "narHash": "sha256-GcV1Ona0M8CpS0X6K9ZksWht9HUWXP+k4S0/zk02VmQ=",
-        "owner": "Mic92",
+        "lastModified": 1698911509,
+        "narHash": "sha256-FFwqTbF+1laraWTL/t7LI+gN+DYfoj+iFYLof5wCea8=",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "831724726ba052189092f52ae0774dd406d657bb",
+        "rev": "ecd985f22e007e6ac3152d68590c06cbbaea8c0e",
        "type": "github"
      },
      "original": {
-        "owner": "Mic92",
-        "ref": "netboot-fix-backport",
+        "owner": "NixOS",
+        "ref": "release-23.05",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "nixos-unstable": {
      "locked": {
-        "lastModified": 1691180400,
-        "narHash": "sha256-3XvIucYLBKM9xML1QH4fGSB9HFQ3me36ejJo9gTyuDE=",
-        "owner": "Mic92",
+        "lastModified": 1698800439,
+        "narHash": "sha256-SrAwRi266j7U9XqCl0qPwsvcFiQ55iPXEK36ZX6QPjE=",
+        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "52a39dea62074a5d47001e86646f71dff78ffcad",
+        "rev": "0ac7840a74c53b62f124e86fcde8cdd45f2bc131",
        "type": "github"
      },
      "original": {
-        "owner": "Mic92",
-        "ref": "netboot-fix",
+        "owner": "NixOS",
+        "ref": "nixos-unstable-small",
        "repo": "nixpkgs",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@ -1,10 +1,8 @@
 {
  description = "NixOS images";

-  # https://github.com/nix-community/nixos-images/pull/123
-  inputs.nixos-unstable.url = "github:Mic92/nixpkgs/netboot-fix";
-  # https://github.com/NixOS/nixpkgs/pull/247279
-  inputs.nixos-2305.url = "github:Mic92/nixpkgs/netboot-fix-backport";
+  inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
+  inputs.nixos-2305.url = "github:NixOS/nixpkgs/release-23.05";

  nixConfig.extra-substituters = [
    "https://cache.garnix.io"
--- a/nix/installer.nix
+++ b/nix/installer.nix
@ -16,6 +16,7 @@
  # Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable.
  networking.firewall.enable = false;

+  networking.useNetworkd = true;
  systemd.network.enable = true;
  networking.dhcpcd.enable = false;

@ -37,6 +38,7 @@
        "${pkgs.iproute2}/bin/ip -c addr"
        "${pkgs.iproute2}/bin/ip -c -6 route"
        "${pkgs.iproute2}/bin/ip -c -4 route"
+        "${pkgs.systemd}/bin/networkctl status"
      ];
    };
  };
--- a/nix/kexec-installer/restore_routes.py
+++ b/nix/kexec-installer/restore_routes.py
@ -47,7 +47,7 @@ def generate_networkd_units(
 ) -> None:
    directory.mkdir(exist_ok=True)
    for interface in interfaces:
-        name = f"{interface['ifname']}.network"
+        name = f"00-{interface['ifname']}.network"
        addresses = [
            f"Address = {addr['local']}/{addr['prefixlen']}"
            for addr in interface.get("addr_info", [])
@ -76,8 +76,17 @@ def generate_networkd_units(
 MACAddress = {interface["address"]}

 [Network]
+# both ipv4 and ipv6
 DHCP = yes
+# link-local multicast name resolution
+LLMNR = yes
+# lets us discover the switch port we're connected to
+LLDP = yes
+# ipv6 router advertisements
 IPv6AcceptRA = yes
+# allows us to ping "nixos.local"
+MulticastDNS = yes
+
 """
        unit += "\n".join(addresses)
        unit += "\n" + "\n".join(route_sections)
--- a/nix/kexec-installer/test.nix
+++ b/nix/kexec-installer/test.nix
@ -33,10 +33,8 @@ makeTest' {

      services.openssh.enable = true;

-      networking = {
-        useNetworkd = true;
-        useDHCP = false;
-      };
+      networking.useNetworkd = true;
+      networking.useDHCP = false;

      users.users.root.openssh.authorizedKeys.keyFiles = [ ./ssh-keys/id_ed25519.pub ];

@ -52,7 +50,8 @@ makeTest' {
            name = "eth0";
            address = [
              # Some static addresses that we want to see in the kexeced image
-              "192.168.42.1/24" "42::1/64"
+              "192.168.42.1/24"
+              "42::1/64"
            ];
            routes = [
              # Some static routes that we want to see in the kexeced image
@ -104,17 +103,17 @@ makeTest' {

    def ssh(cmd: list[str], check: bool = True, stdout: Optional[int] = None) -> subprocess.CompletedProcess:
        ssh_cmd = [
-          "${pkgs.openssh}/bin/ssh", 
-          "-o", "StrictHostKeyChecking=no", 
+          "${pkgs.openssh}/bin/ssh",
+          "-o", "StrictHostKeyChecking=no",
          "-o", "ConnectTimeout=1",
-          "-i", "${./ssh-keys/id_ed25519}", 
+          "-i", "${./ssh-keys/id_ed25519}",
          "-p", "2222",
          "root@127.0.0.1",
          "--"
        ] + cmd
        print(" ".join(ssh_cmd))
-        return subprocess.run(ssh_cmd, 
-                              text=True, 
+        return subprocess.run(ssh_cmd,
+                              text=True,
                              check=check,
                              stdout=stdout)

@ -136,14 +135,19 @@ makeTest' {
    node1.succeed('/root/kexec/run >&2')

    # wait for kexec to finish
-    while ssh(["true"], check=False).returncode == 0: 
+    while ssh(["true"], check=False).returncode == 0:
        print("Waiting for kexec to finish...")
        time.sleep(1)

-    while ssh(["true"], check=False).returncode != 0: 
+    while ssh(["true"], check=False).returncode != 0:
        print("Waiting for node2 to come up...")
        time.sleep(1)

+    while ssh(["systemctl is-active restore-network"], check=False).returncode != 0:
+        print("Waiting for network to be restored...")
+        time.sleep(1)
+    ssh(["systemctl", "status", "restore-network"])
+
    print(ssh(["ip", "addr"]))
    print(ssh(["ip", "route"]))
    print(ssh(["ip", "-6", "route"]))
@ -160,7 +164,7 @@ makeTest' {
    root_ed25519_after = ssh(["cat", "/root/.ssh/authorized_keys"], stdout=subprocess.PIPE).stdout.strip()
    assert root_ed25519_before in root_ed25519_after, f"'{root_ed25519_before}' not included in '{root_ed25519_after}'"

-    print(ssh(["cat", "/etc/systemd/network/eth0.network"]))
+    print(ssh(["cat", "/etc/systemd/network/00-eth0.network"]))
    ssh(["curl", "-v", "-I", f"http://10.0.2.2:{port}"])
    ssh(["curl", "-v", "-I", f"http://[fec0::2]:{port}"])

--- a/nix/netboot-installer/installer.nix
+++ b/nix/netboot-installer/installer.nix
@ -0,0 +1 @@
+
--- a/nix/netboot-installer/module.nix
+++ b/nix/netboot-installer/module.nix
@ -13,7 +13,7 @@
    paths = with config.system.build; [
      netbootRamdisk
      kernel
-      (pkgs.runCommand "kernel-params" {} ''
+      (pkgs.runCommand "kernel-params" { } ''
        mkdir -p $out
        ln -s "${config.system.build.toplevel}/kernel-params" $out/kernel-params
        ln -s "${config.system.build.toplevel}/init" $out/init
@ -27,7 +27,7 @@
      DHCP = "yes";
      LLMNR = "yes";
      EmitLLDP = "yes";
-      IPv6AcceptRA = "no";
+      IPv6AcceptRA = "yes";
      MulticastDNS = "yes";
      LinkLocalAddressing = "yes";
      LLDP = "yes";