Compare commits

...

263 commits
fix-ci ... main

Author SHA1 Message Date
1d4c4b7f6f
feat: add riscv64-linux image
Some checks failed
Build / images (nscloud-ubuntu-22.04-arm64-4x16, nixos-24.05) (push) Has been cancelled
Build / images (nscloud-ubuntu-22.04-arm64-4x16, nixos-unstable) (push) Has been cancelled
Build / images (ubuntu-latest, nixos-24.05) (push) Has been cancelled
Build / images (ubuntu-latest, nixos-unstable) (push) Has been cancelled
2024-10-23 21:46:19 +02:00
github-actions[bot]
a5fbf34b25 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/c0b1da36f7c34a7146501f684e9ebdf15d2bebf8?narHash=sha256-WLxED18lodtQiayIPDE5zwAfkPJSjHJ35UhZ8h3cJUg%3D' (2024-10-14)
  → 'github:NixOS/nixpkgs/4eb33fe664af7b41a4c446f87d20c9a0a6321fa3?narHash=sha256-LDiPhQ3l%2BfBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I%3D' (2024-10-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/8f1d45587bd9af3dbf5146aa8a1347e20421597b?narHash=sha256-6sIuRVqVMHq9ZwcEVdpf2BuZeuLIUgvFznhIfsc75Jo%3D' (2024-10-16)
  → 'github:NixOS/nixpkgs/e3f55158e7587c5a5fdb0e86eb7ca4f455f0928f?narHash=sha256-3GNZr0V4b19RZ5mlyiY/4F8N2pzitvjDU6aHMWjAqLI%3D' (2024-10-20)
2024-10-21 01:29:42 +00:00
github-actions[bot]
3103f26e06 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077?narHash=sha256-u%2BrxA79a0lyhG%2Bu%2BoPBRtTDtzz8kvkc9a6SWSt9ekVc%3D' (2024-10-12)
  → 'github:NixOS/nixpkgs/c0b1da36f7c34a7146501f684e9ebdf15d2bebf8?narHash=sha256-WLxED18lodtQiayIPDE5zwAfkPJSjHJ35UhZ8h3cJUg%3D' (2024-10-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/73057677e8557925e999ac54196423fa34418c24?narHash=sha256-CfPKX2yaHwTOpGqcul89N12zjRfZ8GOSxG24/Ao9BcQ%3D' (2024-10-13)
  → 'github:NixOS/nixpkgs/8f1d45587bd9af3dbf5146aa8a1347e20421597b?narHash=sha256-6sIuRVqVMHq9ZwcEVdpf2BuZeuLIUgvFznhIfsc75Jo%3D' (2024-10-16)
2024-10-17 01:03:56 +00:00
github-actions[bot]
2ae5d8c1d9 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c?narHash=sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo%3D' (2024-10-07)
  → 'github:NixOS/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077?narHash=sha256-u%2BrxA79a0lyhG%2Bu%2BoPBRtTDtzz8kvkc9a6SWSt9ekVc%3D' (2024-10-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7?narHash=sha256-9UTxR8eukdg%2BXZeHgxW5hQA9fIKHsKCdOIUycTryeVw%3D' (2024-10-09)
  → 'github:NixOS/nixpkgs/73057677e8557925e999ac54196423fa34418c24?narHash=sha256-CfPKX2yaHwTOpGqcul89N12zjRfZ8GOSxG24/Ao9BcQ%3D' (2024-10-13)
2024-10-14 01:06:52 +00:00
Jörg Thalheim
74da633144
Merge pull request #296 from nix-community/disko-installer
add disko to all installer
2024-10-12 11:04:13 +02:00
Jörg Thalheim
dccb43ecc4 bump nixos-facter to 0.1.1 2024-10-12 10:51:15 +02:00
Jörg Thalheim
9892aba986 don't allow anonymous nixos modules
we always want _file
2024-10-12 10:50:42 +02:00
Jörg Thalheim
a20142faf9 add disko to all installer
Since disko is just some shell scripts it's comparable small and we can
easily embed this everywhere.
We can make use of this in our NixOS tutorials by providing nicer
images.
2024-10-12 10:50:17 +02:00
github-actions[bot]
d489f41dfa flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/ecbc1ca8ffd6aea8372ad16be9ebbb39889e55b6?narHash=sha256-PbDWAIjKJdlVg%2BqQRhzdSor04bAPApDqIv2DofTyynk%3D' (2024-10-06)
  → 'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c?narHash=sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo%3D' (2024-10-07)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ff0da78cfd41aa1784910ce1fea89119822013ce?narHash=sha256-E9JaDKGi21oUypH0P9881lbkhi6USNJ6XL2tFzU5uuE%3D' (2024-10-06)
  → 'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7?narHash=sha256-9UTxR8eukdg%2BXZeHgxW5hQA9fIKHsKCdOIUycTryeVw%3D' (2024-10-09)
2024-10-10 01:04:07 +00:00
dependabot[bot]
88409f19c7 build(deps): bump cachix/install-nix-action from 29 to 30
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 29 to 30.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v29...v30)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 10:30:16 +00:00
github-actions[bot]
f63f58eecb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/1719f27dd95fd4206afb9cec9f415b539978827e?narHash=sha256-9/79hjQc9%2BxyH%2BQxeMcRsA6hDyw6Z9Eo1/oxjvwirLk%3D' (2024-09-30)
  → 'github:NixOS/nixpkgs/ecbc1ca8ffd6aea8372ad16be9ebbb39889e55b6?narHash=sha256-PbDWAIjKJdlVg%2BqQRhzdSor04bAPApDqIv2DofTyynk%3D' (2024-10-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/35d02934a17a4fdc53a8857826ed35f3694e5f1c?narHash=sha256-%2Bt0jCdN1AFWLpi%2BXwHK4r/Jp%2BpJfo9ePHIy%2B4/BUCI4%3D' (2024-10-02)
  → 'github:NixOS/nixpkgs/ff0da78cfd41aa1784910ce1fea89119822013ce?narHash=sha256-E9JaDKGi21oUypH0P9881lbkhi6USNJ6XL2tFzU5uuE%3D' (2024-10-06)
2024-10-07 01:39:04 +00:00
github-actions[bot]
c6d733b5cb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed?narHash=sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8%3D' (2024-09-28)
  → 'github:NixOS/nixpkgs/1719f27dd95fd4206afb9cec9f415b539978827e?narHash=sha256-9/79hjQc9%2BxyH%2BQxeMcRsA6hDyw6Z9Eo1/oxjvwirLk%3D' (2024-09-30)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/b5c4f45cfcaa5a44632c7119922987e131249cd2?narHash=sha256-3BhOfmcg9Pxjm/kU%2BIVYe76CvHL6zArK9ktlCJeP06E%3D' (2024-09-29)
  → 'github:NixOS/nixpkgs/35d02934a17a4fdc53a8857826ed35f3694e5f1c?narHash=sha256-%2Bt0jCdN1AFWLpi%2BXwHK4r/Jp%2BpJfo9ePHIy%2B4/BUCI4%3D' (2024-10-02)
2024-10-03 01:03:38 +00:00
dependabot[bot]
ab9c837ddc build(deps): bump cachix/install-nix-action from V28 to 29
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V28 to 29. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V28...v29)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 10:03:47 +00:00
github-actions[bot]
13ea1c6669 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/944b2aea7f0a2d7c79f72468106bc5510cbf5101?narHash=sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM%3D' (2024-09-20)
  → 'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed?narHash=sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8%3D' (2024-09-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/179b6bce21525a3a9e725c08e6ed58d56da74825?narHash=sha256-bj9ch2QIF8jqBlPOVRnJygy1K7yWtvh8Lf7I/rsqG3A%3D' (2024-09-22)
  → 'github:NixOS/nixpkgs/b5c4f45cfcaa5a44632c7119922987e131249cd2?narHash=sha256-3BhOfmcg9Pxjm/kU%2BIVYe76CvHL6zArK9ktlCJeP06E%3D' (2024-09-29)
2024-09-30 01:06:01 +00:00
Jörg Thalheim
acd37edb64 nixos-facter: switch back to main 2024-09-26 17:10:53 +00:00
Jörg Thalheim
3e7978bab1
Merge pull request #287 from nix-community/nixos-facter
package nixos-facter for stable as well
2024-09-26 18:13:33 +02:00
Jörg Thalheim
eb2ad6029e drop nixlibs from test 2024-09-26 17:58:34 +02:00
Jörg Thalheim
74909c85db package nixos-facter for stable as well 2024-09-26 17:28:28 +02:00
Jörg Thalheim
65d9487002
Merge pull request #285 from nix-community/nixos-facter
fix python3 overrides
2024-09-24 22:39:06 +02:00
mergify[bot]
13b54e8e22
Merge branch 'main' into nixos-facter 2024-09-24 20:35:34 +00:00
Jörg Thalheim
f4b3c682cf kexec: switch to xz compressor for initrd 2024-09-24 22:34:07 +02:00
Jörg Thalheim
d8293de5be fix python3 overrides 2024-09-24 22:27:56 +02:00
Jörg Thalheim
debda57e91
Merge pull request #284 from nix-community/nixos-facter
kexec: Save more space by using python3 minimal
2024-09-24 21:59:25 +02:00
Jörg Thalheim
881fad4fe0 save more space by using python3 minimal 2024-09-24 21:55:47 +02:00
Jörg Thalheim
8650b1df8f actually including nixos-facter + nixos test 2024-09-24 16:12:56 +00:00
github-actions[bot]
1420644027 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/086b448a5d54fd117f4dc2dee55c9f0ff461bdc1?narHash=sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ%3D' (2024-09-16)
  → 'github:NixOS/nixpkgs/944b2aea7f0a2d7c79f72468106bc5510cbf5101?narHash=sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM%3D' (2024-09-20)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e88358265511d3a73b30dc6e4c15579844b35280?narHash=sha256-k/Ojv%2BMUDKUbj8JPd1MulJrf5BVz3jIUfrreMHbeTBE%3D' (2024-09-20)
  → 'github:NixOS/nixpkgs/179b6bce21525a3a9e725c08e6ed58d56da74825?narHash=sha256-bj9ch2QIF8jqBlPOVRnJygy1K7yWtvh8Lf7I/rsqG3A%3D' (2024-09-22)
2024-09-23 01:30:34 +00:00
Jörg Thalheim
776ee2484d
Merge pull request #281 from nix-community/zfs-latest
installer: add our own latestZfsCompatibleLinuxPackages
2024-09-22 17:59:21 +02:00
Jörg Thalheim
4de5aac8e9 improve selecting latest zfs kernel 2024-09-22 17:57:34 +02:00
Jörg Thalheim
4e105478ce installer: add our own latestZfsCompatibleLinuxPackages 2024-09-20 18:51:33 +02:00
Jörg Thalheim
830790e801 drop repl-flake feature 2024-09-20 10:41:39 +00:00
github-actions[bot]
8660853a74 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/8f7492cce28977fbf8bd12c72af08b1f6c7c3e49?narHash=sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw%3D' (2024-09-14)
  → 'github:NixOS/nixpkgs/086b448a5d54fd117f4dc2dee55c9f0ff461bdc1?narHash=sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ%3D' (2024-09-16)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/513193ba87b70f4d4e4d892f43fac30af286861b?narHash=sha256-mDxHh5vQyBTjNKkp%2Bl1/WL6cEDOjxyEQxv2c%2Bdnw8Fg%3D' (2024-09-17)
  → 'github:NixOS/nixpkgs/75ac2a58e988a346960938ab16cea903a3cb053a?narHash=sha256-SiiWCVg/W8i6jvpgQj3NNd3YtV%2Bjfnn/t3Za7hfn1iE%3D' (2024-09-18)
2024-09-20 10:41:39 +00:00
Jörg Thalheim
6ccd248715
Merge pull request #280 from nix-community/mergify/zowoq/config-update
ci(Mergify): configuration update
2024-09-20 09:30:36 +02:00
zowoq
1d01357c59 ci(Mergify): configuration update
Signed-off-by: null <null>
2024-09-20 13:04:54 +10:00
Jörg Thalheim
9e7834cc3c
Merge pull request #278 from nix-community/nixos-facter
add nixos-facter to installer
2024-09-18 17:53:23 +02:00
Jörg Thalheim
dd5f75eec3 add boot tests for iso 2024-09-18 17:39:45 +02:00
Jörg Thalheim
28d4a57b3a add boot tests for iso image 2024-09-18 17:39:45 +02:00
Jörg Thalheim
8e077ae20b kexec-installer: use pkgs.testers to define test 2024-09-18 17:39:45 +02:00
Jörg Thalheim
41eb99f3cc remove obsolete garnix.yaml 2024-09-18 17:39:45 +02:00
Jörg Thalheim
0bd625f4eb add nixos-facter to installer 2024-09-18 17:39:45 +02:00
Jörg Thalheim
770a010bb7 fix ext4 support 2024-09-16 12:10:30 +00:00
dependabot[bot]
fcebbac471 build(deps): bump cachix/install-nix-action from V27 to 28
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V27 to 28. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V27...V28)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 10:22:15 +00:00
dependabot[bot]
e1478b5b78 build(deps): bump DeterminateSystems/update-flake-lock from 23 to 24
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 23 to 24.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v23...v24)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 10:20:57 +00:00
zowoq
912b7dd7fb flake: unpin stable 2024-09-16 08:55:00 +00:00
Jörg Thalheim
51c98a9f32
Merge pull request #273 from usama8800/dev
Add requirement in README for secure boot off
2024-09-07 18:36:08 +02:00
Usama Ahsan
64c8ec1671
Update README.md 2024-09-07 10:27:29 +05:00
github-actions[bot]
1326aa0570 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/66a352a3f27a2eb2f27e42a13c6fe245d3be2b98?narHash=sha256-xXINAjCR8eTmp3AxZTk/PIH9nNoFNN0OM7MUw6eB7oQ%3D' (2024-09-02)
  → 'github:NixOS/nixpkgs/9b40840066f93767bb528810ea7dc9caacd8997f?narHash=sha256-YWbVeDERbIHAEQCtDtUunHYUNH31ReIdJIP8juXfdpM%3D' (2024-09-04)
2024-09-05 01:00:06 +00:00
Jörg Thalheim
e8b6d35f6e
Merge pull request #272 from nix-community/dhcp
Better dhcp support
2024-09-03 11:49:40 +02:00
Jörg Thalheim
b81c6e0ace default to root for autologin in nixos kexec image 2024-09-03 11:35:40 +02:00
Jörg Thalheim
23f987d2af add workaround for nvidia 2024-09-03 11:03:51 +02:00
Jörg Thalheim
b1e43cae8b add script to gets network restore locally 2024-09-03 09:56:08 +02:00
Jörg Thalheim
46cd291c60 avoid toplevel python script in nix-store
this will trigger a os.listdir() on the nix-store
2024-09-03 09:53:47 +02:00
Jörg Thalheim
db9119b88a try to restore previous ip lease 2024-09-03 09:53:47 +02:00
Jörg Thalheim
c89ec7f957 restore-routes: just join list once with newlines 2024-09-03 09:53:47 +02:00
Jörg Thalheim
73910674dc restore-routes: introduce more type-safety and split up networkd unit generation 2024-09-03 09:53:47 +02:00
Jörg Thalheim
d39dd6fb61 fix zfs on stable 2024-09-03 06:21:28 +00:00
github-actions[bot]
b733f0680a flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/4a92571f9207810b559c9eac203d1f4d79830073?narHash=sha256-%2BCHVZnTnIYRLYsARInHYoWkujzcRkLY/gXm3s5bE52o%3D' (2024-08-13)
  → 'github:NixOS/nixpkgs/c3d4ac725177c030b1e289015989da2ad9d56af0?narHash=sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz%2BNG82pbdg%3D' (2024-08-15)
2024-08-19 00:55:34 +00:00
Jörg Thalheim
3e26bd9675 kexec-installer/test: remove deprecated routeconfig 2024-08-16 11:20:59 +00:00
Jörg Thalheim
8e24c42f09 installer: enable bcachefs support 2024-08-16 10:59:48 +00:00
Jörg Thalheim
46004f0663 bump nixos-unstable 2024-08-16 10:59:48 +00:00
Jörg Thalheim
077b2d2621 switch to zfsUnstable 2024-08-16 10:59:48 +00:00
github-actions[bot]
ae3cc85763 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a781ff33ae258bbcfd4ed6e673860c3e923bf2cc?narHash=sha256-oTK91aOlA/4IsjNAZGMEBz7Sq1zBS0Ltu4/nIQdYDOg%3D' (2024-08-10)
  → 'github:NixOS/nixpkgs/4a92571f9207810b559c9eac203d1f4d79830073?narHash=sha256-%2BCHVZnTnIYRLYsARInHYoWkujzcRkLY/gXm3s5bE52o%3D' (2024-08-13)
2024-08-15 00:53:12 +00:00
github-actions[bot]
9b5fc2fcca flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/883180e6550c1723395a3a342f830bfc5c371f6b?narHash=sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU%3D' (2024-08-05)
  → 'github:NixOS/nixpkgs/a781ff33ae258bbcfd4ed6e673860c3e923bf2cc?narHash=sha256-oTK91aOlA/4IsjNAZGMEBz7Sq1zBS0Ltu4/nIQdYDOg%3D' (2024-08-10)
2024-08-12 00:55:48 +00:00
github-actions[bot]
617f2cb562 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51?narHash=sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj%2BFLI0KfybBeDU0%3D' (2024-08-03)
  → 'github:NixOS/nixpkgs/883180e6550c1723395a3a342f830bfc5c371f6b?narHash=sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU%3D' (2024-08-05)
2024-08-08 01:09:57 +00:00
github-actions[bot]
89f487508f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/cf05eeada35e122770c5c14add958790fcfcbef5?narHash=sha256-B2xRiC3NEJy/82ugtareBkRqEkPGpMyjaLxaR8LBxNs%3D' (2024-07-30)
  → 'github:NixOS/nixpkgs/a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51?narHash=sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj%2BFLI0KfybBeDU0%3D' (2024-08-03)
2024-08-05 01:00:15 +00:00
Jörg Thalheim
6dd73e10d7 noninteractive: simplify the nixos user creation 2024-08-02 08:38:17 +00:00
Jörg Thalheim
78065dbf9f fix sysusers in noninteractive case 2024-08-02 08:31:04 +00:00
Jörg Thalheim
907bd49df1
Merge pull request #257 from nix-community/perlless
move perlless profile to noninteractive profile
2024-07-22 06:13:11 +02:00
github-actions[bot]
c39215fd04 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c9ed026def59fe978203a2b28eccdbaa7e5fadc9?narHash=sha256-aE4vMfHfpX6KP9VWqVdXtoDUlvFR34wEIjqsqnKrVdY%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
2024-07-22 01:02:27 +00:00
Jörg Thalheim
067aa8908b move perlless profile to noninteractive profile
this borked our iso
2024-07-21 19:09:29 +02:00
github-actions[bot]
accee00573 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/53e81e790209e41f0c1efa9ff26ff2fd7ab35e27?narHash=sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/0c53b6b8c2a3e46c68e04417e247bba660689c9d?narHash=sha256-b6PLr0Ty7JPDBtJtjnYzlBf02bbH9alWMAgispMkTwk%3D' (2024-07-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7edc243443b44444eba596557de03ee52beca2eb?narHash=sha256-aOiSBcftoGye0spDdIylZE6TVTo7C/B4atYH25tSemQ%3D' (2024-07-17)
  → 'github:NixOS/nixpkgs/c9ed026def59fe978203a2b28eccdbaa7e5fadc9?narHash=sha256-aE4vMfHfpX6KP9VWqVdXtoDUlvFR34wEIjqsqnKrVdY%3D' (2024-07-21)
2024-07-21 14:17:25 +00:00
name_snrl
5b9bbfc570 fix ipv4 via ipv6 route
fix #230
2024-07-19 18:05:11 +00:00
github-actions[bot]
109c0704a1 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/f12ee5f64c6a09995e71c9626d88c4efa983b488?narHash=sha256-FZ5dnrvKkln9ESdoTR8R7GKW9rNpXNZrxGsOXsbsTpE%3D' (2024-07-12)
  → 'github:NixOS/nixpkgs/53e81e790209e41f0c1efa9ff26ff2fd7ab35e27?narHash=sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs%3D' (2024-07-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/7edc243443b44444eba596557de03ee52beca2eb?narHash=sha256-aOiSBcftoGye0spDdIylZE6TVTo7C/B4atYH25tSemQ%3D' (2024-07-17)
2024-07-18 01:01:00 +00:00
github-actions[bot]
299e5f2838 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/249fbde2a178a2ea2638b65b9ecebd531b338cf9?narHash=sha256-IXMiHQMtdShDXcBW95ctA%2Bm5Oq2kLxnBt7WlMxvDQXA%3D' (2024-07-09)
  → 'github:NixOS/nixpkgs/f12ee5f64c6a09995e71c9626d88c4efa983b488?narHash=sha256-FZ5dnrvKkln9ESdoTR8R7GKW9rNpXNZrxGsOXsbsTpE%3D' (2024-07-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e01511309fe8b0432aa58a547365e51d5a3ecf85?narHash=sha256-UONPcQR2r0voopd6pcNFmUv7p4TJPeAXzwnqWmaPujw%3D' (2024-07-10)
  → 'github:NixOS/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
2024-07-15 01:28:46 +00:00
github-actions[bot]
5eddae0afb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/49ee0e94463abada1de470c9c07bfc12b36dcf40?narHash=sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN%2BMXpA%3D' (2024-07-06)
  → 'github:NixOS/nixpkgs/249fbde2a178a2ea2638b65b9ecebd531b338cf9?narHash=sha256-IXMiHQMtdShDXcBW95ctA%2Bm5Oq2kLxnBt7WlMxvDQXA%3D' (2024-07-09)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/60a94e515488e335bd5bce096431d490486915e3?narHash=sha256-iVLH0Ygtw/Iw9Q1cFFX7OhNnoPbc7/ZWW6J3c0zbiZw%3D' (2024-07-07)
  → 'github:NixOS/nixpkgs/e01511309fe8b0432aa58a547365e51d5a3ecf85?narHash=sha256-UONPcQR2r0voopd6pcNFmUv7p4TJPeAXzwnqWmaPujw%3D' (2024-07-10)
2024-07-11 01:02:37 +00:00
github-actions[bot]
b3c5b81c0c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/706eef542dec88cc0ed25b9075d3037564b2d164?narHash=sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4%3D' (2024-07-02)
  → 'github:NixOS/nixpkgs/49ee0e94463abada1de470c9c07bfc12b36dcf40?narHash=sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN%2BMXpA%3D' (2024-07-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/88f3dab52d2cc42945f70f4e84c4505dedaa377d?narHash=sha256-TLiEulaY4I%2BvwaJIHQXASVQva%2B2nepaziUomigYY9%2B0%3D' (2024-07-03)
  → 'github:NixOS/nixpkgs/60a94e515488e335bd5bce096431d490486915e3?narHash=sha256-iVLH0Ygtw/Iw9Q1cFFX7OhNnoPbc7/ZWW6J3c0zbiZw%3D' (2024-07-07)
2024-07-08 01:39:12 +00:00
github-actions[bot]
f8650460d3 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/89c49874fb15f4124bf71ca5f42a04f2ee5825fd?narHash=sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4%3D' (2024-06-26)
  → 'github:NixOS/nixpkgs/706eef542dec88cc0ed25b9075d3037564b2d164?narHash=sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4%3D' (2024-07-02)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e6cdd8a11b26b4d60593733106042141756b54a3?narHash=sha256-mXkOj9sJ0f69Nkc2dGGOWtof9d1YNY8Le/Hia3RN%2B8Q%3D' (2024-06-30)
  → 'github:NixOS/nixpkgs/88f3dab52d2cc42945f70f4e84c4505dedaa377d?narHash=sha256-TLiEulaY4I%2BvwaJIHQXASVQva%2B2nepaziUomigYY9%2B0%3D' (2024-07-03)
2024-07-04 01:03:44 +00:00
dependabot[bot]
7485eb94d1 build(deps): bump DeterminateSystems/update-flake-lock from 22 to 23
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 22 to 23.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v22...v23)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 10:09:38 +00:00
github-actions[bot]
3e7838f1d2 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/fc07dc3bdf2956ddd64f24612ea7fc894933eb2e?narHash=sha256-A/76RFUVxZ/7Y8%2BOMVL1Lc8LRhBxZ8ZE2bpMnvZ1VpY%3D' (2024-06-24)
  → 'github:NixOS/nixpkgs/89c49874fb15f4124bf71ca5f42a04f2ee5825fd?narHash=sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4%3D' (2024-06-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/af796de7d1e6bbda6049a3732ff881b3ad518b6b?narHash=sha256-C3gUNdFDAWrP6glCCo%2BMXrrAoAyHi1Zdvlgs1Awqpv8%3D' (2024-06-26)
  → 'github:NixOS/nixpkgs/e6cdd8a11b26b4d60593733106042141756b54a3?narHash=sha256-mXkOj9sJ0f69Nkc2dGGOWtof9d1YNY8Le/Hia3RN%2B8Q%3D' (2024-06-30)
2024-07-01 01:09:17 +00:00
github-actions[bot]
6d917c1e38 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/dd457de7e08c6d06789b1f5b88fc9327f4d96309?narHash=sha256-wM9v2yIxClRYsGHut5vHICZTK7xdrUGfrLkXvSuv6s4%3D' (2024-06-19)
  → 'github:NixOS/nixpkgs/fc07dc3bdf2956ddd64f24612ea7fc894933eb2e?narHash=sha256-A/76RFUVxZ/7Y8%2BOMVL1Lc8LRhBxZ8ZE2bpMnvZ1VpY%3D' (2024-06-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/084f8df2f3ff80cdec6f515931036f63c5d2f36c?narHash=sha256-DAyIfQgyqalov0DcEKRvDOUin7axELasaP6NCPt7UQA%3D' (2024-06-23)
  → 'github:NixOS/nixpkgs/af796de7d1e6bbda6049a3732ff881b3ad518b6b?narHash=sha256-C3gUNdFDAWrP6glCCo%2BMXrrAoAyHi1Zdvlgs1Awqpv8%3D' (2024-06-26)
2024-06-27 01:58:18 +00:00
github-actions[bot]
744dfe6451 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/752c634c09ceb50c45e751f8791cb45cb3d46c9e?narHash=sha256-ZT7Oc1g4I4pHVGGjQFnewFVDRLH5cIZhEzODLz9YXeY%3D' (2024-06-15)
  → 'github:NixOS/nixpkgs/dd457de7e08c6d06789b1f5b88fc9327f4d96309?narHash=sha256-wM9v2yIxClRYsGHut5vHICZTK7xdrUGfrLkXvSuv6s4%3D' (2024-06-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5b75ddc9a3e93465bc939dcbacb281879b64b9ed?narHash=sha256-wqQUoA6AW3gifOfEeBQVZ3ulropw0iXwmZRT0Ef2Kls%3D' (2024-06-19)
  → 'github:NixOS/nixpkgs/084f8df2f3ff80cdec6f515931036f63c5d2f36c?narHash=sha256-DAyIfQgyqalov0DcEKRvDOUin7axELasaP6NCPt7UQA%3D' (2024-06-23)
2024-06-24 02:02:13 +00:00
github-actions[bot]
c1e6a5f7b0 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ba06293cdba1c94af9710024abf3b94cf8d76349?narHash=sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo%3D' (2024-06-16)
  → 'github:NixOS/nixpkgs/5b75ddc9a3e93465bc939dcbacb281879b64b9ed?narHash=sha256-wqQUoA6AW3gifOfEeBQVZ3ulropw0iXwmZRT0Ef2Kls%3D' (2024-06-19)
2024-06-20 01:06:39 +00:00
github-actions[bot]
42b13bbd6f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/47b604b07d1e8146d5398b42d3306fdebd343986?narHash=sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw%3D' (2024-06-11)
  → 'github:NixOS/nixpkgs/752c634c09ceb50c45e751f8791cb45cb3d46c9e?narHash=sha256-ZT7Oc1g4I4pHVGGjQFnewFVDRLH5cIZhEzODLz9YXeY%3D' (2024-06-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4b755b0f089935ce5dbfead30ddc79e6dcd3f80e?narHash=sha256-349PlHisFAtaQD%2BD5zZnwOmH8lFkONARiC3awAW6asM%3D' (2024-06-12)
  → 'github:NixOS/nixpkgs/ba06293cdba1c94af9710024abf3b94cf8d76349?narHash=sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo%3D' (2024-06-16)
2024-06-17 01:03:45 +00:00
github-actions[bot]
0302b2ee45 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b?narHash=sha256-1%2Bua0ggXlYYPLTmMl3YeYYsBXDSCqT%2BGw3u6l4gvMhA%3D' (2024-06-06)
  → 'github:NixOS/nixpkgs/47b604b07d1e8146d5398b42d3306fdebd343986?narHash=sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw%3D' (2024-06-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7d916e720af6b2ca355e4d0cfb8e4f742c172239?narHash=sha256-THcv8qDqobZefHHluPjx/8n%2BMtVVb8ag/oJbKMqKNRo%3D' (2024-06-09)
  → 'github:NixOS/nixpkgs/4b755b0f089935ce5dbfead30ddc79e6dcd3f80e?narHash=sha256-349PlHisFAtaQD%2BD5zZnwOmH8lFkONARiC3awAW6asM%3D' (2024-06-12)
2024-06-13 02:07:11 +00:00
dependabot[bot]
8338786481 build(deps): bump DeterminateSystems/update-flake-lock from 21 to 22
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 21 to 22.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v21...v22)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 10:40:20 +00:00
Johannes Bornhold
e2fd329c3a Allow to pass extra flags into the kexec call via KEXEC_EXTRA_FLAGS 2024-06-10 04:36:59 +00:00
Jörg Thalheim
75d8ee3810 drop no-bootloader overlay for nixpkgs-unstable 2024-06-10 04:26:14 +00:00
github-actions[bot]
c94035e379 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/0b8e7a1ae5a94da2e1ee3f3030a32020f6254105?narHash=sha256-WZ1s48OODmRJ3DHC%2BI/DtM3tDRuRJlNqMvxvAPTD7ec%3D' (2024-06-05)
  → 'github:NixOS/nixpkgs/9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b?narHash=sha256-1%2Bua0ggXlYYPLTmMl3YeYYsBXDSCqT%2BGw3u6l4gvMhA%3D' (2024-06-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28?narHash=sha256-hqHp0W7ibfdu5DFc6EG3S3c%2BGSAbti7VUldFXSf/WiI%3D' (2024-06-07)
  → 'github:NixOS/nixpkgs/7d916e720af6b2ca355e4d0cfb8e4f742c172239?narHash=sha256-THcv8qDqobZefHHluPjx/8n%2BMtVVb8ag/oJbKMqKNRo%3D' (2024-06-09)
2024-06-10 01:06:47 +00:00
github-actions[bot]
72771bd35f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c598bbfe379934e8f379bc474cc1914a7c34fbdc?narHash=sha256-vYbYTeWF4YMKYu6lHLQH%2BOagpubB9aZ1%2BV630h6qJr4%3D' (2024-05-29)
  → 'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28?narHash=sha256-hqHp0W7ibfdu5DFc6EG3S3c%2BGSAbti7VUldFXSf/WiI%3D' (2024-06-07)
2024-06-07 14:25:32 +00:00
Jörg Thalheim
faed128eee nixos-test: reduce RAM to 1GB 2024-06-07 13:17:09 +00:00
Jörg Thalheim
f267906ba6
Merge pull request #232 from nix-community/update-nixos-24.05
ci: fixup attribute names
2024-06-07 14:09:26 +02:00
Jörg Thalheim
3ef996da68 ci: fixup attribute names 2024-06-07 14:09:13 +02:00
Jörg Thalheim
606a46c859
Merge pull request #231 from nix-community/joerg-ci
also bump ci tag
2024-06-07 14:07:21 +02:00
Jörg Thalheim
a902278e6d also bump ci tag 2024-06-07 14:07:08 +02:00
Jörg Thalheim
4c9dd788e6
Merge pull request #229 from nix-community/update-nixos-24.05
upgrade to nixos 24.05
2024-06-07 14:05:41 +02:00
Jörg Thalheim
079f61ba0d add nix-community cachix 2024-06-07 10:43:38 +02:00
Jörg Thalheim
3e2e064af0 upgrade to nixos 24.05 2024-06-07 10:37:00 +02:00
github-actions[bot]
47bfb55316 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/0c007b36981bdbd69ccf0c7df30a174e63660667?narHash=sha256-xaSLDTqKIU55HsCkDnzFKmPiJO2z1xAAvrhUlwlmT2M%3D' (2024-05-26)
  → 'github:NixOS/nixpkgs/64e468fd2652105710d86cd2ae3e65a5a6d58dec?narHash=sha256-S5kltvDDfNQM3xx9XcvzKEOyN2qk8Sa%2BaSOLqZ%2B1Ujc%3D' (2024-05-29)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/b5995681aa319d0e33a6d83a31710d6c6f092820?narHash=sha256-mdBp0b4VIQ71aUK2uBRROUkENk93RUUubjlQkvskNO0%3D' (2024-05-26)
  → 'github:NixOS/nixpkgs/c598bbfe379934e8f379bc474cc1914a7c34fbdc?narHash=sha256-vYbYTeWF4YMKYu6lHLQH%2BOagpubB9aZ1%2BV630h6qJr4%3D' (2024-05-29)
2024-05-30 03:38:32 +00:00
github-actions[bot]
2478833ef8 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/dff68ababdd2c2616d03f26546ba632f5f09d3c6?narHash=sha256-e4pjcLqe1Dexz7enk/%2Bui0aVdcoSiWnrTGjk7KLtAPw%3D' (2024-05-22)
  → 'github:NixOS/nixpkgs/0c007b36981bdbd69ccf0c7df30a174e63660667?narHash=sha256-xaSLDTqKIU55HsCkDnzFKmPiJO2z1xAAvrhUlwlmT2M%3D' (2024-05-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bc5dc89513caa16788f6379962e50383cf3f70b0?narHash=sha256-X%2B99WjSwbxQ7X%2BCTyqZQZqeqGe8nbfAFz%2BtgK2r3O/g%3D' (2024-05-22)
  → 'github:NixOS/nixpkgs/b5995681aa319d0e33a6d83a31710d6c6f092820?narHash=sha256-mdBp0b4VIQ71aUK2uBRROUkENk93RUUubjlQkvskNO0%3D' (2024-05-26)
2024-05-27 05:11:04 +00:00
Jörg Thalheim
9052d1d721
Merge pull request #224 from nix-community/fix-image
add missing nixos-install
2024-05-26 10:42:31 +02:00
Jörg Thalheim
310f23d6d5 add nixos-install
fixes #222
2024-05-26 09:52:08 +02:00
github-actions[bot]
5c5079cdec flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/52bdc131bc8d724993eb57fd654c3a8cab457988?narHash=sha256-Lwjwn/iTgq7gXgpM2wzv8t49ZHNX%2B1GLc8QxCbACD2U%3D' (2024-05-19)
  → 'github:NixOS/nixpkgs/dff68ababdd2c2616d03f26546ba632f5f09d3c6?narHash=sha256-e4pjcLqe1Dexz7enk/%2Bui0aVdcoSiWnrTGjk7KLtAPw%3D' (2024-05-22)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/8a2555763c48e2410054de3f52f7310ce3241ec5?narHash=sha256-2rk8FqB/iQV2d0vQLs684/Tj5PUHaS1sFwG7fng5vXE%3D' (2024-05-19)
  → 'github:NixOS/nixpkgs/bc5dc89513caa16788f6379962e50383cf3f70b0?narHash=sha256-X%2B99WjSwbxQ7X%2BCTyqZQZqeqGe8nbfAFz%2BtgK2r3O/g%3D' (2024-05-22)
2024-05-23 02:19:00 +00:00
dependabot[bot]
aca977f151 build(deps): bump cachix/install-nix-action from 26 to 27
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 26 to 27.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v26...V27)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-20 10:17:30 +00:00
github-actions[bot]
a7a6e94802 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/95742536dc6debb5a8b8b78b27001c38f369f1e7' (2024-05-16)
  → 'github:NixOS/nixpkgs/52bdc131bc8d724993eb57fd654c3a8cab457988' (2024-05-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c029b7f004009923bbfc90bbc31263cd4b08759f' (2024-05-15)
  → 'github:NixOS/nixpkgs/8a2555763c48e2410054de3f52f7310ce3241ec5' (2024-05-19)
2024-05-20 02:14:47 +00:00
Jörg Thalheim
8c9cab8c44 also disable man page to save a few mb 2024-05-19 15:22:03 +00:00
Jörg Thalheim
2c54ebe7b8 Reduce memory requirements to 1GB 2024-05-19 14:43:29 +00:00
Jörg Thalheim
7d48cb7843
Merge pull request #217 from nix-community/joerg-ci
remove uneeded traceVal
2024-05-19 16:33:30 +02:00
Jörg Thalheim
c647a22429 remove uneeded traceVal 2024-05-19 16:30:55 +02:00
Jörg Thalheim
5c77e174db use newer nano.enable option 2024-05-19 14:28:51 +00:00
Jörg Thalheim
d6cfce2feb remove grub and syslinux from NixOS 2024-05-19 14:28:51 +00:00
Jörg Thalheim
966d756930 include perlless profile in NixOS
conditionally include perlless module

relax perlless constraint
2024-05-19 14:28:51 +00:00
Jörg Thalheim
f35cc93d09 rewrite activation script with a systemd-initrd compatible version 2024-05-19 14:28:51 +00:00
Jörg Thalheim
d1758754aa update mergify configuration 2024-05-19 10:09:50 +00:00
github-actions[bot]
58d868f762 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6eccabe980dcb2048aab7f97f862fb6d79b98abe' (2024-05-12)
  → 'github:NixOS/nixpkgs/95742536dc6debb5a8b8b78b27001c38f369f1e7' (2024-05-16)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3281bec7174f679eabf584591e75979a258d8c40' (2024-05-12)
  → 'github:NixOS/nixpkgs/c029b7f004009923bbfc90bbc31263cd4b08759f' (2024-05-15)
2024-05-16 02:17:18 +00:00
github-actions[bot]
81e709ca1d flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/392320f29b07e74131d4e4a7b435e8e9b9b85adf' (2024-04-17)
  → 'github:NixOS/nixpkgs/6eccabe980dcb2048aab7f97f862fb6d79b98abe' (2024-05-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/203fac824e2fdfed2e3a832b8123d9a64ee58b43' (2024-04-17)
  → 'github:NixOS/nixpkgs/3281bec7174f679eabf584591e75979a258d8c40' (2024-05-12)
2024-05-13 02:22:33 +00:00
Jörg Thalheim
635d1badf2 image-installer: expose network-status as a program 2024-05-07 09:34:47 +00:00
Jörg Thalheim
f064936faf Add documentation for iso image installer 2024-04-19 10:36:47 +00:00
github-actions[bot]
2ca1ad9c96 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
  → 'github:NixOS/nixpkgs/392320f29b07e74131d4e4a7b435e8e9b9b85adf' (2024-04-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5f81b2812ea76d998cb25a3491cce03093326cb2' (2024-04-14)
  → 'github:NixOS/nixpkgs/203fac824e2fdfed2e3a832b8123d9a64ee58b43' (2024-04-17)
2024-04-18 03:55:39 +00:00
Jörg Thalheim
f4ea7a222c
Merge pull request #204 from nix-community/image-installer
fix build
2024-04-17 12:28:21 +02:00
Jörg Thalheim
d3bb59f276 fix build 2024-04-17 12:27:53 +02:00
Jörg Thalheim
b9b51b1d31
Merge pull request #203 from nix-community/image-installer
Image installer
2024-04-17 12:25:14 +02:00
Jörg Thalheim
8c987b74b3 fix build 2024-04-17 12:24:41 +02:00
Jörg Thalheim
f23d47cef8 image-installer: make json a bit shorter 2024-04-17 12:23:50 +02:00
Jörg Thalheim
0b874a3bee
Merge pull request #202 from nix-community/image-installer
Image installer
2024-04-17 11:59:06 +02:00
Jörg Thalheim
8d35d4a180 add image-installer
add image-installer
2024-04-17 11:56:46 +02:00
Jörg Thalheim
2137ed4108 delete empty file 2024-04-16 12:23:54 +02:00
github-actions[bot]
eaf4939a48 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/423832b68fbbbaed33e9fb5176574fda37a0a2fa' (2024-04-11)
  → 'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ca74eb22840662bbd4aca7c38a35a02d16f0dd0a' (2024-04-10)
  → 'github:NixOS/nixpkgs/5f81b2812ea76d998cb25a3491cce03093326cb2' (2024-04-14)
2024-04-15 05:38:06 +00:00
Jörg Thalheim
52f9a0b418
Merge pull request #199 from andreabedini/patch-1
Update README.md
2024-04-12 10:40:02 +02:00
Andrea Bedini
9f14049b80
Update README.md
Fix link to initrd.
2024-04-11 21:54:10 +08:00
github-actions[bot]
6492fe7bf3 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7adda2c7505f6fb8abe2c234dea1adc051f8dec9' (2024-04-08)
  → 'github:NixOS/nixpkgs/423832b68fbbbaed33e9fb5176574fda37a0a2fa' (2024-04-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/298edc8f1e0dfffce67f50375c9f5952e04a6d02' (2024-04-07)
  → 'github:NixOS/nixpkgs/ca74eb22840662bbd4aca7c38a35a02d16f0dd0a' (2024-04-10)
2024-04-11 05:48:42 +00:00
github-actions[bot]
7512f7569e flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/62c8d691d53d7fd9cd32aa7e4908ff15696b05b7' (2024-04-03)
  → 'github:NixOS/nixpkgs/7adda2c7505f6fb8abe2c234dea1adc051f8dec9' (2024-04-08)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7781caa09d74b971a059a0240a03c5dd68acf3e5' (2024-04-03)
  → 'github:NixOS/nixpkgs/298edc8f1e0dfffce67f50375c9f5952e04a6d02' (2024-04-07)
2024-04-08 03:01:05 +00:00
github-actions[bot]
cb7b776e64 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/4ba6c5140bd5731e687732b918445ce48110f689' (2024-03-31)
  → 'github:NixOS/nixpkgs/62c8d691d53d7fd9cd32aa7e4908ff15696b05b7' (2024-04-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cd1c70d941d69d8d6425984ff8aefca9b28e861a' (2024-03-31)
  → 'github:NixOS/nixpkgs/7781caa09d74b971a059a0240a03c5dd68acf3e5' (2024-04-03)
2024-04-04 04:08:25 +00:00
github-actions[bot]
2cfcd8fd67 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e5592a5d4cbc474158e9f96b11af802f624d37a7' (2024-03-25)
  → 'github:NixOS/nixpkgs/4ba6c5140bd5731e687732b918445ce48110f689' (2024-03-31)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3d41d1087707826b3a90685ab69147f8dc8145d5' (2024-03-24)
  → 'github:NixOS/nixpkgs/cd1c70d941d69d8d6425984ff8aefca9b28e861a' (2024-03-31)
2024-04-01 03:05:06 +00:00
github-actions[bot]
0f84fdca23 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/f091af045dff8347d66d186a62d42aceff159456' (2024-03-20)
  → 'github:NixOS/nixpkgs/e5592a5d4cbc474158e9f96b11af802f624d37a7' (2024-03-25)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/66e2e75c671f9a674a28d340e59a0157efb6f905' (2024-03-20)
  → 'github:NixOS/nixpkgs/3d41d1087707826b3a90685ab69147f8dc8145d5' (2024-03-24)
2024-03-25 03:09:44 +00:00
github-actions[bot]
f702705e1c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/2ba1b9dceb7120a73801f41a2b9bcbc6bc13d64c' (2024-03-17)
  → 'github:NixOS/nixpkgs/f091af045dff8347d66d186a62d42aceff159456' (2024-03-20)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/f471be9644f3ab2f3cb868de1787ab70a537b0e7' (2024-03-17)
  → 'github:NixOS/nixpkgs/66e2e75c671f9a674a28d340e59a0157efb6f905' (2024-03-20)
2024-03-21 02:11:02 +00:00
github-actions[bot]
46f3c4c174 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/446d09bfe74f1c893917a67baee88d978316fbc9' (2024-03-13)
  → 'github:NixOS/nixpkgs/2ba1b9dceb7120a73801f41a2b9bcbc6bc13d64c' (2024-03-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
  → 'github:NixOS/nixpkgs/f471be9644f3ab2f3cb868de1787ab70a537b0e7' (2024-03-17)
2024-03-18 02:59:03 +00:00
github-actions[bot]
6286096fcb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/a27ed4afe0e2889d3b3ab50fc9a80f9bd2a70dc5' (2024-03-11)
  → 'github:NixOS/nixpkgs/446d09bfe74f1c893917a67baee88d978316fbc9' (2024-03-13)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/73d699a6ff1e83df3fd6c1e60931e13667b8ae14' (2024-03-10)
  → 'github:NixOS/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
2024-03-14 01:43:40 +00:00
dependabot[bot]
3c4378633b build(deps): bump cachix/install-nix-action from 25 to 26
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 25 to 26.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v25...v26)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-11 10:40:58 +00:00
github-actions[bot]
fbb850e9a1 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/03e303468a0b89792bc40c2f3a7cd8a322b66fad' (2024-03-06)
  → 'github:NixOS/nixpkgs/a27ed4afe0e2889d3b3ab50fc9a80f9bd2a70dc5' (2024-03-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e1bf69f4ab16f72d5536e32e0d86b39b2b7892d9' (2024-03-06)
  → 'github:NixOS/nixpkgs/73d699a6ff1e83df3fd6c1e60931e13667b8ae14' (2024-03-10)
2024-03-11 03:02:58 +00:00
github-actions[bot]
9fd019c36b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/b3a5f534d8a260328c5e13bd81c19c0432afbe9f' (2024-03-03)
  → 'github:NixOS/nixpkgs/03e303468a0b89792bc40c2f3a7cd8a322b66fad' (2024-03-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/768bb879887ae70e62d7628c82d825bbbf873b4b' (2024-03-03)
  → 'github:NixOS/nixpkgs/e1bf69f4ab16f72d5536e32e0d86b39b2b7892d9' (2024-03-06)
2024-03-07 15:32:42 +00:00
dependabot[bot]
63431919c2 build(deps): bump DeterminateSystems/update-flake-lock from 20 to 21
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 20 to 21.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v20...v21)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-04 10:05:44 +00:00
github-actions[bot]
21ced28614 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e4973102d8e9112c41c5f09263c7489c350042b8' (2024-02-28)
  → 'github:NixOS/nixpkgs/b3a5f534d8a260328c5e13bd81c19c0432afbe9f' (2024-03-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/96990c69fd59e807cee8ff874d0526c70dffdf8f' (2024-02-28)
  → 'github:NixOS/nixpkgs/768bb879887ae70e62d7628c82d825bbbf873b4b' (2024-03-03)
2024-03-04 03:09:16 +00:00
github-actions[bot]
45e24d74e0 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/227a4c47bef2390a7925693c51489e84169b1957' (2024-02-25)
  → 'github:NixOS/nixpkgs/e4973102d8e9112c41c5f09263c7489c350042b8' (2024-02-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/2a34566b67bef34c551f204063faeecc444ae9da' (2024-02-25)
  → 'github:NixOS/nixpkgs/96990c69fd59e807cee8ff874d0526c70dffdf8f' (2024-02-28)
2024-02-29 01:52:07 +00:00
Shea Levy
c090b94b08 kexec-run: Get pubkeys for DOAS_USER.
doas is a smaller replacement for sudo, used by some
distributions (such as Alpine).
2024-02-28 19:11:52 +00:00
github-actions[bot]
84ee92b81f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e6d61b7214a8df4fa5a0e3d76506f12689585bab' (2024-02-21)
  → 'github:NixOS/nixpkgs/227a4c47bef2390a7925693c51489e84169b1957' (2024-02-25)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/591f9cbebeef5dfdcb24997a3069d7f29c365ab9' (2024-02-21)
  → 'github:NixOS/nixpkgs/2a34566b67bef34c551f204063faeecc444ae9da' (2024-02-25)
2024-02-26 02:57:12 +00:00
github-actions[bot]
aea74a85ee flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e0da498ad77ac8909a980f07eff060862417ccf7' (2024-02-18)
  → 'github:NixOS/nixpkgs/e6d61b7214a8df4fa5a0e3d76506f12689585bab' (2024-02-21)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/35c5863c29ce81199ded8a3384f4979b7793f5dc' (2024-02-18)
  → 'github:NixOS/nixpkgs/591f9cbebeef5dfdcb24997a3069d7f29c365ab9' (2024-02-21)
2024-02-22 01:02:47 +00:00
github-actions[bot]
4eebb3c820 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/ad69fdb4d3fc14b3909e75af643d019e6b539a1a' (2024-02-15)
  → 'github:NixOS/nixpkgs/e0da498ad77ac8909a980f07eff060862417ccf7' (2024-02-18)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4dec2a6e52b5d910b428468680707f7f73a1219f' (2024-02-14)
  → 'github:NixOS/nixpkgs/35c5863c29ce81199ded8a3384f4979b7793f5dc' (2024-02-18)
2024-02-19 03:02:25 +00:00
github-actions[bot]
7aa14fd358 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7612e0f257237b4d6d29037e4b4ca318e154beec' (2024-02-11)
  → 'github:NixOS/nixpkgs/ad69fdb4d3fc14b3909e75af643d019e6b539a1a' (2024-02-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bdc57436da855500d44e9c1ce7450c0772e1cfa1' (2024-02-11)
  → 'github:NixOS/nixpkgs/4dec2a6e52b5d910b428468680707f7f73a1219f' (2024-02-14)
2024-02-15 01:07:19 +00:00
github-actions[bot]
14ae091170 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6832d0d99649db3d65a0e15fa51471537b2c56a6' (2024-02-07)
  → 'github:NixOS/nixpkgs/7612e0f257237b4d6d29037e4b4ca318e154beec' (2024-02-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5ef42fcd84b2baa16f43554f1c1f1d614e23ef9a' (2024-02-07)
  → 'github:NixOS/nixpkgs/bdc57436da855500d44e9c1ce7450c0772e1cfa1' (2024-02-11)
2024-02-12 02:03:05 +00:00
github-actions[bot]
42c18c0572 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/9f2ee8c91ac42da3ae6c6a1d21555f283458247e' (2024-02-05)
  → 'github:NixOS/nixpkgs/6832d0d99649db3d65a0e15fa51471537b2c56a6' (2024-02-07)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5d75993fa5feaa333f3eadd83e0a08fc34432acc' (2024-02-04)
  → 'github:NixOS/nixpkgs/5ef42fcd84b2baa16f43554f1c1f1d614e23ef9a' (2024-02-07)
2024-02-08 03:00:20 +00:00
github-actions[bot]
755065698e flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6eeeacfaf67dd0f915b438bb3a93cfc89db06b09' (2024-02-01)
  → 'github:NixOS/nixpkgs/9f2ee8c91ac42da3ae6c6a1d21555f283458247e' (2024-02-05)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/632751bf0ceeefc74af7a9d2335ea923ad9c831a' (2024-01-31)
  → 'github:NixOS/nixpkgs/5d75993fa5feaa333f3eadd83e0a08fc34432acc' (2024-02-04)
2024-02-05 02:55:41 +00:00
github-actions[bot]
a9b8266f2f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/1e4f8b195d7c34dc9f0bcd919f63b3f03b42908a' (2024-01-28)
  → 'github:NixOS/nixpkgs/6eeeacfaf67dd0f915b438bb3a93cfc89db06b09' (2024-02-01)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3fb3707af869e32b0ad0676f589b16cc7711a376' (2024-01-27)
  → 'github:NixOS/nixpkgs/632751bf0ceeefc74af7a9d2335ea923ad9c831a' (2024-01-31)
2024-02-01 01:01:34 +00:00
github-actions[bot]
64c695ab3c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7824e4947a8fafed482735c0648f1bffc2a02927' (2024-01-24)
  → 'github:NixOS/nixpkgs/1e4f8b195d7c34dc9f0bcd919f63b3f03b42908a' (2024-01-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5cd2baa57a9ff2d84f2615700434fa04f3067fdb' (2024-01-24)
  → 'github:NixOS/nixpkgs/3fb3707af869e32b0ad0676f589b16cc7711a376' (2024-01-27)
2024-01-29 02:55:58 +00:00
github-actions[bot]
0d3dfc8547 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/d639898e43e88157dc21b779600fb58391a7b4ea' (2024-01-21)
  → 'github:NixOS/nixpkgs/7824e4947a8fafed482735c0648f1bffc2a02927' (2024-01-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7da66b359bcffc532b67035b54b49c25b0c0480c' (2024-01-21)
  → 'github:NixOS/nixpkgs/5cd2baa57a9ff2d84f2615700434fa04f3067fdb' (2024-01-24)
2024-01-25 01:06:13 +00:00
github-actions[bot]
9dd480c8be flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/b0092228a011d1fa5c667dd98d02e7afb0ef3626' (2024-01-18)
  → 'github:NixOS/nixpkgs/d639898e43e88157dc21b779600fb58391a7b4ea' (2024-01-21)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cc3ab0e45687d15cb21663a95f5a53a05abd39e4' (2024-01-16)
  → 'github:NixOS/nixpkgs/7da66b359bcffc532b67035b54b49c25b0c0480c' (2024-01-21)
2024-01-22 02:59:06 +00:00
github-actions[bot]
ad2e23c4a6 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/d71f20967da064275ce084dd823cbd2bd31d5cba' (2024-01-15)
  → 'github:NixOS/nixpkgs/b0092228a011d1fa5c667dd98d02e7afb0ef3626' (2024-01-18)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0c741cd9fbdc435b7ca88e17efc371b48e7c23b8' (2024-01-14)
  → 'github:NixOS/nixpkgs/cc3ab0e45687d15cb21663a95f5a53a05abd39e4' (2024-01-16)
2024-01-18 02:53:40 +00:00
Antonio Yang
17efe22de1 add rsync to installer 2024-01-16 07:35:44 +00:00
dependabot[bot]
97d38e1b77 build(deps): bump cachix/install-nix-action from 24 to 25
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 24 to 25.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v24...v25)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-15 10:24:52 +00:00
github-actions[bot]
000d4bac47 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/2aaf35bc85b2a6f9957fe9df17bcf5f94fbd0e85' (2024-01-11)
  → 'github:NixOS/nixpkgs/d71f20967da064275ce084dd823cbd2bd31d5cba' (2024-01-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7bb62b90ef7f7e76603bcd52d7e10ddb6d589f15' (2024-01-09)
  → 'github:NixOS/nixpkgs/0c741cd9fbdc435b7ca88e17efc371b48e7c23b8' (2024-01-14)
2024-01-15 03:07:05 +00:00
Jörg Thalheim
694f6e69e8 README: drop experimental flag for static ips 2024-01-13 08:55:55 +00:00
github-actions[bot]
bf5c4f258b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e6c4e766e523b86a74eae7b1dbc64795e3aa3041' (2024-01-04)
  → 'github:NixOS/nixpkgs/2aaf35bc85b2a6f9957fe9df17bcf5f94fbd0e85' (2024-01-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/382614ec619514fbc48dd9c60f043c4087798ddf' (2024-01-03)
  → 'github:NixOS/nixpkgs/7bb62b90ef7f7e76603bcd52d7e10ddb6d589f15' (2024-01-09)
2024-01-11 01:01:19 +00:00
github-actions[bot]
916bc1ddac flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/bd39e4e241aa5aabbb27307709aef511592cb9e5' (2024-01-01)
  → 'github:NixOS/nixpkgs/e6c4e766e523b86a74eae7b1dbc64795e3aa3041' (2024-01-04)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/eae82ed71467a19374437376fbb7f5e3ad486aeb' (2023-12-31)
  → 'github:NixOS/nixpkgs/382614ec619514fbc48dd9c60f043c4087798ddf' (2024-01-03)
2024-01-04 01:00:24 +00:00
Mic92
a337c75e33 non-interactive: add missing udev rules (#163)
non-interactive: add missing udev rules

* Update nix/zfs-minimal.nix

Co-authored-by: Gary Guo <gary@garyguo.net>
2024-01-03 09:54:53 +00:00
github-actions[bot]
b858bab86b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6db1324e4c9f702631a0dfe11b10189485af9fc0' (2023-12-27)
  → 'github:NixOS/nixpkgs/bd39e4e241aa5aabbb27307709aef511592cb9e5' (2024-01-01)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/f930306a698f1ae7045cf3265693b7ebc9512f23' (2023-12-27)
  → 'github:NixOS/nixpkgs/eae82ed71467a19374437376fbb7f5e3ad486aeb' (2023-12-31)
2024-01-01 02:58:13 +00:00
github-actions[bot]
35c9a49b57 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/3128dfc824de336220e71cddc44d417bacc91fd7' (2023-12-24)
  → 'github:NixOS/nixpkgs/6db1324e4c9f702631a0dfe11b10189485af9fc0' (2023-12-27)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cb574470bb7e360016c254867f7734a95812b47f' (2023-12-24)
  → 'github:NixOS/nixpkgs/f930306a698f1ae7045cf3265693b7ebc9512f23' (2023-12-27)
2023-12-28 00:58:41 +00:00
github-actions[bot]
85434de040 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/df3e6d6131d5f5df9b9524c7f4c39bfce7add927' (2023-12-22)
  → 'github:NixOS/nixpkgs/3128dfc824de336220e71cddc44d417bacc91fd7' (2023-12-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/d644f3882d553e717e225e69ec8254d6736b8cba' (2023-12-21)
  → 'github:NixOS/nixpkgs/cb574470bb7e360016c254867f7734a95812b47f' (2023-12-24)
2023-12-25 02:54:17 +00:00
Jörg Thalheim
56b5279131 fix kexec-syscall-auto check 2023-12-24 07:07:56 +00:00
Jörg Thalheim
9a02e3d7b2 change to numtide as binary cache 2023-12-24 07:07:56 +00:00
Jörg Thalheim
c6f494de02 Revert "disable flake updates for now"
This reverts commit 3a769c86e2.

We now have a better buildbot to handle this.
2023-12-24 07:07:56 +00:00
Jörg Thalheim
eaf2d21fa9 disable kexec-syscall-auto flag on old kernels 2023-12-23 17:18:52 +00:00
Jörg Thalheim
1d92ed3028
Merge pull request #154 from nix-community/upgrade-aarch64
upgrade zfs on aarch64
2023-12-23 09:19:36 +01:00
Jörg Thalheim
3a769c86e2 disable flake updates for now 2023-12-23 09:19:00 +01:00
Jörg Thalheim
d7dfa237d6 switch out binary cache 2023-12-23 02:20:46 +01:00
Jörg Thalheim
3b7b5998f1 export packages as checks 2023-12-23 02:20:46 +01:00
Jörg Thalheim
1717912538 mergify: upgrade for buildbot 2023-12-23 02:20:46 +01:00
Jörg Thalheim
6da561b62f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/8ae56eaea9054590c57f9509341601f05cbb92d7' (2023-12-09)
  → 'github:NixOS/nixpkgs/cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7' (2023-12-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e4e2af6d113155799eb9be93e3d8dd32d7300e06' (2023-12-06)
  → 'github:NixOS/nixpkgs/120a26f8ce32ac2bdc0e49a9fed830b7446416b4' (2023-12-11)
2023-12-23 02:20:46 +01:00
Jörg Thalheim
db63ed890f upgrade zfs on aarch64 2023-12-23 02:20:46 +01:00
Jörg Thalheim
d655cc02fc
Merge pull request #152 from nix-community/joerg-ci
disable installer channel in a single place
2023-12-12 11:02:05 +01:00
Jörg Thalheim
73c9e5e338 disable installer channel in a single place 2023-12-10 11:57:48 +01:00
Jörg Thalheim
b7719bef5d update mergify configuration 2023-12-10 11:54:07 +01:00
Jörg Thalheim
86196b2130
Merge pull request #151 from phaer/23-11
build 23.11 instead of 23.05
2023-12-10 11:53:27 +01:00
phaer
1109a26efb build 23.11, don't build 23.05 anymore 2023-12-09 16:39:12 +00:00
mergify[bot]
7dbb493899
Merge pull request #150 from nix-community/update_flake_lock_action
flake.lock: Update
2023-12-07 08:10:58 +00:00
github-actions[bot]
4e84af9d0c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
  → 'github:NixOS/nixpkgs/0561103cedb11e7554cf34cea81e5f5d578a4753' (2023-12-05)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0b62f5adfd6635f8013d800ceb0cf39411a8216f' (2023-12-03)
  → 'github:NixOS/nixpkgs/e4e2af6d113155799eb9be93e3d8dd32d7300e06' (2023-12-06)
2023-12-07 08:02:48 +00:00
mergify[bot]
6e106f700d
Merge pull request #149 from nix-community/dependabot/github_actions/cachix/install-nix-action-24
build(deps): bump cachix/install-nix-action from 23 to 24
2023-12-04 10:11:53 +00:00
dependabot[bot]
6a6e5ccc74
build(deps): bump cachix/install-nix-action from 23 to 24
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 23 to 24.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v23...v24)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-04 10:05:33 +00:00
mergify[bot]
d5a5de3e0c
Merge pull request #148 from nix-community/update_flake_lock_action
flake.lock: Update
2023-12-04 01:32:28 +00:00
github-actions[bot]
c87dbe2034 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/f237a187117e1fd4cd780cfc25fd78f7f9a3e3cf' (2023-11-29)
  → 'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e2fa3d60550627938495aa368a1d4635c9cf64ff' (2023-11-29)
  → 'github:NixOS/nixpkgs/0b62f5adfd6635f8013d800ceb0cf39411a8216f' (2023-12-03)
2023-12-04 00:54:29 +00:00
mergify[bot]
e091c84b60
Merge pull request #147 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-30 01:43:15 +00:00
github-actions[bot]
66d70aa898 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/835eab9a7bcaf4365fc96f5d1a756784aea0f5d1' (2023-11-26)
  → 'github:NixOS/nixpkgs/f237a187117e1fd4cd780cfc25fd78f7f9a3e3cf' (2023-11-29)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/173b74db07f26344f3517716edd4bff6987b512d' (2023-11-26)
  → 'github:NixOS/nixpkgs/e2fa3d60550627938495aa368a1d4635c9cf64ff' (2023-11-29)
2023-11-30 00:53:45 +00:00
mergify[bot]
5119908dda
Merge pull request #146 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-27 01:12:07 +00:00
github-actions[bot]
5ba340ce83 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/ee5ddacfab29812b32b5ea8c1dacdadfdf264475' (2023-11-22)
  → 'github:NixOS/nixpkgs/835eab9a7bcaf4365fc96f5d1a756784aea0f5d1' (2023-11-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
  → 'github:NixOS/nixpkgs/173b74db07f26344f3517716edd4bff6987b512d' (2023-11-26)
2023-11-27 00:57:04 +00:00
mergify[bot]
d238126a86
Merge pull request #145 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-23 01:18:19 +00:00
github-actions[bot]
7dab9962ad flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/9faf91e6d0b7743d41cce3b63a8e5c733dc696a3' (2023-11-20)
  → 'github:NixOS/nixpkgs/ee5ddacfab29812b32b5ea8c1dacdadfdf264475' (2023-11-22)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/12a0ade5e458984675b9789a4b260ebabdd2d1ab' (2023-11-19)
  → 'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
2023-11-23 00:53:16 +00:00
mergify[bot]
fc531304e2
Merge pull request #144 from nix-community/machine-id
also copy machine-id into installer
2023-11-22 13:45:28 +00:00
Jörg Thalheim
bebc30e7fd also copy machine-id into installer
This can help with keeping the same dhcp leases when the dhcp server uses DUID rather than mac addresses
2023-11-22 10:45:18 +01:00
mergify[bot]
6531732454
Merge pull request #143 from nix-community/joerg-ci
flake.nix: switch back to nixos-unstable-small upstream
2023-11-20 11:40:50 +00:00
Jörg Thalheim
6688a9b437 flake.nix: switch back to nixos-unstable-small upstream 2023-11-20 12:23:12 +01:00
Jörg Thalheim
4dcc041b86
Merge pull request #142 from nix-community/sane-nix-settings
add nix-settings from srvos
2023-11-20 12:15:23 +01:00
Jörg Thalheim
971b6849d5 add nix-settings from srvos
if used as a recovery system, it's useful to have flakes etc enabled.
2023-11-19 13:23:43 +01:00
mergify[bot]
b75f16f72f
Merge pull request #141 from nix-community/joerg-ci
add comment for lvm raid
2023-11-12 11:39:30 +00:00
Jörg Thalheim
c0a2c19f83 add comment for lvm raid 2023-11-12 12:34:58 +01:00
Jörg Thalheim
092b60439f
Merge pull request #140 from nix-community/add-dm-raid
load dm-raid kernel module
2023-11-12 12:33:28 +01:00
zimbatm
a8fbf192c7 load dm-raid kernel module
Fixes https://github.com/nix-community/nixos-anywhere/issues/249
2023-11-12 11:43:01 +01:00
Jörg Thalheim
81ab4e8f6f
Merge pull request #139 from nbdd0121/patch-1
Copy ecdsa/sk keys from /root/.ssh/authorized_keys
2023-11-08 23:18:30 +01:00
Gary Guo
7d89d7c99f
Copy ecdsa/sk keys from /root/.ssh/authorized_keys 2023-11-08 16:13:10 +00:00
mergify[bot]
fca6d15d05
Merge pull request #138 from nix-community/joerg-ci
reduce test in VM to 1.2 GB RAM
2023-11-02 12:08:31 +00:00
mergify[bot]
28250ff73f
Merge branch 'main' into joerg-ci 2023-11-02 12:02:27 +00:00
Jörg Thalheim
1afdae78b7 reduce test in VM to 1.2 GB RAM 2023-11-02 13:01:36 +01:00
Jörg Thalheim
25f4c4dddd
Merge pull request #137 from nix-community/nixpkgs-upstream
no longer delete existing assets
2023-11-02 12:44:58 +01:00
Jörg Thalheim
6c43b7016d no longer delete existing assets
we now have both aarch64/x86_64 overwriting each other
2023-11-02 12:42:50 +01:00
mergify[bot]
233cb26594
Merge pull request #136 from nix-community/nixpkgs-upstream
kexec-installer: disable channel in unstable
2023-11-02 10:41:23 +00:00
Jörg Thalheim
913fba8fbe netboot-installer: disable channel in unstable 2023-11-02 11:09:57 +01:00
Jörg Thalheim
6b3ebfbf99 kexec-installer: disable channel in unstable 2023-11-02 11:09:57 +01:00
mergify[bot]
dd2e96b4a4
Merge pull request #135 from nix-community/nixpkgs-upstream
switch back to nixpkgs upstream
2023-11-02 09:54:17 +00:00
Jörg Thalheim
fba4a2bf0d apply nixpkgs-fmt 2023-11-02 10:43:57 +01:00
Jörg Thalheim
75d7180dc1 netboot-installer: also enable ipv6 router advertisment 2023-11-02 10:43:21 +01:00
Jörg Thalheim
8239d6079a no longer depend on dhcpcd for dhcp networking 2023-11-02 10:43:08 +01:00
Jörg Thalheim
8f0b2d8f63 drop checksum from release tab
it no longer works since we have now two architectures build independently
2023-11-02 08:54:22 +01:00
Jörg Thalheim
8eb1ef49d5 switch to nixos-unstable-small
flake.lock: Update

Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/f9d25531cc073c6ae78c6988e12455eb1e015134' (2023-11-01)
  → 'github:NixOS/nixpkgs/ecd985f22e007e6ac3152d68590c06cbbaea8c0e' (2023-11-02)
2023-11-02 08:54:22 +01:00
Jörg Thalheim
d84d1b296b installer: useNetworkd consistently 2023-10-28 16:11:35 +02:00
Jörg Thalheim
dc68643995 switch back to nixpkgs upstream 2023-10-28 15:58:39 +02:00
mergify[bot]
87bccdbdfb
Merge pull request #134 from Stunkymonkey/fix-typos
fix some typos
2023-10-17 03:59:56 +00:00
Felix Buehler
e62ab61f81 fix some typos 2023-10-16 23:22:54 +02:00
mergify[bot]
c4c73bce65
Merge pull request #132 from nix-community/dependabot/github_actions/actions/checkout-4
build(deps): bump actions/checkout from 3 to 4
2023-09-11 10:54:47 +00:00
dependabot[bot]
23851e1ff0
build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 10:45:27 +00:00
mergify[bot]
cfae37e520
Merge pull request #131 from nix-community/dependabot/github_actions/cachix/install-nix-action-23
build(deps): bump cachix/install-nix-action from 22 to 23
2023-09-04 11:00:50 +00:00
dependabot[bot]
4e62ea7677
build(deps): bump cachix/install-nix-action from 22 to 23
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 22 to 23.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v22...v23)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 10:40:54 +00:00
mergify[bot]
8cddbac8c6
Merge pull request #130 from nix-community/dependabot/github_actions/DeterminateSystems/update-flake-lock-20
build(deps): bump DeterminateSystems/update-flake-lock from 19 to 20
2023-08-28 10:39:16 +00:00
dependabot[bot]
a8e011a556
build(deps): bump DeterminateSystems/update-flake-lock from 19 to 20
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 19 to 20.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v19...v20)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-28 10:28:31 +00:00
mergify[bot]
32c29d4ec7
Merge pull request #129 from nix-community/kexec-auto
kexec-installer: re-enable kexec-syscall-auto
2023-08-26 18:22:53 +00:00
Jörg Thalheim
f11fd49c78 kexec-installer: re-enable kexec-syscall-auto
Seems like GCP changed something about their boot process and the same instance types that failed to kexec, now just works.
This fixes secureboot as well: https://github.com/nix-community/nixos-images/issues/128
2023-08-26 19:36:51 +02:00
Jörg Thalheim
3067fe0c60
Merge pull request #127 from nix-community/ci
flake.lock: Update
2023-08-05 06:49:46 +01:00
Jörg Thalheim
f715155f87 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/9652a97d9738d3e65cf33c0bc24429e495a7868f' (2023-08-04)
  → 'github:Mic92/nixpkgs/831724726ba052189092f52ae0774dd406d657bb' (2023-08-05)
2023-08-05 07:49:32 +02:00
Jörg Thalheim
74ca72e242
Merge pull request #126 from nix-community/ci
also fix netboot on release-23.05
2023-08-05 06:48:15 +01:00
mergify[bot]
2a98397eb4
Merge branch 'main' into ci 2023-08-05 05:46:50 +00:00
Jörg Thalheim
377e275ebc also fix netboot on release-23.05 2023-08-05 07:45:36 +02:00
Jörg Thalheim
8cfcde285d
Merge pull request #125 from nix-community/ci
fix kernel name
2023-08-04 22:40:11 +01:00
Jörg Thalheim
a1478fe225 fix kernel name 2023-08-04 23:40:01 +02:00
Jörg Thalheim
1361e3e22a
Merge pull request #124 from nix-community/ci
ci: improve updating assets
2023-08-04 21:56:02 +01:00
mergify[bot]
4fd1a924cb
Merge branch 'main' into ci 2023-08-04 20:52:28 +00:00
Jörg Thalheim
3b4624dc1a build-images: reformat with shellfmt 2023-08-04 22:51:45 +02:00
Jörg Thalheim
7066549ee6 update assets more atomically 2023-08-04 22:51:45 +02:00
Jörg Thalheim
d694dd7829
Merge pull request #123 from nix-community/ci
nixos-images: return to nixpkgs upstream
2023-08-04 21:26:11 +01:00
Jörg Thalheim
b0fcd6bbe0 disable aarch64 until we fixed the race condition when creating releases 2023-08-04 22:25:49 +02:00
Jörg Thalheim
aaeec10163 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4f5308922f99987cabb1821b675da86948af00b4' (2023-08-04)
  → 'github:Mic92/nixpkgs/52a39dea62074a5d47001e86646f71dff78ffcad' (2023-08-04)
2023-08-04 22:22:15 +02:00
Jörg Thalheim
49bd69291a flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:Mic92/nixpkgs/15384bf882f524e3a08ed7cb86c811de5b75ba5a' (2023-06-15)
  → 'github:NixOS/nixpkgs/9652a97d9738d3e65cf33c0bc24429e495a7868f' (2023-08-04)
• Updated input 'nixos-unstable':
    'github:Mic92/nixpkgs/d4cab20b3a76fef4b9a487c37107df6351ebce33' (2023-06-16)
  → 'github:NixOS/nixpkgs/4f5308922f99987cabb1821b675da86948af00b4' (2023-08-04)
2023-08-04 22:01:10 +02:00
Jörg Thalheim
b63a9cb113 nixos-images: return to nixpkgs upstream 2023-08-04 21:59:59 +02:00
Jörg Thalheim
fcbf0b7c6c
Merge pull request #122 from nix-community/ci
also enable arm64 in github ci
2023-08-04 20:50:52 +01:00
Jörg Thalheim
40ea0c79e3 also enable arm64 in github ci 2023-08-04 21:50:03 +02:00
mergify[bot]
f98b4775fa
Merge pull request #118 from nix-community/update_flake_lock_action
flake.lock: Update
2023-07-04 17:15:49 +00:00
github-actions[bot]
8561ccba07 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:Mic92/nixpkgs/d21b935395b8880dd4e80dfac4104553cb795d03' (2023-06-15)
  → 'github:Mic92/nixpkgs/d4cab20b3a76fef4b9a487c37107df6351ebce33' (2023-06-16)
2023-07-04 16:36:33 +00:00
Jörg Thalheim
65c15be132
Merge pull request #120 from nix-community/gpt-disk
add missing gptfdisk
2023-07-04 17:31:51 +01:00
Jörg Thalheim
c90d09a5f6 mergify: drop images ci target 2023-07-04 18:31:43 +02:00
mergify[bot]
496b3a800c
Merge branch 'main' into gpt-disk 2023-07-04 16:31:38 +00:00
Jörg Thalheim
9a8b402e63
Merge pull request #119 from nix-community/dependabot/github_actions/cachix/install-nix-action-22
build(deps): bump cachix/install-nix-action from 21 to 22
2023-07-04 17:30:59 +01:00
Jörg Thalheim
e73cbf20a3 add missing gptfdisk
This is needed by disko for gpt
2023-07-04 18:07:03 +02:00
dependabot[bot]
cb80fd6175
build(deps): bump cachix/install-nix-action from 21 to 22
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 21 to 22.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v21...v22)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-19 10:56:56 +00:00
Jörg Thalheim
ccc1a2c08c
Merge pull request #115 from nix-community/update_flake_lock_action
flake.lock: Update
2023-06-15 09:52:48 +01:00
Jörg Thalheim
b713d90778 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:Mic92/nixpkgs/60e994e7ada7ce39b775d92cbb70a611c59f45d1' (2023-06-15)
  → 'github:Mic92/nixpkgs/15384bf882f524e3a08ed7cb86c811de5b75ba5a' (2023-06-15)
2023-06-15 10:20:54 +02:00
Jörg Thalheim
c92fa3d2f7 ping to nixpkgs fork to incorperate aarch64 fix
flake.lock: Update

Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/75eb7c2d47fdc01a0d477e9a89eac7ed366fe898' (2023-06-14)
  → 'github:Mic92/nixpkgs/60e994e7ada7ce39b775d92cbb70a611c59f45d1' (2023-06-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ba1a6ec548000d4a50719d14e6f73f63016674d5' (2023-06-14)
  → 'github:Mic92/nixpkgs/d21b935395b8880dd4e80dfac4104553cb795d03' (2023-06-15)
2023-06-15 10:02:07 +02:00
github-actions[bot]
fbc53c710d flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/5f6396e85487aa59c801da5f7c87ac20098b2fa8' (2023-06-11)
  → 'github:NixOS/nixpkgs/75eb7c2d47fdc01a0d477e9a89eac7ed366fe898' (2023-06-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3d318cb303f285d2964d4137619cb21ddd56cfd5' (2023-06-11)
  → 'github:NixOS/nixpkgs/ba1a6ec548000d4a50719d14e6f73f63016674d5' (2023-06-14)
2023-06-15 08:53:22 +02:00
Jörg Thalheim
fd8c7d7dd4
Merge pull request #117 from nix-community/label
update label
2023-06-15 07:14:10 +01:00
Jörg Thalheim
6967261261 update-flake-lock: fix label 2023-06-15 08:13:53 +02:00
32 changed files with 1037 additions and 283 deletions

View file

@ -11,15 +11,18 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
tag: tag:
- nixos-23.05 - nixos-24.05
- nixos-unstable - nixos-unstable
runs-on: ubuntu-latest os:
- nscloud-ubuntu-22.04-arm64-4x16
- ubuntu-latest
runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: cachix/install-nix-action@v21 - uses: cachix/install-nix-action@v30
with: with:
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixpkgs-unstable.tar.gz nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixpkgs-unstable.tar.gz
- name: Build image - name: Build image
run: ./build-images.sh "${{matrix.tag}}" run: ./build-images.sh "${{ matrix.tag }}" "$(nix eval --raw --impure --expr builtins.currentSystem)"
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

View file

@ -9,11 +9,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3 uses: actions/checkout@v4
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@v21 uses: cachix/install-nix-action@v30
- name: Update flake.lock - name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v19 uses: DeterminateSystems/update-flake-lock@v24
with: with:
pr-label: | pr-labels: |
merge-queue merge-queue

View file

@ -1,32 +1,11 @@
queue_rules: queue_rules:
- name: default - name: default
merge_conditions: merge_conditions:
- check-success=Evaluate flake.nix - check-success=buildbot/nix-build
- check-success=check kexec-installer-2305 [x86_64-linux]
- check-success=check kexec-installer-unstable [x86_64-linux]
- check-success=check shellcheck [x86_64-linux]
- check-success=images (nixos-23.05)
- check-success=images (nixos-unstable)
- check-success=package kexec-installer-nixos-2305 [aarch64-linux]
- check-success=package kexec-installer-nixos-2305 [x86_64-linux]
- check-success=package kexec-installer-nixos-2305-noninteractive [aarch64-linux]
- check-success=package kexec-installer-nixos-2305-noninteractive [x86_64-linux]
- check-success=package kexec-installer-nixos-unstable [aarch64-linux]
- check-success=package kexec-installer-nixos-unstable [x86_64-linux]
- check-success=package kexec-installer-nixos-unstable-noninteractive [aarch64-linux]
- check-success=package kexec-installer-nixos-unstable-noninteractive [x86_64-linux]
- check-success=package netboot-installer-nixos-2305 [aarch64-linux]
- check-success=package netboot-installer-nixos-2305 [x86_64-linux]
- check-success=package netboot-installer-nixos-unstable [aarch64-linux]
- check-success=package netboot-installer-nixos-unstable [x86_64-linux]
- check-success=package netboot-nixos-2305 [aarch64-linux]
- check-success=package netboot-nixos-2305 [x86_64-linux]
- check-success=package netboot-nixos-unstable [aarch64-linux]
- check-success=package netboot-nixos-unstable [x86_64-linux]
defaults: defaults:
actions: actions:
queue: queue:
allow_merging_configuration_change: true merge_method: rebase
pull_request_rules: pull_request_rules:
- name: merge using the merge queue - name: merge using the merge queue
conditions: conditions:

View file

@ -3,11 +3,6 @@
Automatically weekly updated images for NixOS. This project is intended to extend the images created by hydra.nixos.org. Automatically weekly updated images for NixOS. This project is intended to extend the images created by hydra.nixos.org.
We are currently creating the images listed below: We are currently creating the images listed below:
## Netboot images
You can boot the netboot image using this [ipxe script](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/netboot-x86_64-linux.ipxe).
It consists of the [kernel image](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux) and [initrd](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux).
## Kexec tarballs ## Kexec tarballs
These images are used for unattended remote installation in [nixos-anywhere](https://github.com/numtide/nixos-anywhere). These images are used for unattended remote installation in [nixos-anywhere](https://github.com/numtide/nixos-anywhere).
@ -16,10 +11,10 @@ Kexec is a mechanism in Linux to load a new kernel from a running Linux to
replace the current kernel. This is useful for booting the Nixos installer from replace the current kernel. This is useful for booting the Nixos installer from
existing Linux distributions, such as server provider that do not offer a NixOS existing Linux distributions, such as server provider that do not offer a NixOS
option. After running kexec, the NixOS installer exists only in memory. At the option. After running kexec, the NixOS installer exists only in memory. At the
time of writing, this requires at least 1.5GB of physical RAM (swap does not time of writing, this requires secure boot off in BIOS settings and at least 1GB
count) in the system. If not enough RAM is available, the initrd cannot be of physical RAM (swap does not count) in the system. If not enough RAM is available,
loaded. Because the NixOS runs only in RAM, users can reformat all the system's the initrd cannot be loaded. Because the NixOS runs only in RAM, users can reformat
discs to prepare for a new NixOS installation. all the system's discs to prepare for a new NixOS installation.
It can be booted as follows by running these commands as root: It can be booted as follows by running these commands as root:
@ -32,12 +27,32 @@ The kexec installer comes with the following features:
- Re-uses ssh host keys from the sshd to not break `.ssh/known_hosts` - Re-uses ssh host keys from the sshd to not break `.ssh/known_hosts`
- Authorized ssh keys are read from `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and `/etc/ssh/authorized_keys.d/root` - Authorized ssh keys are read from `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and `/etc/ssh/authorized_keys.d/root`
- (experimental, only tested for nixos-unstable) Static ip addresses and routes - Static ip addresses and routes are restored after reboot.
are restored after reboot. Interface that had dynamic addresses before are Interface that had dynamic addresses before are configured with DHCP and
configured with DHCP and to accept prefixes from ipv6 router advertisment to accept prefixes from ipv6 router advertisement
The actual kexec happens with a slight delay (6s). This allows for easier
The actual kexec happens with a slight delay (6s). This allows for easier
integration into automated nixos installation scripts, since you can cleanly integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations is also designed to be run from NixOS, which can be useful for new installations
## Iso installer images
This image allows to boot a NixOS installer off a USB-Stick.
This installer has been optimized for remote installation i.e.
with [nixos-anywhere](https://github.com/numtide/nixos-anywhere) and [clan](https://docs.clan.lol/getting-started/installer/) notably:
* Enables openssh by default
* Generates a random root password on each login
* Enables a Tor hidden SSH service so that by using the `torify ssh <hash>.onion`,
one can log in from remote machines.
* Prints a QR-Code that contains local addresses, the root password
* Includes the [IWD](https://wiki.archlinux.org/title/iwd) deamon for easier wifi setups:
* Run `iwctl` in the terminal for an interactive wifi setup interface.
![Screenshot of the installer](https://github.com/nix-community/nixos-images/releases/download/assets/image-installer-screenshot.jpg)
## Netboot images
You can boot the netboot image using this [ipxe script](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/netboot-x86_64-linux.ipxe).
It consists of the [kernel image](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux) and [initrd](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/initrd-x86_64-linux).

View file

@ -5,45 +5,54 @@ set -xeuo pipefail
shopt -s lastpipe shopt -s lastpipe
build_netboot_image() { build_netboot_image() {
declare -r tag=$1 arch=$2 tmp=$3 declare -r tag=$1 channel=$2 arch=$3 tmp=$4
img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-${tag//.}") img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-nixos-${channel//./}")
ln -s "$img/bzImage" "$tmp/bzImage-$arch" kernel=$(echo "$img"/*Image)
echo "$tmp/bzImage-$arch" kernelName=$(basename "$kernel")
ln -s "$kernel" "$tmp/$kernelName-$arch"
echo "$tmp/$kernelName-$arch"
ln -s "$img/initrd" "$tmp/initrd-$arch" ln -s "$img/initrd" "$tmp/initrd-$arch"
echo "$tmp/initrd-$arch" echo "$tmp/initrd-$arch"
sed -e "s!^kernel bzImage!kernel https://github.com/nix-community/nixos-images/releases/download/${tag}/bzImage-${arch}!" \ sed -e "s!^kernel $kernelName!kernel https://github.com/nix-community/nixos-images/releases/download/${tag}/$kernelName-${arch}!" \
-e "s!^initrd initrd!initrd https://github.com/nix-community/nixos-images/releases/download/${tag}/initrd-${arch}!" \ -e "s!^initrd initrd!initrd https://github.com/nix-community/nixos-images/releases/download/${tag}/initrd-${arch}!" \
-e "s!initrd=initrd!initrd=initrd-${arch}!" \ -e "s!initrd=initrd!initrd=initrd-${arch}!" \
< "$img/netboot.ipxe" \ <"$img/netboot.ipxe" \
> "$tmp/netboot-$arch.ipxe" >"$tmp/netboot-$arch.ipxe"
echo "$tmp/netboot-$arch.ipxe" echo "$tmp/netboot-$arch.ipxe"
} }
build_kexec_installer() { build_kexec_installer() {
declare -r tag=$1 arch=$2 tmp=$3 variant=$4 declare -r channel=$1 arch=$2 tmp=$3 variant=$4
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-${tag//.}${variant}") out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-nixos-${channel}${variant}")
echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz" echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz"
} }
build_image_installer() {
declare -r channel=$1 arch=$2 tmp=$3
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.image-installer-nixos-${channel//./}")
echo "$out/iso/nixos-installer-${arch}.iso"
}
main() { main() {
declare -r tag=${1:-nixos-unstable} arch=${2:-x86_64-linux} declare -r tag=${1:-nixos-unstable} arch=${2:-x86_64-linux}
tmp="$(mktemp -d)" tmp="$(mktemp -d)"
trap 'rm -rf -- "$tmp"' EXIT trap 'rm -rf -- "$tmp"' EXIT
( (
build_kexec_installer "$tag" "$arch" "$tmp" "" channel=$(if [[ "$tag" == nixos-unstable ]]; then echo "unstable"; else echo "stable"; fi)
build_kexec_installer "$tag" "$arch" "$tmp" "-noninteractive" build_kexec_installer "$channel" "$arch" "$tmp" ""
build_netboot_image "$tag" "$arch" "$tmp" build_kexec_installer "$channel" "$arch" "$tmp" "-noninteractive"
build_netboot_image "$tag" "$channel" "$arch" "$tmp"
build_image_installer "$channel" "$arch" "$tmp"
) | readarray -t assets ) | readarray -t assets
for asset in "${assets[@]}"; do for asset in "${assets[@]}"; do
pushd "$(dirname "$asset")" pushd "$(dirname "$asset")"
sha256sum "$(basename "$asset")" >> "$TMP/sha256sums"
popd popd
done done
assets+=("$TMP/sha256sums")
# Since we cannot atomically update a release, we delete the old one before if ! gh release view "$tag"; then
gh release delete "$tag" </dev/null || true gh release create --title "$tag (build $(date +"%Y-%m-%d"))" "$tag"
gh release create --title "$tag (build $(date +"%Y-%m-%d"))" "$tag" "${assets[@]}" </dev/null fi
gh release upload --clobber "$tag" "${assets[@]}"
} }
main "$@" main "$@"

View file

@ -1,28 +1,28 @@
{ {
"nodes": { "nodes": {
"nixos-2305": { "nixos-stable": {
"locked": { "locked": {
"lastModified": 1686526929, "lastModified": 1729181673,
"narHash": "sha256-ybQ4GDx/AViKJfeu2PUWvxxlGcmVHVY15zay849i6dg=", "narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5f6396e85487aa59c801da5f7c87ac20098b2fa8", "rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "release-23.05", "ref": "nixos-24.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1686496983, "lastModified": 1729450260,
"narHash": "sha256-DX7PZwzBVHQpwG4vK5zUa61/RFk2BQb3uTxJQg2wiM0=", "narHash": "sha256-3GNZr0V4b19RZ5mlyiY/4F8N2pzitvjDU6aHMWjAqLI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3d318cb303f285d2964d4137619cb21ddd56cfd5", "rev": "e3f55158e7587c5a5fdb0e86eb7ca4f455f0928f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -34,7 +34,7 @@
}, },
"root": { "root": {
"inputs": { "inputs": {
"nixos-2305": "nixos-2305", "nixos-stable": "nixos-stable",
"nixos-unstable": "nixos-unstable" "nixos-unstable": "nixos-unstable"
} }
} }

126
flake.nix
View file

@ -2,62 +2,84 @@
description = "NixOS images"; description = "NixOS images";
inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
inputs.nixos-2305.url = "github:NixOS/nixpkgs/release-23.05"; inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
nixConfig.extra-substituters = [ nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];
"https://cache.garnix.io" nixConfig.extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
];
nixConfig.extra-trusted-public-keys = [
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
];
outputs = { self, nixos-unstable, nixos-2305 }: let outputs = { self, nixos-unstable, nixos-stable }:
supportedSystems = [ "aarch64-linux" "x86_64-linux" ]; let
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems; supportedSystems = [ "riscv64-linux" ];
in { forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
packages = forAllSystems (system: let in
netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") {}).netboot.${system}; {
kexec-installer = nixpkgs: modules: (nixpkgs.legacyPackages.${system}.nixos (modules ++ [self.nixosModules.kexec-installer])).config.system.build.kexecTarball; hydraJobs = { inherit (self) checks; };
netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [self.nixosModules.netboot-installer]).config.system.build.netboot; packages = forAllSystems (system:
in { let
netboot-nixos-unstable = netboot nixos-unstable; netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system};
netboot-nixos-2305 = netboot nixos-2305; kexec-installer = nixpkgs: module: (nixpkgs.legacyPackages.${system}.nixos [ module self.nixosModules.kexec-installer ]).config.system.build.kexecTarball;
kexec-installer-nixos-unstable = kexec-installer nixos-unstable []; netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ]).config.system.build.netboot;
kexec-installer-nixos-2305 = kexec-installer nixos-2305 []; image-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ]).config.system.build.isoImage;
in
{
netboot-nixos-unstable = netboot nixos-unstable;
netboot-nixos-stable = netboot nixos-stable;
kexec-installer-nixos-unstable = kexec-installer nixos-unstable {};
kexec-installer-nixos-stable = kexec-installer nixos-stable {};
kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [ image-installer-nixos-unstable = image-installer nixos-unstable;
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; } image-installer-nixos-stable = image-installer nixos-stable;
self.nixosModules.noninteractive
];
kexec-installer-nixos-2305-noninteractive = kexec-installer nixos-2305 [
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
self.nixosModules.noninteractive
];
netboot-installer-nixos-unstable = netboot-installer nixos-unstable; kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable {
netboot-installer-nixos-2305 = netboot-installer nixos-2305; _file = __curPos.file;
}); system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
nixosModules = { imports = [
kexec-installer = ./nix/kexec-installer/module.nix; self.nixosModules.noninteractive
noninteractive = ./nix/noninteractive.nix; ];
# TODO: also add a test here once we have https://github.com/NixOS/nixpkgs/pull/228346 merged };
netboot-installer = ./nix/netboot-installer/module.nix; kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable {
}; _file = __curPos.file;
checks.x86_64-linux = let system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
pkgs = nixos-unstable.legacyPackages.x86_64-linux; imports = [
in { self.nixosModules.noninteractive
kexec-installer-unstable = pkgs.callPackage ./nix/kexec-installer/test.nix { ];
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-unstable-noninteractive; };
};
shellcheck = pkgs.runCommand "shellcheck" { netboot-installer-nixos-unstable = netboot-installer nixos-unstable;
nativeBuildInputs = [ pkgs.shellcheck ]; netboot-installer-nixos-stable = netboot-installer nixos-stable;
} '' });
shellcheck ${(pkgs.nixos [self.nixosModules.kexec-installer]).config.system.build.kexecRun} nixosModules = {
touch $out kexec-installer = ./nix/kexec-installer/module.nix;
''; noninteractive = ./nix/noninteractive.nix;
kexec-installer-2305 = nixos-2305.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix { # TODO: also add a test here once we have https://github.com/NixOS/nixpkgs/pull/228346 merged
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-2305-noninteractive; netboot-installer = ./nix/netboot-installer/module.nix;
image-installer = ./nix/image-installer/module.nix;
}; };
checks =
let
# re-export the packages as checks
packages = forAllSystems (system: nixos-unstable.lib.mapAttrs' (n: nixos-unstable.lib.nameValuePair "package-${n}") self.packages.${system});
checks =
let
pkgsUnstable = nixos-unstable.legacyPackages.riscv64-linux;
pkgsStable = nixos-stable.legacyPackages.riscv64-linux;
bootTests = pkgs: channel: suffix: pkgs.lib.mapAttrs' (name: pkgs.lib.nameValuePair "${name}${suffix}") (pkgs.callPackages ./nix/image-installer/tests.nix {
nixpkgs = channel;
nixosModules = self.nixosModules;
});
in
{
kexec-installer-unstable = pkgsUnstable.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.riscv64-linux.kexec-installer-nixos-unstable-noninteractive;
};
kexec-installer-stable = nixos-stable.legacyPackages.riscv64-linux.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.riscv64-linux.kexec-installer-nixos-stable-noninteractive;
};
} // (bootTests pkgsUnstable nixos-unstable "-nixos-unstable")
// (bootTests pkgsStable nixos-stable "-nixos-stable");
in
nixos-unstable.lib.recursiveUpdate packages { riscv64-linux = checks; };
}; };
};
} }

View file

@ -1,5 +0,0 @@
builds:
include:
- '*.x86_64-linux.*'
- '*.aarch64-linux.*'
- nixosConfigurations.*

View file

@ -0,0 +1,63 @@
{
config,
lib,
pkgs,
...
}:
{
options.hidden-ssh-announce = {
enable = lib.mkEnableOption "hidden-ssh-announce";
script = lib.mkOption {
type = lib.types.package;
default = pkgs.writers.writeDash "test-output" "echo $1";
description = ''
script to run when the hidden tor service was started and they hostname is known.
takes the hostname as $1
'';
};
};
config = lib.mkIf config.hidden-ssh-announce.enable {
services.openssh.enable = true;
services.tor = {
enable = true;
relay.onionServices.hidden-ssh = {
version = 3;
map = [
{
port = 22;
target.port = 22;
}
];
};
client.enable = true;
};
systemd.services.hidden-ssh-announce = {
description = "announce hidden ssh";
after = [
"tor.service"
"network-online.target"
];
wants = [
"tor.service"
"network-online.target"
];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
# ${pkgs.tor}/bin/torify
ExecStart = pkgs.writeShellScript "announce-hidden-service" ''
set -efu
until test -e ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname; do
echo "still waiting for ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname"
sleep 1
done
${config.hidden-ssh-announce.script} "$(cat ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname)"
'';
PrivateTmp = "true";
User = "tor";
Type = "oneshot";
};
};
};
}

View file

@ -0,0 +1,125 @@
{
lib,
pkgs,
modulesPath,
...
}:
let
network-status = pkgs.writeShellScriptBin "network-status" ''
export PATH=${
lib.makeBinPath (
with pkgs;
[
iproute2
coreutils
gnugrep
nettools
gum
]
)
}
set -efu -o pipefail
msgs=()
if [[ -e /var/shared/qrcode.utf8 ]]; then
qrcode=$(gum style --border-foreground 240 --border normal "$(< /var/shared/qrcode.utf8)")
msgs+=("$qrcode")
fi
network_status="Root password: $(cat /var/shared/root-password)
Local network addresses:
$(ip -brief -color addr | grep -v 127.0.0.1)
$([[ -e /var/shared/onion-hostname ]] && echo "Onion address: $(cat /var/shared/onion-hostname)" || echo "Onion address: Waiting for tor network to be ready...")
Multicast DNS: $(hostname).local"
network_status=$(gum style --border-foreground 240 --border normal "$network_status")
msgs+=("$network_status")
msgs+=("Press 'Ctrl-C' for console access")
gum join --vertical "''${msgs[@]}"
'';
in
{
imports = [
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
../installer.nix
../noveau-workaround.nix
./hidden-ssh-announcement.nix
./wifi.nix
];
systemd.tmpfiles.rules = [ "d /var/shared 0777 root root - -" ];
services.openssh.settings.PermitRootLogin = "yes";
system.activationScripts.root-password = ''
mkdir -p /var/shared
${pkgs.xkcdpass}/bin/xkcdpass --numwords 3 --delimiter - --count 1 > /var/shared/root-password
echo "root:$(cat /var/shared/root-password)" | chpasswd
'';
hidden-ssh-announce = {
enable = true;
script = pkgs.writeShellScript "write-hostname" ''
set -efu
export PATH=${
lib.makeBinPath (
with pkgs;
[
iproute2
coreutils
jq
qrencode
]
)
}
mkdir -p /var/shared
echo "$1" > /var/shared/onion-hostname
local_addrs=$(ip -json addr | jq '[map(.addr_info) | flatten | .[] | select(.scope == "global") | .local]')
jq -nc \
--arg password "$(cat /var/shared/root-password)" \
--arg onion_address "$(cat /var/shared/onion-hostname)" \
--argjson local_addrs "$local_addrs" \
'{ pass: $password, tor: $onion_address, addrs: $local_addrs }' \
> /var/shared/login.json
cat /var/shared/login.json | qrencode -s 2 -m 2 -t utf8 -o /var/shared/qrcode.utf8
'';
};
services.getty.autologinUser = lib.mkForce "root";
console.earlySetup = true;
console.font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
environment.systemPackages = [ network-status ];
# Less ipv6 addresses to reduce the noise
networking.tempAddresses = "disabled";
# Tango theme: https://yayachiken.net/en/posts/tango-colors-in-terminal/
console.colors = lib.mkDefault [
"000000"
"CC0000"
"4E9A06"
"C4A000"
"3465A4"
"75507B"
"06989A"
"D3D7CF"
"555753"
"EF2929"
"8AE234"
"FCE94F"
"739FCF"
"AD7FA8"
"34E2E2"
"EEEEEC"
];
programs.bash.interactiveShellInit = ''
if [[ "$(tty)" =~ /dev/(tty1|hvc0|ttyS0)$ ]]; then
# workaround for https://github.com/NixOS/nixpkgs/issues/219239
systemctl restart systemd-vconsole-setup.service
watch --no-title --color ${network-status}/bin/network-status
fi
'';
# No one got time for xz compression.
isoImage.squashfsCompression = "zstd";
isoImage.isoName = lib.mkForce "nixos-installer-${pkgs.system}.iso";
}

View file

@ -0,0 +1,105 @@
{
pkgs,
lib,
nixpkgs,
nixos,
nixosModules,
}:
let
testConfig = (
nixos [
(
{ modulesPath, ... }:
{
imports = [
nixosModules.image-installer
"${modulesPath}/testing/test-instrumentation.nix"
];
}
)
]
);
iso = testConfig.config.system.build.isoImage;
mkStartCommand =
{
memory ? 2048,
cdrom ? null,
usb ? null,
uefi ? false,
extraFlags ? [ ],
}:
let
qemu-common = import (nixpkgs + "/nixos/lib/qemu-common.nix") { inherit lib pkgs; };
qemu = qemu-common.qemuBinary pkgs.qemu_test;
flags =
[
"-m"
(toString memory)
"-netdev"
"user,id=net0"
"-device"
"virtio-net-pci,netdev=net0"
]
++ lib.optionals (cdrom != null) [
"-cdrom"
cdrom
]
++ lib.optionals (usb != null) [
"-device"
"usb-ehci"
"-drive"
"id=usbdisk,file=${usb},if=none,readonly"
"-device"
"usb-storage,drive=usbdisk"
]
++ lib.optionals uefi [
"-drive"
"if=pflash,format=raw,unit=0,readonly=on,file=${pkgs.OVMF.firmware}"
"-drive"
"if=pflash,format=raw,unit=1,readonly=on,file=${pkgs.OVMF.variables}"
]
++ extraFlags;
flagsStr = lib.concatStringsSep " " flags;
in
"${qemu} ${flagsStr}";
makeBootTest =
name: config:
let
startCommand = mkStartCommand config;
in
pkgs.testers.runNixOSTest {
name = "boot-${name}";
nodes = { };
testScript = ''
machine = create_machine("${startCommand}")
machine.start()
machine.wait_for_unit("multi-user.target")
machine.succeed("nix store verify --no-trust -r --option experimental-features nix-command /run/current-system")
machine.shutdown()
'';
};
in
{
uefi-cdrom = makeBootTest "uefi-cdrom" {
uefi = true;
cdrom = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
uefi-usb = makeBootTest "uefi-usb" {
uefi = true;
usb = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
bios-cdrom = makeBootTest "bios-cdrom" {
cdrom = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
bios-usb = makeBootTest "bios-usb" {
usb = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
}

View file

@ -0,0 +1,17 @@
{
imports = [ ../networkd.nix ];
# use iwd instead of wpa_supplicant
networking.wireless.enable = false;
# Use iwd instead of wpa_supplicant. It has a user friendly CLI
networking.wireless.iwd = {
enable = true;
settings = {
Network = {
EnableIPv6 = true;
RoutePriorityOffset = 300;
};
Settings.AutoConnect = true;
};
};
}

View file

@ -1,56 +1,45 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
imports = [
# ./latest-zfs-kernel.nix
./nix-settings.nix
];
# more descriptive hostname than just "nixos"
networking.hostName = lib.mkDefault "nixos-installer";
# We are stateless, so just default to latest. # We are stateless, so just default to latest.
system.stateVersion = config.system.nixos.version; system.stateVersion = config.system.nixos.version;
# use latest kernel we can support to get more hardware support # Enable bcachefs support
boot.kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages; boot.supportedFilesystems.bcachefs = lib.mkDefault true;
# IPMI SOL console redirection stuff # use latest kernel we can support to get more hardware support
boot.kernelParams = # boot.zfs.package = pkgs.zfsUnstable;
[ "console=tty0" ] ++
(lib.optional (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) "console=ttyAMA0,115200") ++
(lib.optional (pkgs.stdenv.hostPlatform.isRiscV) "console=ttySIF0,115200") ++
[ "console=ttyS0,115200" ];
documentation.enable = false; documentation.enable = false;
# Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable. documentation.man.man-db.enable = false;
networking.firewall.enable = false;
systemd.network.enable = true; # make it easier to debug boot failures
networking.dhcpcd.enable = false; boot.initrd.systemd.emergencyAccess = true;
# for zapping of disko environment.systemPackages = [
environment.systemPackages = [ pkgs.jq ]; pkgs.nixos-install-tools
# for zapping of disko
pkgs.jq
# for copying extra files of nixos-anywhere
pkgs.rsync
# alternative to nixos-generate-config
# TODO: use nixpkgs again after next nixos release
(pkgs.callPackage ./nixos-facter.nix {})
systemd.services.log-network-status = { pkgs.disko
wantedBy = [ "multi-user.target" ]; ];
# No point in restarting this. We just need this after boot
restartIfChanged = false;
serviceConfig = { # Don't add nixpkgs to the image to save space, for our intended use case we don't need it
Type = "oneshot"; system.installer.channel.enable = false;
StandardOutput = "journal+console";
ExecStart = [
# Allow failures, so it still prints what interfaces we have even if we
# not get online
"-${pkgs.systemd}/lib/systemd/systemd-networkd-wait-online"
"${pkgs.iproute2}/bin/ip -c addr"
"${pkgs.iproute2}/bin/ip -c -6 route"
"${pkgs.iproute2}/bin/ip -c -4 route"
];
};
};
# Restore ssh host and user keys if they are available.
# This avoids warnings of unknown ssh keys.
boot.initrd.postMountCommands = ''
mkdir -m 700 -p /mnt-root/root/.ssh
mkdir -m 755 -p /mnt-root/etc/ssh
mkdir -m 755 -p /mnt-root/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /mnt-root/root/.ssh
fi
install -m 400 ssh/ssh_host_* /mnt-root/etc/ssh
cp *.json /mnt-root/root/network/
'';
} }

44
nix/kexec-installer/kexec-run.sh Normal file → Executable file
View file

@ -1,6 +1,19 @@
#!/bin/sh #!/bin/sh
set -ex set -ex
kexec_extra_flags=""
while [ $# -gt 0 ]; do
case "$1" in
--kexec-extra-flags)
kexec_extra_flags="$2"
shift
;;
esac
shift
done
# provided by nix # provided by nix
init="@init@" init="@init@"
kernelParams="@kernelParams@" kernelParams="@kernelParams@"
@ -21,12 +34,16 @@ extractPubKeys() {
key="$home/$file" key="$home/$file"
if test -e "$key"; then if test -e "$key"; then
# workaround for debian shenanigans # workaround for debian shenanigans
grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys || true grep -o '\(\(ssh\|ecdsa\|sk\)-[^ ]* .*\)' "$key" >> ssh/authorized_keys || true
fi fi
done done
} }
extractPubKeys /root extractPubKeys /root
if test -n "${DOAS_USER-}"; then
SUDO_USER="$DOAS_USER"
fi
if test -n "${SUDO_USER-}"; then if test -n "${SUDO_USER-}"; then
sudo_home=$(sh -c "echo ~$SUDO_USER") sudo_home=$(sh -c "echo ~$SUDO_USER")
extractPubKeys "$sudo_home" extractPubKeys "$sudo_home"
@ -50,25 +67,36 @@ done
"$SCRIPT_DIR/ip" -4 --json route > routes-v4.json "$SCRIPT_DIR/ip" -4 --json route > routes-v4.json
"$SCRIPT_DIR/ip" -6 --json route > routes-v6.json "$SCRIPT_DIR/ip" -6 --json route > routes-v6.json
[ -f /etc/machine-id ] && cp /etc/machine-id machine-id
find . | cpio -o -H newc | gzip -9 >> "$SCRIPT_DIR/initrd" find . | cpio -o -H newc | gzip -9 >> "$SCRIPT_DIR/initrd"
# Dropped --kexec-syscall-auto because it broke on GCP... kexecSyscallFlags=""
if ! "$SCRIPT_DIR/kexec" --load "$SCRIPT_DIR/bzImage" \ # only do kexec-syscall-auto on kernels newer than 6.0.
--initrd="$SCRIPT_DIR/initrd" --no-checks \ # On older kernel we often get errors like: https://github.com/nix-community/nixos-anywhere/issues/264
--command-line "init=$init $kernelParams"; then if printf "%s\n" "6.1" "$(uname -r)" | sort -c -V 2>&1; then
kexecSyscallFlags="--kexec-syscall-auto"
fi
if ! sh -c "'$SCRIPT_DIR/kexec' --load '$SCRIPT_DIR/bzImage' \
$kexecSyscallFlags \
$kexec_extra_flags \
--initrd='$SCRIPT_DIR/initrd' --no-checks \
--command-line 'init=$init $kernelParams'"
then
echo "kexec failed, dumping dmesg" echo "kexec failed, dumping dmesg"
dmesg | tail -n 100 dmesg | tail -n 100
exit 1 exit 1
fi fi
# Disconnect our background kexec from the terminal # Disconnect our background kexec from the terminal
echo "machine will boot into nixos in in 6s..." echo "machine will boot into nixos in 6s..."
if test -e /dev/kmsg; then if test -e /dev/kmsg; then
# this makes logging visible in `dmesg`, or the system consol or tools like journald # this makes logging visible in `dmesg`, or the system console or tools like journald
exec > /dev/kmsg 2>&1 exec > /dev/kmsg 2>&1
else else
exec > /dev/null 2>&1 exec > /dev/null 2>&1
fi fi
# We will kexec in background so we can cleanly finish the script before the hosts go down. # We will kexec in background so we can cleanly finish the script before the hosts go down.
# This makes integration with tools like terraform easier. # This makes integration with tools like terraform easier.
nohup sh -c "sleep 6 && '$SCRIPT_DIR/kexec' -e" & nohup sh -c "sleep 6 && '$SCRIPT_DIR/kexec' -e ${kexec_extra_flags}" &

View file

@ -0,0 +1,26 @@
#!/usr/bin/env -S nix shell --inputs-from .# nixos-unstable#bash nixos-unstable#iproute2 nixos-unstable#findutils nixos-unstable#coreutils nixos-unstable#python3 nixos-unstable#jq --command bash
set -eu
SCRIPT_DIR=$(dirname "$(readlink -f "$0")")
# This script can be used to see what network configuration would be restored by the restore_routes.py script for the current system.
tmp=$(mktemp -d)
trap "rm -rf $tmp" EXIT
ip --json address >"$tmp/addrs.json"
ip -6 --json route >"$tmp/routes-v6.json"
ip -4 --json route >"$tmp/routes-v4.json"
python3 "$SCRIPT_DIR/restore_routes.py" "$tmp/addrs.json" "$tmp/routes-v4.json" "$tmp/routes-v6.json" "$tmp"
ls -la "$tmp"
find "$tmp" -type f -name "*.json" -print0 | while IFS= read -r -d '' file; do
echo -e "\033[0;31m$(basename "$file")\033[0m"
jq . "$file"
echo ""
done
find "$tmp" -type f -name "*.network" -print0 | while IFS= read -r -d '' file; do
echo -e "\033[0;31m$(basename "$file")\033[0m"
cat "$file"
echo ""
done

View file

@ -1,7 +1,14 @@
{ config, lib, modulesPath, pkgs, ... }: { config, lib, modulesPath, pkgs, ... }:
let let
restore-network = pkgs.writers.writePython3 "restore-network" { flakeIgnore = [ "E501" ]; } writePython3 = pkgs.writers.makePythonWriter
./restore_routes.py; pkgs.python3Minimal pkgs.python3Packages pkgs.buildPackages.python3Packages;
# writePython3Bin takes the same arguments as writePython3 but outputs a directory (like writeScriptBin)
writePython3Bin = name: writePython3 "/bin/${name}";
restore-network = writePython3Bin "restore-network" {
flakeIgnore = [ "E501" ];
} ./restore_routes.py;
# does not link with iptables enabled # does not link with iptables enabled
iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; }; iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };
@ -10,7 +17,11 @@ in
imports = [ imports = [
(modulesPath + "/installer/netboot/netboot-minimal.nix") (modulesPath + "/installer/netboot/netboot-minimal.nix")
../installer.nix ../installer.nix
../networkd.nix
../serial.nix
../restore-remote-access.nix
]; ];
options = { options = {
system.kexec-installer.name = lib.mkOption { system.kexec-installer.name = lib.mkOption {
type = lib.types.str; type = lib.types.str;
@ -22,6 +33,7 @@ in
}; };
config = { config = {
boot.initrd.compressor = "xz";
# This is a variant of the upstream kexecScript that also allows embedding # This is a variant of the upstream kexecScript that also allows embedding
# a ssh key. # a ssh key.
system.build.kexecRun = pkgs.runCommand "kexec-run" { } '' system.build.kexecRun = pkgs.runCommand "kexec-run" { } ''
@ -61,7 +73,7 @@ in
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
ExecStart = [ ExecStart = [
"${restore-network} /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network" "${restore-network}/bin/restore-network /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network"
]; ];
}; };

View file

@ -1,40 +1,86 @@
import json import json
import sys import sys
from pathlib import Path from pathlib import Path
from typing import Any from typing import Any, Iterator
from dataclasses import dataclass
def filter_interfaces(network: list[dict[str, Any]]) -> list[dict[str, Any]]: @dataclass
output = [] class Address:
address: str
family: str
prefixlen: int
preferred_life_time: int = 0
valid_life_time: int = 0
@dataclass
class Interface:
name: str
ifname: str | None
mac_address: str
dynamic_addresses: list[Address]
static_addresses: list[Address]
static_routes: list[dict[str, Any]]
def filter_interfaces(network: list[dict[str, Any]]) -> list[Interface]:
interfaces = []
for net in network: for net in network:
if net.get("link_type") == "loopback": if net.get("link_type") == "loopback":
continue continue
if not net.get("address"): if not (mac_address := net.get("address")):
# We need a mac address to match devices reliable # We need a mac address to match devices reliable
continue continue
addr_info = [] static_addresses = []
has_dynamic_address = False dynamic_addresses = []
for addr in net.get("addr_info", []): for info in net.get("addr_info", []):
# no link-local ipv4/ipv6 # no link-local ipv4/ipv6
if addr.get("scope") == "link": if info.get("scope") == "link":
continue continue
# do not explicitly configure addresses from dhcp or router advertisment if (preferred_life_time := info.get("preferred_life_time")) is None:
if addr.get("dynamic", False): continue
has_dynamic_address = True if (valid_life_time := info.get("valid_life_time")) is None:
continue
if (prefixlen := info.get("prefixlen")) is None:
continue
if (family := info.get("family")) not in ["inet", "inet6"]:
continue
if (local := info.get("local")) is None:
continue
if (dynamic := info.get("dynamic", False)) is None:
continue continue
else:
addr_info.append(addr)
if addr_info != [] or has_dynamic_address:
net["addr_info"] = addr_info
output.append(net)
return output address = Address(
address=local,
family=family,
prefixlen=prefixlen,
preferred_life_time=preferred_life_time,
valid_life_time=valid_life_time,
)
if dynamic:
dynamic_addresses.append(address)
else:
static_addresses.append(address)
interfaces.append(
Interface(
name=net.get("ifname", mac_address.replace(":", "-")),
ifname=net.get("ifname"),
mac_address=mac_address,
dynamic_addresses=dynamic_addresses,
static_addresses=static_addresses,
static_routes=[],
)
)
return interfaces
def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]: def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]:
filtered = [] filtered = []
for route in routes: for route in routes:
# Filter out routes set by addresses with subnets, dhcp and router advertisment # Filter out routes set by addresses with subnets, dhcp and router advertisement
if route.get("protocol") in ["dhcp", "kernel", "ra"]: if route.get("protocol") in ["dhcp", "kernel", "ra"]:
continue continue
filtered.append(route) filtered.append(route)
@ -42,46 +88,81 @@ def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]:
return filtered return filtered
def find_most_recent_v4_lease(addresses: list[Address]) -> Address | None:
most_recent_address = None
most_recent_lifetime = -1
for addr in addresses:
if addr.family == "inet6":
continue
lifetime = max(addr.preferred_life_time, addr.valid_life_time)
if lifetime > most_recent_lifetime:
most_recent_lifetime = lifetime
most_recent_address = addr
return most_recent_address
def generate_routes(
interface: Interface, routes: list[dict[str, Any]]
) -> Iterator[str]:
for route in routes:
if interface.ifname is None or route.get("dev") != interface.ifname:
continue
# we may ignore on-link default routes here, but I don't see how
# they would be useful for internet connectivity anyway
yield "[Route]"
if route.get("dst") != "default":
# can be skipped for default routes
yield f"Destination = {route['dst']}"
gateway = route.get("gateway")
# route v4 via v6
route_via = route.get("via")
if route_via and route_via.get("family") == "inet6":
gateway = route_via.get("host")
if route.get("dst") == "default":
yield "Destination = 0.0.0.0/0"
if gateway:
yield f"Gateway = {gateway}"
def generate_networkd_units( def generate_networkd_units(
interfaces: list[dict[str, Any]], routes: list[dict[str, Any]], directory: Path interfaces: list[Interface], routes: list[dict[str, Any]], directory: Path
) -> None: ) -> None:
directory.mkdir(exist_ok=True) directory.mkdir(exist_ok=True)
for interface in interfaces: for interface in interfaces:
name = f"{interface['ifname']}.network" # FIXME in some networks we might not want to trust dhcp or router advertisements
addresses = [ unit_sections = [
f"Address = {addr['local']}/{addr['prefixlen']}" f"""
for addr in interface.get("addr_info", [])
]
route_sections = []
for route in routes:
if route.get("dev", "nodev") != interface.get("ifname", "noif"):
continue
route_section = "[Route]\n"
if route.get("dst") != "default":
# can be skipped for default routes
route_section += f"Destination = {route['dst']}\n"
gateway = route.get("gateway")
if gateway:
route_section += f"Gateway = {gateway}\n"
# we may ignore on-link default routes here, but I don't see how
# they would be useful for internet connectivity anyway
route_sections.append(route_section)
# FIXME in some networks we might not want to trust dhcp or router advertisments
unit = f"""
[Match] [Match]
MACAddress = {interface["address"]} MACAddress = {interface.mac_address}
[Network] [Network]
# both ipv4 and ipv6
DHCP = yes DHCP = yes
# lets us discover the switch port we're connected to
LLDP = yes
# ipv6 router advertisements
IPv6AcceptRA = yes IPv6AcceptRA = yes
""" # allows us to ping "nixos.local"
unit += "\n".join(addresses) MulticastDNS = yes"""
unit += "\n" + "\n".join(route_sections) ]
(directory / name).write_text(unit) unit_sections.extend(
f"Address = {addr.address}/{addr.prefixlen}"
for addr in interface.static_addresses
)
unit_sections.extend(generate_routes(interface, routes))
most_recent_v4_lease = find_most_recent_v4_lease(interface.dynamic_addresses)
if most_recent_v4_lease:
unit_sections.append("[DHCPv4]")
unit_sections.append(f"RequestAddress = {most_recent_v4_lease.address}")
# trailing newline at the end
unit_sections.append("")
(directory / f"00-{interface.name}.network").write_text(
"\n".join(unit_sections)
)
def main() -> None: def main() -> None:

View file

@ -1,30 +1,24 @@
{ pkgs { pkgs
, lib
, kexecTarball , kexecTarball
, nixos-facter ? null
}: }:
let pkgs.testers.runNixOSTest {
makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
makeTest' = args: makeTest args {
inherit pkgs;
inherit (pkgs) system;
};
in
makeTest' {
name = "kexec-installer"; name = "kexec-installer";
meta = with pkgs.lib.maintainers; { meta = with pkgs.lib.maintainers; {
maintainers = [ mic92 ]; maintainers = [ mic92 ];
}; };
nodes = { nodes = {
node1 = { modulesPath, ... }: { node1 = { modulesPath, pkgs, ... }: {
virtualisation.vlans = [ ]; virtualisation.vlans = [ ];
environment.noXlibs = false; # avoid recompilation
imports = [ imports = [
(modulesPath + "/profiles/minimal.nix") (modulesPath + "/profiles/minimal.nix")
]; ];
system.extraDependencies = [ kexecTarball ]; system.extraDependencies = [ kexecTarball ];
virtualisation.memorySize = 1 * 1024 + 512; virtualisation.memorySize = 1 * 1024;
virtualisation.diskSize = 4 * 1024; virtualisation.diskSize = 4 * 1024;
virtualisation.forwardPorts = [{ virtualisation.forwardPorts = [{
host.port = 2222; host.port = 2222;
@ -33,10 +27,8 @@ makeTest' {
services.openssh.enable = true; services.openssh.enable = true;
networking = { networking.useNetworkd = true;
useNetworkd = true; networking.useDHCP = false;
useDHCP = false;
};
users.users.root.openssh.authorizedKeys.keyFiles = [ ./ssh-keys/id_ed25519.pub ]; users.users.root.openssh.authorizedKeys.keyFiles = [ ./ssh-keys/id_ed25519.pub ];
@ -52,12 +44,20 @@ makeTest' {
name = "eth0"; name = "eth0";
address = [ address = [
# Some static addresses that we want to see in the kexeced image # Some static addresses that we want to see in the kexeced image
"192.168.42.1/24" "42::1/64" "192.168.42.1/24"
"42::1/64"
]; ];
routes = [ routes = if pkgs.lib.versionAtLeast lib.version "24.11" then [
{ Destination = "192.168.43.0/24"; }
{ Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }
{ Destination = "192.168.45.0/24"; Gateway = "43::1"; }
{ Destination = "43::0/64"; }
{ Destination = "44::1/64"; Gateway = "43::1"; }
] else [
# Some static routes that we want to see in the kexeced image # Some static routes that we want to see in the kexeced image
{ routeConfig = { Destination = "192.168.43.0/24"; }; } { routeConfig = { Destination = "192.168.43.0/24"; }; }
{ routeConfig = { Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }; } { routeConfig = { Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }; }
{ routeConfig = { Destination = "192.168.45.0/24"; Gateway = "43::1"; }; }
{ routeConfig = { Destination = "43::0/64"; }; } { routeConfig = { Destination = "43::0/64"; }; }
{ routeConfig = { Destination = "44::1/64"; Gateway = "43::1"; }; } { routeConfig = { Destination = "44::1/64"; Gateway = "43::1"; }; }
]; ];
@ -65,10 +65,14 @@ makeTest' {
}; };
}; };
}; };
} // lib.optionalAttrs (lib.versionOlder lib.version "24.11pre") {
# avoid second overlay
environment.noXlibs = false;
}; };
}; };
testScript = '' testScript = /*python*/ ''
import json
import time import time
import subprocess import subprocess
import socket import socket
@ -102,19 +106,19 @@ makeTest' {
node1.succeed("ip -6 route >&2") node1.succeed("ip -6 route >&2")
node1.succeed("networkctl status eth0 >&2") node1.succeed("networkctl status eth0 >&2")
def ssh(cmd: list[str], check: bool = True, stdout: Optional[int] = None) -> subprocess.CompletedProcess: def ssh(cmd: list[str], check: bool = True, stdout: Optional[int] = None) -> subprocess.CompletedProcess[str]:
ssh_cmd = [ ssh_cmd = [
"${pkgs.openssh}/bin/ssh", "${pkgs.openssh}/bin/ssh",
"-o", "StrictHostKeyChecking=no", "-o", "StrictHostKeyChecking=no",
"-o", "ConnectTimeout=1", "-o", "ConnectTimeout=1",
"-i", "${./ssh-keys/id_ed25519}", "-i", "${./ssh-keys/id_ed25519}",
"-p", "2222", "-p", "2222",
"root@127.0.0.1", "root@127.0.0.1",
"--" "--"
] + cmd ] + cmd
print(" ".join(ssh_cmd)) print(" ".join(ssh_cmd))
return subprocess.run(ssh_cmd, return subprocess.run(ssh_cmd,
text=True, text=True,
check=check, check=check,
stdout=stdout) stdout=stdout)
@ -129,6 +133,7 @@ makeTest' {
# Kexec node1 to the toplevel of node2 via the kexec-boot script # Kexec node1 to the toplevel of node2 via the kexec-boot script
node1.succeed('touch /run/foo') node1.succeed('touch /run/foo')
old_machine_id = node1.succeed("cat /etc/machine-id").strip()
node1.fail('parted --version >&2') node1.fail('parted --version >&2')
node1.succeed('tar -xf ${kexecTarball}/nixos-kexec-installer-noninteractive-${pkgs.system}.tar.gz -C /root') node1.succeed('tar -xf ${kexecTarball}/nixos-kexec-installer-noninteractive-${pkgs.system}.tar.gz -C /root')
node1.succeed('/root/kexec/ip -V >&2') node1.succeed('/root/kexec/ip -V >&2')
@ -136,23 +141,36 @@ makeTest' {
node1.succeed('/root/kexec/run >&2') node1.succeed('/root/kexec/run >&2')
# wait for kexec to finish # wait for kexec to finish
while ssh(["true"], check=False).returncode == 0: while ssh(["true"], check=False).returncode == 0:
print("Waiting for kexec to finish...") print("Waiting for kexec to finish...")
time.sleep(1) time.sleep(1)
while ssh(["true"], check=False).returncode != 0: while ssh(["true"], check=False).returncode != 0:
print("Waiting for node2 to come up...") print("Waiting for node2 to come up...")
time.sleep(1) time.sleep(1)
while ssh(["systemctl is-active restore-network"], check=False).returncode != 0:
print("Waiting for network to be restored...")
time.sleep(1)
ssh(["systemctl", "status", "restore-network"])
print(ssh(["ip", "addr"])) print(ssh(["ip", "addr"]))
print(ssh(["ip", "route"])) print(ssh(["ip", "route"]))
print(ssh(["ip", "-6", "route"])) print(ssh(["ip", "-6", "route"]))
print(ssh(["networkctl", "status"])) print(ssh(["networkctl", "status"]))
new_machine_id = ssh(["cat", "/etc/machine-id"], stdout=subprocess.PIPE).stdout.strip()
assert old_machine_id == new_machine_id, f"{old_machine_id} != {new_machine_id}, machine-id changed"
assert ssh(["ls", "-la", "/run/foo"], check=False).returncode != 0, "kexeced node1 still has /run/foo" assert ssh(["ls", "-la", "/run/foo"], check=False).returncode != 0, "kexeced node1 still has /run/foo"
print(ssh(["parted", "--version"])) print(ssh(["parted", "--version"]))
host = ssh(["hostname"], stdout=subprocess.PIPE).stdout.strip() host = ssh(["hostname"], stdout=subprocess.PIPE).stdout.strip()
assert host == "nixos", f"hostname is {host}, not nixos" assert host == "nixos-installer", f"hostname is {host}, not nixos-installer"
has_nixos_facter=${if nixos-facter != null then "True" else "False"}
if has_nixos_facter == True:
data = json.loads(ssh(["nixos-facter"], stdout=subprocess.PIPE).stdout)
assert data["virtualisation"] == "kvm", f"virtualisation is {data['virtualisation']}, not kvm"
host_ed25519_after = ssh(["cat", "/etc/ssh/ssh_host_ed25519_key.pub"], stdout=subprocess.PIPE).stdout.strip() host_ed25519_after = ssh(["cat", "/etc/ssh/ssh_host_ed25519_key.pub"], stdout=subprocess.PIPE).stdout.strip()
assert host_ed25519_before == host_ed25519_after, f"'{host_ed25519_before}' != '{host_ed25519_after}'" assert host_ed25519_before == host_ed25519_after, f"'{host_ed25519_before}' != '{host_ed25519_after}'"
@ -160,7 +178,7 @@ makeTest' {
root_ed25519_after = ssh(["cat", "/root/.ssh/authorized_keys"], stdout=subprocess.PIPE).stdout.strip() root_ed25519_after = ssh(["cat", "/root/.ssh/authorized_keys"], stdout=subprocess.PIPE).stdout.strip()
assert root_ed25519_before in root_ed25519_after, f"'{root_ed25519_before}' not included in '{root_ed25519_after}'" assert root_ed25519_before in root_ed25519_after, f"'{root_ed25519_before}' not included in '{root_ed25519_after}'"
print(ssh(["cat", "/etc/systemd/network/eth0.network"])) print(ssh(["cat", "/etc/systemd/network/00-eth0.network"]))
ssh(["curl", "-v", "-I", f"http://10.0.2.2:{port}"]) ssh(["curl", "-v", "-I", f"http://10.0.2.2:{port}"])
ssh(["curl", "-v", "-I", f"http://[fec0::2]:{port}"]) ssh(["curl", "-v", "-I", f"http://[fec0::2]:{port}"])
@ -176,6 +194,10 @@ makeTest' {
print(out) print(out)
assert "192.168.44.2 via 192.168.43.1" in out, f"route to `192.168.44.2 via 192.168.43.1` not found: {out}" assert "192.168.44.2 via 192.168.43.1" in out, f"route to `192.168.44.2 via 192.168.43.1` not found: {out}"
out = ssh(["ip", "route", "get", "192.168.45.2"], stdout=subprocess.PIPE).stdout
print(out)
assert "192.168.45.2 via inet6 43::1" in out, f"route to `192.168.45.2 via inet6 43::1` not found: {out}"
out = ssh(["ip", "route", "get", "43::2"], stdout=subprocess.PIPE).stdout out = ssh(["ip", "route", "get", "43::2"], stdout=subprocess.PIPE).stdout
print(out) print(out)
assert "43::2 from :: dev" in out, f"route `43::2 from dev` not found: {out}" assert "43::2 from :: dev" in out, f"route `43::2 from dev` not found: {out}"

26
nix/latest-zfs-kernel.nix Normal file
View file

@ -0,0 +1,26 @@
{
lib,
pkgs,
config,
...
}:
let
isUnstable = config.boot.zfs.package == pkgs.zfsUnstable;
zfsCompatibleKernelPackages = lib.filterAttrs (
name: kernelPackages:
(builtins.match "linux_[0-9]+_[0-9]+" name) != null
&& (builtins.tryEval kernelPackages).success
&& (
(!isUnstable && !kernelPackages.zfs.meta.broken)
|| (isUnstable && !kernelPackages.zfs_unstable.meta.broken)
)
) pkgs.linuxKernel.packages;
latestKernelPackage = lib.last (
lib.sort (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) (builtins.attrValues zfsCompatibleKernelPackages)
);
in
{
# Note this might jump back and worth as kernel get added or removed.
boot.kernelPackages = latestKernelPackage;
}

View file

@ -0,0 +1,22 @@
{ pkgs, ... }:
{
systemd.services.log-network-status = {
wantedBy = [ "multi-user.target" ];
# No point in restarting this. We just need this after boot
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
StandardOutput = "journal+console";
ExecStart = [
# Allow failures, so it still prints what interfaces we have even if we
# not get online
"-${pkgs.systemd}/lib/systemd/systemd-networkd-wait-online"
"${pkgs.iproute2}/bin/ip -c addr"
"${pkgs.iproute2}/bin/ip -c -6 route"
"${pkgs.iproute2}/bin/ip -c -4 route"
"${pkgs.systemd}/bin/networkctl status"
];
};
};
}

View file

@ -3,6 +3,9 @@
imports = [ imports = [
(modulesPath + "/installer/netboot/netboot-minimal.nix") (modulesPath + "/installer/netboot/netboot-minimal.nix")
../installer.nix ../installer.nix
../networkd.nix
../serial.nix
../restore-remote-access.nix
]; ];
# We are stateless, so just default to latest. # We are stateless, so just default to latest.
@ -13,7 +16,7 @@
paths = with config.system.build; [ paths = with config.system.build; [
netbootRamdisk netbootRamdisk
kernel kernel
(pkgs.runCommand "kernel-params" {} '' (pkgs.runCommand "kernel-params" { } ''
mkdir -p $out mkdir -p $out
ln -s "${config.system.build.toplevel}/kernel-params" $out/kernel-params ln -s "${config.system.build.toplevel}/kernel-params" $out/kernel-params
ln -s "${config.system.build.toplevel}/init" $out/init ln -s "${config.system.build.toplevel}/init" $out/init
@ -25,9 +28,8 @@
matchConfig.Type = "ether"; matchConfig.Type = "ether";
networkConfig = { networkConfig = {
DHCP = "yes"; DHCP = "yes";
LLMNR = "yes";
EmitLLDP = "yes"; EmitLLDP = "yes";
IPv6AcceptRA = "no"; IPv6AcceptRA = "yes";
MulticastDNS = "yes"; MulticastDNS = "yes";
LinkLocalAddressing = "yes"; LinkLocalAddressing = "yes";
LLDP = "yes"; LLDP = "yes";

13
nix/networkd.nix Normal file
View file

@ -0,0 +1,13 @@
{ lib, ... }:
{
# Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable.
networking.firewall.enable = false;
networking.useNetworkd = true;
systemd.network.enable = true;
# mdns
networking.firewall.allowedUDPPorts = [ 5353 ];
systemd.network.networks."99-ethernet-default-dhcp".networkConfig.MulticastDNS = lib.mkDefault "yes";
systemd.network.networks."99-wireless-client-dhcp".networkConfig.MulticastDNS = lib.mkDefault "yes";
}

24
nix/nix-settings.nix Normal file
View file

@ -0,0 +1,24 @@
# take from srvos
{ lib, ... }:
{
# Fallback quickly if substituters are not available.
nix.settings.connect-timeout = 5;
# Enable flakes
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# The default at 10 is rarely enough.
nix.settings.log-lines = lib.mkDefault 25;
# Avoid disk full issues
nix.settings.max-free = lib.mkDefault (3000 * 1024 * 1024);
nix.settings.min-free = lib.mkDefault (512 * 1024 * 1024);
# TODO: cargo culted.
nix.daemonCPUSchedPolicy = lib.mkDefault "batch";
nix.daemonIOSchedClass = lib.mkDefault "idle";
nix.daemonIOSchedPriority = lib.mkDefault 7;
# Avoid copying unnecessary stuff over SSH
nix.settings.builders-use-substitutes = true;
}

71
nix/nixos-facter.nix Normal file
View file

@ -0,0 +1,71 @@
{
lib,
buildGoModule,
fetchFromGitHub,
hwinfo,
libusb1,
gcc,
pkg-config,
util-linux,
pciutils,
stdenv,
}:
let
# We are waiting on some changes to be merged upstream: https://github.com/openSUSE/hwinfo/pulls
hwinfoOverride = hwinfo.overrideAttrs {
src = fetchFromGitHub {
owner = "numtide";
repo = "hwinfo";
rev = "a559f34934098d54096ed2078e750a8245ae4044";
hash = "sha256-3abkWPr98qXXQ17r1Z43gh2M5hl/DHjW2hfeWl+GSAs=";
};
};
in
buildGoModule rec {
pname = "nixos-facter";
version = "0.1.1";
src = fetchFromGitHub {
owner = "numtide";
repo = "nixos-facter";
rev = "v${version}";
hash = "sha256-vlPmvCrgX64dcf//BPtQszBt7dkq35JpgQg+/LW0AqM=";
};
vendorHash = "sha256-5leiTNp3FJmgFd0SKhu18hxYZ2G9SuQPhZJjki2SDVs=";
CGO_ENABLED = 1;
buildInputs = [
libusb1
hwinfoOverride
];
nativeBuildInputs = [
gcc
pkg-config
];
runtimeInputs = [
libusb1
util-linux
pciutils
];
ldflags = [
"-s"
"-w"
"-X git.numtide.com/numtide/nixos-facter/build.Name=nixos-facter"
"-X git.numtide.com/numtide/nixos-facter/build.Version=v${version}"
"-X github.com/numtide/nixos-facter/pkg/build.System=${stdenv.hostPlatform.system}"
];
meta = {
description = "Declarative hardware configuration for NixOS";
homepage = "https://github.com/numtide/nixos-facter";
license = lib.licenses.gpl3Plus;
maintainers = [ lib.maintainers.brianmcgee ];
mainProgram = "nixos-facter";
platforms = lib.platforms.linux;
};
}

12
nix/no-bootloaders.nix Normal file
View file

@ -0,0 +1,12 @@
{ lib, ... }: {
# HACK: Drop this, once we have 24.11 everywhere
nixpkgs.overlays = lib.optionals (lib.versionOlder lib.version "24.11pre") [
# Both syslinux and grub also reference perl
(final: prev: {
# we don't need grub: save ~ 60MB
grub2 = prev.coreutils;
grub2_efi = prev.coreutils;
syslinux = prev.coreutils;
})
];
}

View file

@ -1,13 +1,25 @@
# This module optimizes for non-interactive deployments by remove some store paths # This module optimizes for non-interactive deployments by remove some store paths
# which are primarily useful for interactive installations. # which are primarily useful for interactive installations.
{ config, lib, pkgs, ... }: { { lib, pkgs, modulesPath, ... }:
{
disabledModules = [ disabledModules = [
# This module adds values to multiple lists (systemPackages, supportedFilesystems) # This module adds values to multiple lists (systemPackages, supportedFilesystems)
# which are impossible/unpractical to remove, so we disable the entire module. # which are impossible/unpractical to remove, so we disable the entire module.
"profiles/base.nix" "profiles/base.nix"
]; ];
imports = [
# ./zfs-minimal.nix
./no-bootloaders.nix
./python-minimal.nix
./noveau-workaround.nix
# reduce closure size by removing perl
"${modulesPath}/profiles/perlless.nix"
# FIXME: we still are left with nixos-generate-config due to nixos-install-tools
{ system.forbiddenDependenciesRegexes = lib.mkForce []; }
];
# among others, this prevents carrying a stdenv with gcc in the image # among others, this prevents carrying a stdenv with gcc in the image
system.extraDependencies = lib.mkForce [ ]; system.extraDependencies = lib.mkForce [ ];
@ -15,20 +27,32 @@
nix.registry = lib.mkForce { }; nix.registry = lib.mkForce { };
# would pull in nano # would pull in nano
programs.nano.syntaxHighlight = lib.mkForce false; programs.nano.enable = false;
# prevents nano, strace # prevents strace
environment.defaultPackages = lib.mkForce [ environment.defaultPackages = lib.mkForce [
pkgs.rsync pkgs.rsync
pkgs.parted pkgs.parted
(pkgs.zfs.override { pkgs.gptfdisk
# this overrides saves 10MB pkgs.e2fsprogs
samba = pkgs.coreutils;
})
]; ];
# normal users are not allowed with sys-users
# see https://github.com/NixOS/nixpkgs/pull/328926
users.users.nixos = {
isSystemUser = true;
isNormalUser = lib.mkForce false;
shell = "/run/current-system/sw/bin/bash";
group = "nixos";
};
users.groups.nixos = {};
# we prefer root as this is also what we use in nixos-anywhere
services.getty.autologinUser = lib.mkForce "root";
# we are missing this from base.nix # we are missing this from base.nix
boot.supportedFilesystems = [ boot.supportedFilesystems = [
"ext4"
"btrfs" "btrfs"
# probably not needed but does not seem to increase closure size # probably not needed but does not seem to increase closure size
"cifs" "cifs"
@ -41,15 +65,9 @@
"vfat" "vfat"
"xfs" "xfs"
]; ];
boot = { boot.kernelModules = [
kernelModules = [ "zfs" ]; # we have to explicitly enable this, otherwise it is not loaded even when creating a raid:
extraModulePackages = [ # https://github.com/nix-community/nixos-anywhere/issues/249
config.boot.kernelPackages.zfs "dm-raid"
]; ];
};
networking.hostId = lib.mkDefault "8425e349";
# we can drop this after 23.05 has been released, which has this set by default
hardware.enableRedistributableFirmware = lib.mkForce false;
} }

View file

@ -0,0 +1,4 @@
{
# fixes blank screen on boot for some cards
boot.kernelParams = [ "nouveau.modeset=0" ];
}

10
nix/python-minimal.nix Normal file
View file

@ -0,0 +1,10 @@
{
nixpkgs.overlays = [
(final: prev: {
bcachefs-tools = prev.bcachefs-tools.override { python3 = final.python3Minimal; };
cifs-utils = prev.cifs-utils.override { python3 = final.python3Minimal; };
nfs-utils = prev.nfs-utils.override { python3 = final.python3Minimal; };
talloc = prev.talloc.override { python3 = final.python3Minimal; };
})
];
}

View file

@ -0,0 +1,29 @@
{
# We have a bug in 23.11 in combination with netboot.
boot.initrd.systemd.enable = true;
boot.initrd.systemd.services.restore-state-from-initrd = {
unitConfig = {
DefaultDependencies = false;
RequiresMountsFor = "/sysroot /dev";
};
wantedBy = [ "initrd.target" ];
requiredBy = [ "rw-etc.service" ];
before = [ "rw-etc.service" ];
serviceConfig.Type = "oneshot";
# Restore ssh host and user keys if they are available.
# This avoids warnings of unknown ssh keys.
script = ''
mkdir -m 700 -p /sysroot/root/.ssh
mkdir -m 755 -p /sysroot/etc/ssh
mkdir -m 755 -p /sysroot/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /sysroot/root/.ssh
fi
install -m 400 ssh/ssh_host_* /sysroot/etc/ssh
cp *.json /sysroot/root/network/
if [[ -f machine-id ]]; then
cp machine-id /sysroot/etc/machine-id
fi
'';
};
}

11
nix/serial.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, lib, ... }:
{
# IPMI SOL console redirection stuff
boot.kernelParams =
[ "console=tty0" ]
++ (lib.optional (
pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64
) "console=ttyAMA0,115200")
++ (lib.optional (pkgs.stdenv.hostPlatform.isRiscV) "console=ttySIF0,115200")
++ [ "console=ttyS0,115200" ];
}

21
nix/zfs-minimal.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, lib, pkgs, ... }:
# incorperate a space-optimized version of zfs
let
zfs = pkgs.zfsUnstable.override {
# this overrides saves 10MB
samba = pkgs.coreutils;
python3 = pkgs.python3Minimal;
};
in
{
services.udev.packages = [ zfs ]; # to hook zvol naming, etc.
# unsure if need this, but in future udev rules could potentially point to systemd services.
systemd.packages = [ zfs ];
environment.defaultPackages = lib.mkForce [ zfs ]; # this merges with outer noninteractive module.
boot.kernelModules = [ "zfs" ];
boot.extraModulePackages = [ config.boot.kernelPackages.zfs_unstable ];
networking.hostId = lib.mkDefault "8425e349";
}