emily/nixos-images
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: emily:main
Branches Tags
emily:main
emily:nixos-bump
emily:non-interactive
emily:riscv64
emily:foo
emily:fix-ci
emily:staging
emily:netboot-installer-wip
emily:nixos-24.05
emily:assets
emily:nixos-23.11
emily:nixos-23.05
emily:nixos-22.11
emily:nixos-22.05
emily:nixos-21.11
emily:nixos-20.09
emily:nixos-21.05
emily:nixos-unstable
...
pull from: emily:riscv64
Branches Tags
emily:main
emily:nixos-bump
emily:non-interactive
emily:riscv64
emily:foo
emily:fix-ci
emily:staging
emily:netboot-installer-wip
emily:nixos-24.05
emily:assets
emily:nixos-23.11
emily:nixos-23.05
emily:nixos-22.11
emily:nixos-22.05
emily:nixos-21.11
emily:nixos-20.09
emily:nixos-21.05
emily:nixos-unstable

3 commits
main ... riscv64

Author SHA1 Message Date
Jörg Thalheim
65c6e9d432 disable risv64 on unstable for now 2024-06-27 08:35:30 +02:00
Jörg Thalheim
7582b40ce3 wip: upstream cross fix 2024-06-27 08:32:42 +02:00
Jörg Thalheim
2d72a425a2 add riscv64 kexec image 2024-06-27 08:32:24 +02:00
5 changed files with 115 additions and 47 deletions
Show stats Expand all files Collapse all files

2
README.md
View file

@ -36,7 +36,7 @@ integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations is also designed to be run from NixOS, which can be useful for new installations
## Iso installer images ## ISO installer images
This image allows to boot a NixOS installer off a USB-Stick. This image allows to boot a NixOS installer off a USB-Stick.
This installer has been optimized for remote installation i.e. This installer has been optimized for remote installation i.e.

12
flake.lock
View file

@ -18,16 +18,16 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1719412806, "lastModified": 1719456624,
"narHash": "sha256-C3gUNdFDAWrP6glCCo+MXrrAoAyHi1Zdvlgs1Awqpv8=", "narHash": "sha256-j0iox16+eMO2ptZ/IfM57R/1OpnPu0H03wXwggmLBfg=",
"owner": "NixOS", "owner": "jmbaur",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "af796de7d1e6bbda6049a3732ff881b3ad518b6b", "rev": "560cd874a37396968aea0bd9abc54fb1122424b7",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "jmbaur",
"ref": "nixos-unstable-small", "ref": "etc-overlay-cross",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

96
flake.nix
View file

@ -1,24 +1,44 @@
{ {
description = "NixOS images"; description = "NixOS images";
inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; #inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
inputs.nixos-unstable.url = "github:jmbaur/nixpkgs/etc-overlay-cross";
inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05"; inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ]; nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];
nixConfig.extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ]; nixConfig.extra-trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
outputs = { self, nixos-unstable, nixos-stable }: outputs =
let
supportedSystems = [ "aarch64-linux" "x86_64-linux" ];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
in
{ {
packages = forAllSystems (system: self,
nixos-unstable,
nixos-stable,
}:
let
supportedSystems = [
"aarch64-linux"
"x86_64-linux"
];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
packages = forAllSystems (
system:
let let
netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system}; netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system};
kexec-installer = nixpkgs: modules: (nixpkgs.legacyPackages.${system}.nixos (modules ++ [ self.nixosModules.kexec-installer ])).config.system.build.kexecTarball; kexec-installer =
netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ]).config.system.build.netboot; nixpkgs: modules:
image-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ]).config.system.build.isoImage; (nixpkgs.legacyPackages.${system}.nixos (modules ++ [ self.nixosModules.kexec-installer ]))
.config.system.build.kexecTarball;
netboot-installer =
nixpkgs:
(nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ])
.config.system.build.netboot;
image-installer =
nixpkgs:
(nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ])
.config.system.build.isoImage;
in in
{ {
netboot-nixos-unstable = netboot nixos-unstable; netboot-nixos-unstable = netboot nixos-unstable;
@ -30,21 +50,41 @@
image-installer-nixos-stable = image-installer nixos-stable; image-installer-nixos-stable = image-installer nixos-stable;
kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [ kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [
{ { system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
}
self.nixosModules.noninteractive self.nixosModules.noninteractive
]; ];
kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable [ kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable [
{ { system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
}
self.nixosModules.noninteractive self.nixosModules.noninteractive
]; ];
netboot-installer-nixos-unstable = netboot-installer nixos-unstable; netboot-installer-nixos-unstable = netboot-installer nixos-unstable;
netboot-installer-nixos-stable = netboot-installer nixos-stable; netboot-installer-nixos-stable = netboot-installer nixos-stable;
}); }
);
crossPackages = {
x86_64-linux =
let
kexec-installer =
nixpkgs: modules:
(nixpkgs.legacyPackages.x86_64-linux.pkgsCross.riscv64.nixos (
modules
++ [
self.nixosModules.kexec-installer
self.nixosModules.noninteractive
]
)).config.system.build.kexecTarball;
in
{
kexec-installer-nixos-unstable-noninteractive-riscv64 = kexec-installer nixos-unstable [ ];
# needs a backport to nixpkgs-24.05
#kexec-installer-nixos-stable-noninteractive-riscv64 = kexec-installer nixos-stable [ ];
};
};
in
{
packages = nixos-unstable.lib.recursiveUpdate packages crossPackages;
nixosModules = { nixosModules = {
kexec-installer = ./nix/kexec-installer/module.nix; kexec-installer = ./nix/kexec-installer/module.nix;
noninteractive = ./nix/noninteractive.nix; noninteractive = ./nix/noninteractive.nix;
@ -55,7 +95,12 @@
checks = checks =
let let
# re-export the packages as checks # re-export the packages as checks
packages = forAllSystems (system: nixos-unstable.lib.mapAttrs' (n: nixos-unstable.lib.nameValuePair "package-${n}") self.packages.${system}); packages = forAllSystems (
system:
nixos-unstable.lib.mapAttrs' (
n: nixos-unstable.lib.nameValuePair "package-${n}"
) self.packages.${system}
);
checks = checks =
let let
pkgs = nixos-unstable.legacyPackages.x86_64-linux; pkgs = nixos-unstable.legacyPackages.x86_64-linux;
@ -64,16 +109,13 @@
kexec-installer-unstable = pkgs.callPackage ./nix/kexec-installer/test.nix { kexec-installer-unstable = pkgs.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-unstable-noninteractive; kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-unstable-noninteractive;
}; };
shellcheck = pkgs.runCommand "shellcheck" shellcheck = pkgs.runCommand "shellcheck" { nativeBuildInputs = [ pkgs.shellcheck ]; } ''
{ shellcheck ${(pkgs.nixos [ self.nixosModules.kexec-installer ]).config.system.build.kexecRun}
nativeBuildInputs = [ pkgs.shellcheck ];
} ''
shellcheck ${(pkgs.nixos [self.nixosModules.kexec-installer]).config.system.build.kexecRun}
touch $out touch $out
''; '';
kexec-installer-stable = nixos-stable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix { kexec-installer-stable =
kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-stable-noninteractive; nixos-stable.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix
}; { kexecTarball = self.packages.x86_64-linux.kexec-installer-nixos-stable-noninteractive; };
}; };
in in
nixos-unstable.lib.recursiveUpdate packages { x86_64-linux = checks; }; nixos-unstable.lib.recursiveUpdate packages { x86_64-linux = checks; };

49
nix/kexec-installer/module.nix
View file

@ -1,10 +1,33 @@
{ config, lib, modulesPath, pkgs, ... }: {
config,
lib,
modulesPath,
pkgs,
...
}:
let let
restore-network = pkgs.writers.writePython3 "restore-network" { flakeIgnore = [ "E501" ]; } restore-network = pkgs.writers.writePython3 "restore-network" {
./restore_routes.py; flakeIgnore = [ "E501" ];
} ./restore_routes.py;
# does not link with iptables enabled # does not link with iptables enabled
iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; }; iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };
kexec-tools = pkgs.pkgsStatic.kexec-tools.overrideAttrs (old: {
patches = old.patches ++ [
(pkgs.fetchpatch {
url = "https://marc.info/?l=kexec&m=166636009110699&q=mbox";
hash = "sha256-wi0/Ajy/Ac+7npKEvDsMzgNhEWhOMFeoUWcpgGrmVDc=";
})
];
nativeBuildInputs = (old.nativeBuildInputs or []) ++ [
pkgs.pkgsStatic.buildPackages.autoreconfHook
];
meta = old.meta // {
badPlatforms = [ ]; # allow riscv64
};
});
in in
{ {
imports = [ imports = [
@ -27,23 +50,25 @@ in
config = { config = {
# This is a variant of the upstream kexecScript that also allows embedding # This is a variant of the upstream kexecScript that also allows embedding
# a ssh key. # a ssh key.
system.build.kexecRun = pkgs.runCommand "kexec-run" { } '' system.build.kexecRun =
install -D -m 0755 ${./kexec-run.sh} $out pkgs.runCommand "kexec-run" { nativeBuildInputs = [ pkgs.buildPackages.shellcheck ]; }
''
install -D -m 0755 ${./kexec-run.sh} $out
sed -i \ sed -i \
-e 's|@init@|${config.system.build.toplevel}/init|' \ -e 's|@init@|${config.system.build.toplevel}/init|' \
-e 's|@kernelParams@|${lib.escapeShellArgs config.boot.kernelParams}|' \ -e 's|@kernelParams@|${lib.escapeShellArgs config.boot.kernelParams}|' \
$out $out
${pkgs.shellcheck}/bin/shellcheck $out shellcheck $out
''; '';
system.build.kexecTarball = pkgs.runCommand "kexec-tarball" { } '' system.build.kexecTarball = pkgs.runCommand "kexec-tarball" { } ''
mkdir kexec $out mkdir kexec $out
cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd cp "${config.system.build.netbootRamdisk}/initrd" kexec/initrd
cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage cp "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}" kexec/bzImage
cp "${config.system.build.kexecRun}" kexec/run cp "${config.system.build.kexecRun}" kexec/run
cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" kexec/kexec cp "${kexec-tools}/bin/kexec" kexec/kexec
cp "${iprouteStatic}/bin/ip" kexec/ip cp "${iprouteStatic}/bin/ip" kexec/ip
${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) '' ${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) ''
kexec/ip -V kexec/ip -V

3
nix/zfs-minimal.nix
View file

@ -5,8 +5,9 @@ let
# this overrides saves 10MB # this overrides saves 10MB
samba = pkgs.coreutils; samba = pkgs.coreutils;
}; };
hasZfs = lib.meta.availableOn pkgs.stdenv.hostPlatform config.boot.zfs.package;
in in
{ lib.mkIf hasZfs {
services.udev.packages = [ zfs ]; # to hook zvol naming, etc. services.udev.packages = [ zfs ]; # to hook zvol naming, etc.
# unsure if need this, but in future udev rules could potentially point to systemd services. # unsure if need this, but in future udev rules could potentially point to systemd services.
systemd.packages = [ zfs ]; systemd.packages = [ zfs ];