Compare commits

..

293 commits

Author SHA1 Message Date
1d4c4b7f6f
feat: add riscv64-linux image
Some checks failed
Build / images (nscloud-ubuntu-22.04-arm64-4x16, nixos-24.05) (push) Has been cancelled
Build / images (nscloud-ubuntu-22.04-arm64-4x16, nixos-unstable) (push) Has been cancelled
Build / images (ubuntu-latest, nixos-24.05) (push) Has been cancelled
Build / images (ubuntu-latest, nixos-unstable) (push) Has been cancelled
2024-10-23 21:46:19 +02:00
github-actions[bot]
a5fbf34b25 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/c0b1da36f7c34a7146501f684e9ebdf15d2bebf8?narHash=sha256-WLxED18lodtQiayIPDE5zwAfkPJSjHJ35UhZ8h3cJUg%3D' (2024-10-14)
  → 'github:NixOS/nixpkgs/4eb33fe664af7b41a4c446f87d20c9a0a6321fa3?narHash=sha256-LDiPhQ3l%2BfBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I%3D' (2024-10-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/8f1d45587bd9af3dbf5146aa8a1347e20421597b?narHash=sha256-6sIuRVqVMHq9ZwcEVdpf2BuZeuLIUgvFznhIfsc75Jo%3D' (2024-10-16)
  → 'github:NixOS/nixpkgs/e3f55158e7587c5a5fdb0e86eb7ca4f455f0928f?narHash=sha256-3GNZr0V4b19RZ5mlyiY/4F8N2pzitvjDU6aHMWjAqLI%3D' (2024-10-20)
2024-10-21 01:29:42 +00:00
github-actions[bot]
3103f26e06 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077?narHash=sha256-u%2BrxA79a0lyhG%2Bu%2BoPBRtTDtzz8kvkc9a6SWSt9ekVc%3D' (2024-10-12)
  → 'github:NixOS/nixpkgs/c0b1da36f7c34a7146501f684e9ebdf15d2bebf8?narHash=sha256-WLxED18lodtQiayIPDE5zwAfkPJSjHJ35UhZ8h3cJUg%3D' (2024-10-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/73057677e8557925e999ac54196423fa34418c24?narHash=sha256-CfPKX2yaHwTOpGqcul89N12zjRfZ8GOSxG24/Ao9BcQ%3D' (2024-10-13)
  → 'github:NixOS/nixpkgs/8f1d45587bd9af3dbf5146aa8a1347e20421597b?narHash=sha256-6sIuRVqVMHq9ZwcEVdpf2BuZeuLIUgvFznhIfsc75Jo%3D' (2024-10-16)
2024-10-17 01:03:56 +00:00
github-actions[bot]
2ae5d8c1d9 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c?narHash=sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo%3D' (2024-10-07)
  → 'github:NixOS/nixpkgs/a3f9ad65a0bf298ed5847629a57808b97e6e8077?narHash=sha256-u%2BrxA79a0lyhG%2Bu%2BoPBRtTDtzz8kvkc9a6SWSt9ekVc%3D' (2024-10-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7?narHash=sha256-9UTxR8eukdg%2BXZeHgxW5hQA9fIKHsKCdOIUycTryeVw%3D' (2024-10-09)
  → 'github:NixOS/nixpkgs/73057677e8557925e999ac54196423fa34418c24?narHash=sha256-CfPKX2yaHwTOpGqcul89N12zjRfZ8GOSxG24/Ao9BcQ%3D' (2024-10-13)
2024-10-14 01:06:52 +00:00
Jörg Thalheim
74da633144
Merge pull request #296 from nix-community/disko-installer
add disko to all installer
2024-10-12 11:04:13 +02:00
Jörg Thalheim
dccb43ecc4 bump nixos-facter to 0.1.1 2024-10-12 10:51:15 +02:00
Jörg Thalheim
9892aba986 don't allow anonymous nixos modules
we always want _file
2024-10-12 10:50:42 +02:00
Jörg Thalheim
a20142faf9 add disko to all installer
Since disko is just some shell scripts it's comparable small and we can
easily embed this everywhere.
We can make use of this in our NixOS tutorials by providing nicer
images.
2024-10-12 10:50:17 +02:00
github-actions[bot]
d489f41dfa flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/ecbc1ca8ffd6aea8372ad16be9ebbb39889e55b6?narHash=sha256-PbDWAIjKJdlVg%2BqQRhzdSor04bAPApDqIv2DofTyynk%3D' (2024-10-06)
  → 'github:NixOS/nixpkgs/1bfbbbe5bbf888d675397c66bfdb275d0b99361c?narHash=sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo%3D' (2024-10-07)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ff0da78cfd41aa1784910ce1fea89119822013ce?narHash=sha256-E9JaDKGi21oUypH0P9881lbkhi6USNJ6XL2tFzU5uuE%3D' (2024-10-06)
  → 'github:NixOS/nixpkgs/5633bcff0c6162b9e4b5f1264264611e950c8ec7?narHash=sha256-9UTxR8eukdg%2BXZeHgxW5hQA9fIKHsKCdOIUycTryeVw%3D' (2024-10-09)
2024-10-10 01:04:07 +00:00
dependabot[bot]
88409f19c7 build(deps): bump cachix/install-nix-action from 29 to 30
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 29 to 30.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v29...v30)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-07 10:30:16 +00:00
github-actions[bot]
f63f58eecb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/1719f27dd95fd4206afb9cec9f415b539978827e?narHash=sha256-9/79hjQc9%2BxyH%2BQxeMcRsA6hDyw6Z9Eo1/oxjvwirLk%3D' (2024-09-30)
  → 'github:NixOS/nixpkgs/ecbc1ca8ffd6aea8372ad16be9ebbb39889e55b6?narHash=sha256-PbDWAIjKJdlVg%2BqQRhzdSor04bAPApDqIv2DofTyynk%3D' (2024-10-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/35d02934a17a4fdc53a8857826ed35f3694e5f1c?narHash=sha256-%2Bt0jCdN1AFWLpi%2BXwHK4r/Jp%2BpJfo9ePHIy%2B4/BUCI4%3D' (2024-10-02)
  → 'github:NixOS/nixpkgs/ff0da78cfd41aa1784910ce1fea89119822013ce?narHash=sha256-E9JaDKGi21oUypH0P9881lbkhi6USNJ6XL2tFzU5uuE%3D' (2024-10-06)
2024-10-07 01:39:04 +00:00
github-actions[bot]
c6d733b5cb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed?narHash=sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8%3D' (2024-09-28)
  → 'github:NixOS/nixpkgs/1719f27dd95fd4206afb9cec9f415b539978827e?narHash=sha256-9/79hjQc9%2BxyH%2BQxeMcRsA6hDyw6Z9Eo1/oxjvwirLk%3D' (2024-09-30)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/b5c4f45cfcaa5a44632c7119922987e131249cd2?narHash=sha256-3BhOfmcg9Pxjm/kU%2BIVYe76CvHL6zArK9ktlCJeP06E%3D' (2024-09-29)
  → 'github:NixOS/nixpkgs/35d02934a17a4fdc53a8857826ed35f3694e5f1c?narHash=sha256-%2Bt0jCdN1AFWLpi%2BXwHK4r/Jp%2BpJfo9ePHIy%2B4/BUCI4%3D' (2024-10-02)
2024-10-03 01:03:38 +00:00
dependabot[bot]
ab9c837ddc build(deps): bump cachix/install-nix-action from V28 to 29
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V28 to 29. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V28...v29)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-30 10:03:47 +00:00
github-actions[bot]
13ea1c6669 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/944b2aea7f0a2d7c79f72468106bc5510cbf5101?narHash=sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM%3D' (2024-09-20)
  → 'github:NixOS/nixpkgs/fbca5e745367ae7632731639de5c21f29c8744ed?narHash=sha256-40J9tW7Y794J7Uw4GwcAKlMxlX2xISBl6IBigo83ih8%3D' (2024-09-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/179b6bce21525a3a9e725c08e6ed58d56da74825?narHash=sha256-bj9ch2QIF8jqBlPOVRnJygy1K7yWtvh8Lf7I/rsqG3A%3D' (2024-09-22)
  → 'github:NixOS/nixpkgs/b5c4f45cfcaa5a44632c7119922987e131249cd2?narHash=sha256-3BhOfmcg9Pxjm/kU%2BIVYe76CvHL6zArK9ktlCJeP06E%3D' (2024-09-29)
2024-09-30 01:06:01 +00:00
Jörg Thalheim
acd37edb64 nixos-facter: switch back to main 2024-09-26 17:10:53 +00:00
Jörg Thalheim
3e7978bab1
Merge pull request #287 from nix-community/nixos-facter
package nixos-facter for stable as well
2024-09-26 18:13:33 +02:00
Jörg Thalheim
eb2ad6029e drop nixlibs from test 2024-09-26 17:58:34 +02:00
Jörg Thalheim
74909c85db package nixos-facter for stable as well 2024-09-26 17:28:28 +02:00
Jörg Thalheim
65d9487002
Merge pull request #285 from nix-community/nixos-facter
fix python3 overrides
2024-09-24 22:39:06 +02:00
mergify[bot]
13b54e8e22
Merge branch 'main' into nixos-facter 2024-09-24 20:35:34 +00:00
Jörg Thalheim
f4b3c682cf kexec: switch to xz compressor for initrd 2024-09-24 22:34:07 +02:00
Jörg Thalheim
d8293de5be fix python3 overrides 2024-09-24 22:27:56 +02:00
Jörg Thalheim
debda57e91
Merge pull request #284 from nix-community/nixos-facter
kexec: Save more space by using python3 minimal
2024-09-24 21:59:25 +02:00
Jörg Thalheim
881fad4fe0 save more space by using python3 minimal 2024-09-24 21:55:47 +02:00
Jörg Thalheim
8650b1df8f actually including nixos-facter + nixos test 2024-09-24 16:12:56 +00:00
github-actions[bot]
1420644027 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/086b448a5d54fd117f4dc2dee55c9f0ff461bdc1?narHash=sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ%3D' (2024-09-16)
  → 'github:NixOS/nixpkgs/944b2aea7f0a2d7c79f72468106bc5510cbf5101?narHash=sha256-NmcVhGElxDbmEWzgXsyAjlRhUus/nEqPC5So7BOJLUM%3D' (2024-09-20)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e88358265511d3a73b30dc6e4c15579844b35280?narHash=sha256-k/Ojv%2BMUDKUbj8JPd1MulJrf5BVz3jIUfrreMHbeTBE%3D' (2024-09-20)
  → 'github:NixOS/nixpkgs/179b6bce21525a3a9e725c08e6ed58d56da74825?narHash=sha256-bj9ch2QIF8jqBlPOVRnJygy1K7yWtvh8Lf7I/rsqG3A%3D' (2024-09-22)
2024-09-23 01:30:34 +00:00
Jörg Thalheim
776ee2484d
Merge pull request #281 from nix-community/zfs-latest
installer: add our own latestZfsCompatibleLinuxPackages
2024-09-22 17:59:21 +02:00
Jörg Thalheim
4de5aac8e9 improve selecting latest zfs kernel 2024-09-22 17:57:34 +02:00
Jörg Thalheim
4e105478ce installer: add our own latestZfsCompatibleLinuxPackages 2024-09-20 18:51:33 +02:00
Jörg Thalheim
830790e801 drop repl-flake feature 2024-09-20 10:41:39 +00:00
github-actions[bot]
8660853a74 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/8f7492cce28977fbf8bd12c72af08b1f6c7c3e49?narHash=sha256-RuVXUwcYwaUeks6h3OLrEmg14z9aFXdWppTWPMTwdQw%3D' (2024-09-14)
  → 'github:NixOS/nixpkgs/086b448a5d54fd117f4dc2dee55c9f0ff461bdc1?narHash=sha256-2yV8nmYE1p9lfmLHhOCbYwQC/W8WYfGQABoGzJOb1JQ%3D' (2024-09-16)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/513193ba87b70f4d4e4d892f43fac30af286861b?narHash=sha256-mDxHh5vQyBTjNKkp%2Bl1/WL6cEDOjxyEQxv2c%2Bdnw8Fg%3D' (2024-09-17)
  → 'github:NixOS/nixpkgs/75ac2a58e988a346960938ab16cea903a3cb053a?narHash=sha256-SiiWCVg/W8i6jvpgQj3NNd3YtV%2Bjfnn/t3Za7hfn1iE%3D' (2024-09-18)
2024-09-20 10:41:39 +00:00
Jörg Thalheim
6ccd248715
Merge pull request #280 from nix-community/mergify/zowoq/config-update
ci(Mergify): configuration update
2024-09-20 09:30:36 +02:00
zowoq
1d01357c59 ci(Mergify): configuration update
Signed-off-by: null <null>
2024-09-20 13:04:54 +10:00
Jörg Thalheim
9e7834cc3c
Merge pull request #278 from nix-community/nixos-facter
add nixos-facter to installer
2024-09-18 17:53:23 +02:00
Jörg Thalheim
dd5f75eec3 add boot tests for iso 2024-09-18 17:39:45 +02:00
Jörg Thalheim
28d4a57b3a add boot tests for iso image 2024-09-18 17:39:45 +02:00
Jörg Thalheim
8e077ae20b kexec-installer: use pkgs.testers to define test 2024-09-18 17:39:45 +02:00
Jörg Thalheim
41eb99f3cc remove obsolete garnix.yaml 2024-09-18 17:39:45 +02:00
Jörg Thalheim
0bd625f4eb add nixos-facter to installer 2024-09-18 17:39:45 +02:00
Jörg Thalheim
770a010bb7 fix ext4 support 2024-09-16 12:10:30 +00:00
dependabot[bot]
fcebbac471 build(deps): bump cachix/install-nix-action from V27 to 28
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from V27 to 28. This release includes the previously tagged commit.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/V27...V28)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 10:22:15 +00:00
dependabot[bot]
e1478b5b78 build(deps): bump DeterminateSystems/update-flake-lock from 23 to 24
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 23 to 24.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v23...v24)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-16 10:20:57 +00:00
zowoq
912b7dd7fb flake: unpin stable 2024-09-16 08:55:00 +00:00
Jörg Thalheim
51c98a9f32
Merge pull request #273 from usama8800/dev
Add requirement in README for secure boot off
2024-09-07 18:36:08 +02:00
Usama Ahsan
64c8ec1671
Update README.md 2024-09-07 10:27:29 +05:00
github-actions[bot]
1326aa0570 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/66a352a3f27a2eb2f27e42a13c6fe245d3be2b98?narHash=sha256-xXINAjCR8eTmp3AxZTk/PIH9nNoFNN0OM7MUw6eB7oQ%3D' (2024-09-02)
  → 'github:NixOS/nixpkgs/9b40840066f93767bb528810ea7dc9caacd8997f?narHash=sha256-YWbVeDERbIHAEQCtDtUunHYUNH31ReIdJIP8juXfdpM%3D' (2024-09-04)
2024-09-05 01:00:06 +00:00
Jörg Thalheim
e8b6d35f6e
Merge pull request #272 from nix-community/dhcp
Better dhcp support
2024-09-03 11:49:40 +02:00
Jörg Thalheim
b81c6e0ace default to root for autologin in nixos kexec image 2024-09-03 11:35:40 +02:00
Jörg Thalheim
23f987d2af add workaround for nvidia 2024-09-03 11:03:51 +02:00
Jörg Thalheim
b1e43cae8b add script to gets network restore locally 2024-09-03 09:56:08 +02:00
Jörg Thalheim
46cd291c60 avoid toplevel python script in nix-store
this will trigger a os.listdir() on the nix-store
2024-09-03 09:53:47 +02:00
Jörg Thalheim
db9119b88a try to restore previous ip lease 2024-09-03 09:53:47 +02:00
Jörg Thalheim
c89ec7f957 restore-routes: just join list once with newlines 2024-09-03 09:53:47 +02:00
Jörg Thalheim
73910674dc restore-routes: introduce more type-safety and split up networkd unit generation 2024-09-03 09:53:47 +02:00
Jörg Thalheim
d39dd6fb61 fix zfs on stable 2024-09-03 06:21:28 +00:00
github-actions[bot]
b733f0680a flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/4a92571f9207810b559c9eac203d1f4d79830073?narHash=sha256-%2BCHVZnTnIYRLYsARInHYoWkujzcRkLY/gXm3s5bE52o%3D' (2024-08-13)
  → 'github:NixOS/nixpkgs/c3d4ac725177c030b1e289015989da2ad9d56af0?narHash=sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz%2BNG82pbdg%3D' (2024-08-15)
2024-08-19 00:55:34 +00:00
Jörg Thalheim
3e26bd9675 kexec-installer/test: remove deprecated routeconfig 2024-08-16 11:20:59 +00:00
Jörg Thalheim
8e24c42f09 installer: enable bcachefs support 2024-08-16 10:59:48 +00:00
Jörg Thalheim
46004f0663 bump nixos-unstable 2024-08-16 10:59:48 +00:00
Jörg Thalheim
077b2d2621 switch to zfsUnstable 2024-08-16 10:59:48 +00:00
github-actions[bot]
ae3cc85763 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a781ff33ae258bbcfd4ed6e673860c3e923bf2cc?narHash=sha256-oTK91aOlA/4IsjNAZGMEBz7Sq1zBS0Ltu4/nIQdYDOg%3D' (2024-08-10)
  → 'github:NixOS/nixpkgs/4a92571f9207810b559c9eac203d1f4d79830073?narHash=sha256-%2BCHVZnTnIYRLYsARInHYoWkujzcRkLY/gXm3s5bE52o%3D' (2024-08-13)
2024-08-15 00:53:12 +00:00
github-actions[bot]
9b5fc2fcca flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/883180e6550c1723395a3a342f830bfc5c371f6b?narHash=sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU%3D' (2024-08-05)
  → 'github:NixOS/nixpkgs/a781ff33ae258bbcfd4ed6e673860c3e923bf2cc?narHash=sha256-oTK91aOlA/4IsjNAZGMEBz7Sq1zBS0Ltu4/nIQdYDOg%3D' (2024-08-10)
2024-08-12 00:55:48 +00:00
github-actions[bot]
617f2cb562 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51?narHash=sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj%2BFLI0KfybBeDU0%3D' (2024-08-03)
  → 'github:NixOS/nixpkgs/883180e6550c1723395a3a342f830bfc5c371f6b?narHash=sha256-7ojM1KSk3mzutD7SkrdSflHXEujPvW1u7QuqWoTLXQU%3D' (2024-08-05)
2024-08-08 01:09:57 +00:00
github-actions[bot]
89f487508f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/cf05eeada35e122770c5c14add958790fcfcbef5?narHash=sha256-B2xRiC3NEJy/82ugtareBkRqEkPGpMyjaLxaR8LBxNs%3D' (2024-07-30)
  → 'github:NixOS/nixpkgs/a633d89c6dc9a2a8aae11813a62d7c58b2c0cc51?narHash=sha256-IRiJA0NVAoyaZeKZluwfb2DoTpBAj%2BFLI0KfybBeDU0%3D' (2024-08-03)
2024-08-05 01:00:15 +00:00
Jörg Thalheim
6dd73e10d7 noninteractive: simplify the nixos user creation 2024-08-02 08:38:17 +00:00
Jörg Thalheim
78065dbf9f fix sysusers in noninteractive case 2024-08-02 08:31:04 +00:00
Jörg Thalheim
907bd49df1
Merge pull request #257 from nix-community/perlless
move perlless profile to noninteractive profile
2024-07-22 06:13:11 +02:00
github-actions[bot]
c39215fd04 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c9ed026def59fe978203a2b28eccdbaa7e5fadc9?narHash=sha256-aE4vMfHfpX6KP9VWqVdXtoDUlvFR34wEIjqsqnKrVdY%3D' (2024-07-21)
  → 'github:NixOS/nixpkgs/4cc8b29327bed3d52b40041f810f49734298af46?narHash=sha256-jfF4gpRUpTBY2OxDB0FRySsgNGOiuDckEtu7YDQom3Y%3D' (2024-07-21)
2024-07-22 01:02:27 +00:00
Jörg Thalheim
067aa8908b move perlless profile to noninteractive profile
this borked our iso
2024-07-21 19:09:29 +02:00
github-actions[bot]
accee00573 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/53e81e790209e41f0c1efa9ff26ff2fd7ab35e27?narHash=sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/0c53b6b8c2a3e46c68e04417e247bba660689c9d?narHash=sha256-b6PLr0Ty7JPDBtJtjnYzlBf02bbH9alWMAgispMkTwk%3D' (2024-07-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7edc243443b44444eba596557de03ee52beca2eb?narHash=sha256-aOiSBcftoGye0spDdIylZE6TVTo7C/B4atYH25tSemQ%3D' (2024-07-17)
  → 'github:NixOS/nixpkgs/c9ed026def59fe978203a2b28eccdbaa7e5fadc9?narHash=sha256-aE4vMfHfpX6KP9VWqVdXtoDUlvFR34wEIjqsqnKrVdY%3D' (2024-07-21)
2024-07-21 14:17:25 +00:00
name_snrl
5b9bbfc570 fix ipv4 via ipv6 route
fix #230
2024-07-19 18:05:11 +00:00
github-actions[bot]
109c0704a1 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/f12ee5f64c6a09995e71c9626d88c4efa983b488?narHash=sha256-FZ5dnrvKkln9ESdoTR8R7GKW9rNpXNZrxGsOXsbsTpE%3D' (2024-07-12)
  → 'github:NixOS/nixpkgs/53e81e790209e41f0c1efa9ff26ff2fd7ab35e27?narHash=sha256-1mEKHp4m9brvfQ0rjCca8P1WHpymK3TOr3v34ydv9bs%3D' (2024-07-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
  → 'github:NixOS/nixpkgs/7edc243443b44444eba596557de03ee52beca2eb?narHash=sha256-aOiSBcftoGye0spDdIylZE6TVTo7C/B4atYH25tSemQ%3D' (2024-07-17)
2024-07-18 01:01:00 +00:00
github-actions[bot]
299e5f2838 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/249fbde2a178a2ea2638b65b9ecebd531b338cf9?narHash=sha256-IXMiHQMtdShDXcBW95ctA%2Bm5Oq2kLxnBt7WlMxvDQXA%3D' (2024-07-09)
  → 'github:NixOS/nixpkgs/f12ee5f64c6a09995e71c9626d88c4efa983b488?narHash=sha256-FZ5dnrvKkln9ESdoTR8R7GKW9rNpXNZrxGsOXsbsTpE%3D' (2024-07-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e01511309fe8b0432aa58a547365e51d5a3ecf85?narHash=sha256-UONPcQR2r0voopd6pcNFmUv7p4TJPeAXzwnqWmaPujw%3D' (2024-07-10)
  → 'github:NixOS/nixpkgs/0af9d835c27984b3265145f8e3cbc6c153479196?narHash=sha256-if0qaFmAe8X01NsVRK5e9Asg9mEWVkHrA9WuqM5jB70%3D' (2024-07-14)
2024-07-15 01:28:46 +00:00
github-actions[bot]
5eddae0afb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/49ee0e94463abada1de470c9c07bfc12b36dcf40?narHash=sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN%2BMXpA%3D' (2024-07-06)
  → 'github:NixOS/nixpkgs/249fbde2a178a2ea2638b65b9ecebd531b338cf9?narHash=sha256-IXMiHQMtdShDXcBW95ctA%2Bm5Oq2kLxnBt7WlMxvDQXA%3D' (2024-07-09)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/60a94e515488e335bd5bce096431d490486915e3?narHash=sha256-iVLH0Ygtw/Iw9Q1cFFX7OhNnoPbc7/ZWW6J3c0zbiZw%3D' (2024-07-07)
  → 'github:NixOS/nixpkgs/e01511309fe8b0432aa58a547365e51d5a3ecf85?narHash=sha256-UONPcQR2r0voopd6pcNFmUv7p4TJPeAXzwnqWmaPujw%3D' (2024-07-10)
2024-07-11 01:02:37 +00:00
github-actions[bot]
b3c5b81c0c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/706eef542dec88cc0ed25b9075d3037564b2d164?narHash=sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4%3D' (2024-07-02)
  → 'github:NixOS/nixpkgs/49ee0e94463abada1de470c9c07bfc12b36dcf40?narHash=sha256-WrDV0FPMVd2Sq9hkR5LNHudS3OSMmUrs90JUTN%2BMXpA%3D' (2024-07-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/88f3dab52d2cc42945f70f4e84c4505dedaa377d?narHash=sha256-TLiEulaY4I%2BvwaJIHQXASVQva%2B2nepaziUomigYY9%2B0%3D' (2024-07-03)
  → 'github:NixOS/nixpkgs/60a94e515488e335bd5bce096431d490486915e3?narHash=sha256-iVLH0Ygtw/Iw9Q1cFFX7OhNnoPbc7/ZWW6J3c0zbiZw%3D' (2024-07-07)
2024-07-08 01:39:12 +00:00
github-actions[bot]
f8650460d3 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/89c49874fb15f4124bf71ca5f42a04f2ee5825fd?narHash=sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4%3D' (2024-06-26)
  → 'github:NixOS/nixpkgs/706eef542dec88cc0ed25b9075d3037564b2d164?narHash=sha256-nNJHJ9kfPdzYsCOlHOnbiiyKjZUW5sWbwx3cakg3/C4%3D' (2024-07-02)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e6cdd8a11b26b4d60593733106042141756b54a3?narHash=sha256-mXkOj9sJ0f69Nkc2dGGOWtof9d1YNY8Le/Hia3RN%2B8Q%3D' (2024-06-30)
  → 'github:NixOS/nixpkgs/88f3dab52d2cc42945f70f4e84c4505dedaa377d?narHash=sha256-TLiEulaY4I%2BvwaJIHQXASVQva%2B2nepaziUomigYY9%2B0%3D' (2024-07-03)
2024-07-04 01:03:44 +00:00
dependabot[bot]
7485eb94d1 build(deps): bump DeterminateSystems/update-flake-lock from 22 to 23
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 22 to 23.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v22...v23)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-07-01 10:09:38 +00:00
github-actions[bot]
3e7838f1d2 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/fc07dc3bdf2956ddd64f24612ea7fc894933eb2e?narHash=sha256-A/76RFUVxZ/7Y8%2BOMVL1Lc8LRhBxZ8ZE2bpMnvZ1VpY%3D' (2024-06-24)
  → 'github:NixOS/nixpkgs/89c49874fb15f4124bf71ca5f42a04f2ee5825fd?narHash=sha256-yJL9VYQhaRM7xs0M867ZFxwaONB9T2Q4LnGo1WovuR4%3D' (2024-06-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/af796de7d1e6bbda6049a3732ff881b3ad518b6b?narHash=sha256-C3gUNdFDAWrP6glCCo%2BMXrrAoAyHi1Zdvlgs1Awqpv8%3D' (2024-06-26)
  → 'github:NixOS/nixpkgs/e6cdd8a11b26b4d60593733106042141756b54a3?narHash=sha256-mXkOj9sJ0f69Nkc2dGGOWtof9d1YNY8Le/Hia3RN%2B8Q%3D' (2024-06-30)
2024-07-01 01:09:17 +00:00
github-actions[bot]
6d917c1e38 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/dd457de7e08c6d06789b1f5b88fc9327f4d96309?narHash=sha256-wM9v2yIxClRYsGHut5vHICZTK7xdrUGfrLkXvSuv6s4%3D' (2024-06-19)
  → 'github:NixOS/nixpkgs/fc07dc3bdf2956ddd64f24612ea7fc894933eb2e?narHash=sha256-A/76RFUVxZ/7Y8%2BOMVL1Lc8LRhBxZ8ZE2bpMnvZ1VpY%3D' (2024-06-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/084f8df2f3ff80cdec6f515931036f63c5d2f36c?narHash=sha256-DAyIfQgyqalov0DcEKRvDOUin7axELasaP6NCPt7UQA%3D' (2024-06-23)
  → 'github:NixOS/nixpkgs/af796de7d1e6bbda6049a3732ff881b3ad518b6b?narHash=sha256-C3gUNdFDAWrP6glCCo%2BMXrrAoAyHi1Zdvlgs1Awqpv8%3D' (2024-06-26)
2024-06-27 01:58:18 +00:00
github-actions[bot]
744dfe6451 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/752c634c09ceb50c45e751f8791cb45cb3d46c9e?narHash=sha256-ZT7Oc1g4I4pHVGGjQFnewFVDRLH5cIZhEzODLz9YXeY%3D' (2024-06-15)
  → 'github:NixOS/nixpkgs/dd457de7e08c6d06789b1f5b88fc9327f4d96309?narHash=sha256-wM9v2yIxClRYsGHut5vHICZTK7xdrUGfrLkXvSuv6s4%3D' (2024-06-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5b75ddc9a3e93465bc939dcbacb281879b64b9ed?narHash=sha256-wqQUoA6AW3gifOfEeBQVZ3ulropw0iXwmZRT0Ef2Kls%3D' (2024-06-19)
  → 'github:NixOS/nixpkgs/084f8df2f3ff80cdec6f515931036f63c5d2f36c?narHash=sha256-DAyIfQgyqalov0DcEKRvDOUin7axELasaP6NCPt7UQA%3D' (2024-06-23)
2024-06-24 02:02:13 +00:00
github-actions[bot]
c1e6a5f7b0 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ba06293cdba1c94af9710024abf3b94cf8d76349?narHash=sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo%3D' (2024-06-16)
  → 'github:NixOS/nixpkgs/5b75ddc9a3e93465bc939dcbacb281879b64b9ed?narHash=sha256-wqQUoA6AW3gifOfEeBQVZ3ulropw0iXwmZRT0Ef2Kls%3D' (2024-06-19)
2024-06-20 01:06:39 +00:00
github-actions[bot]
42b13bbd6f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/47b604b07d1e8146d5398b42d3306fdebd343986?narHash=sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw%3D' (2024-06-11)
  → 'github:NixOS/nixpkgs/752c634c09ceb50c45e751f8791cb45cb3d46c9e?narHash=sha256-ZT7Oc1g4I4pHVGGjQFnewFVDRLH5cIZhEzODLz9YXeY%3D' (2024-06-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4b755b0f089935ce5dbfead30ddc79e6dcd3f80e?narHash=sha256-349PlHisFAtaQD%2BD5zZnwOmH8lFkONARiC3awAW6asM%3D' (2024-06-12)
  → 'github:NixOS/nixpkgs/ba06293cdba1c94af9710024abf3b94cf8d76349?narHash=sha256-TmC5TxW5WPAfmovDzi1hLe1i4qqND79s9SH9UOKcSvo%3D' (2024-06-16)
2024-06-17 01:03:45 +00:00
github-actions[bot]
0302b2ee45 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b?narHash=sha256-1%2Bua0ggXlYYPLTmMl3YeYYsBXDSCqT%2BGw3u6l4gvMhA%3D' (2024-06-06)
  → 'github:NixOS/nixpkgs/47b604b07d1e8146d5398b42d3306fdebd343986?narHash=sha256-hoB7B7oPgypePz16cKWawPfhVvMSXj4G/qLsfFuhFjw%3D' (2024-06-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7d916e720af6b2ca355e4d0cfb8e4f742c172239?narHash=sha256-THcv8qDqobZefHHluPjx/8n%2BMtVVb8ag/oJbKMqKNRo%3D' (2024-06-09)
  → 'github:NixOS/nixpkgs/4b755b0f089935ce5dbfead30ddc79e6dcd3f80e?narHash=sha256-349PlHisFAtaQD%2BD5zZnwOmH8lFkONARiC3awAW6asM%3D' (2024-06-12)
2024-06-13 02:07:11 +00:00
dependabot[bot]
8338786481 build(deps): bump DeterminateSystems/update-flake-lock from 21 to 22
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 21 to 22.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v21...v22)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-10 10:40:20 +00:00
Johannes Bornhold
e2fd329c3a Allow to pass extra flags into the kexec call via KEXEC_EXTRA_FLAGS 2024-06-10 04:36:59 +00:00
Jörg Thalheim
75d8ee3810 drop no-bootloader overlay for nixpkgs-unstable 2024-06-10 04:26:14 +00:00
github-actions[bot]
c94035e379 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-stable':
    'github:NixOS/nixpkgs/0b8e7a1ae5a94da2e1ee3f3030a32020f6254105?narHash=sha256-WZ1s48OODmRJ3DHC%2BI/DtM3tDRuRJlNqMvxvAPTD7ec%3D' (2024-06-05)
  → 'github:NixOS/nixpkgs/9b5328b7f761a7bbdc0e332ac4cf076a3eedb89b?narHash=sha256-1%2Bua0ggXlYYPLTmMl3YeYYsBXDSCqT%2BGw3u6l4gvMhA%3D' (2024-06-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28?narHash=sha256-hqHp0W7ibfdu5DFc6EG3S3c%2BGSAbti7VUldFXSf/WiI%3D' (2024-06-07)
  → 'github:NixOS/nixpkgs/7d916e720af6b2ca355e4d0cfb8e4f742c172239?narHash=sha256-THcv8qDqobZefHHluPjx/8n%2BMtVVb8ag/oJbKMqKNRo%3D' (2024-06-09)
2024-06-10 01:06:47 +00:00
github-actions[bot]
72771bd35f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c598bbfe379934e8f379bc474cc1914a7c34fbdc?narHash=sha256-vYbYTeWF4YMKYu6lHLQH%2BOagpubB9aZ1%2BV630h6qJr4%3D' (2024-05-29)
  → 'github:NixOS/nixpkgs/bf3faad723ca984fc4ea95c1cee1d975a8ca2a28?narHash=sha256-hqHp0W7ibfdu5DFc6EG3S3c%2BGSAbti7VUldFXSf/WiI%3D' (2024-06-07)
2024-06-07 14:25:32 +00:00
Jörg Thalheim
faed128eee nixos-test: reduce RAM to 1GB 2024-06-07 13:17:09 +00:00
Jörg Thalheim
f267906ba6
Merge pull request #232 from nix-community/update-nixos-24.05
ci: fixup attribute names
2024-06-07 14:09:26 +02:00
Jörg Thalheim
3ef996da68 ci: fixup attribute names 2024-06-07 14:09:13 +02:00
Jörg Thalheim
606a46c859
Merge pull request #231 from nix-community/joerg-ci
also bump ci tag
2024-06-07 14:07:21 +02:00
Jörg Thalheim
a902278e6d also bump ci tag 2024-06-07 14:07:08 +02:00
Jörg Thalheim
4c9dd788e6
Merge pull request #229 from nix-community/update-nixos-24.05
upgrade to nixos 24.05
2024-06-07 14:05:41 +02:00
Jörg Thalheim
079f61ba0d add nix-community cachix 2024-06-07 10:43:38 +02:00
Jörg Thalheim
3e2e064af0 upgrade to nixos 24.05 2024-06-07 10:37:00 +02:00
github-actions[bot]
47bfb55316 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/0c007b36981bdbd69ccf0c7df30a174e63660667?narHash=sha256-xaSLDTqKIU55HsCkDnzFKmPiJO2z1xAAvrhUlwlmT2M%3D' (2024-05-26)
  → 'github:NixOS/nixpkgs/64e468fd2652105710d86cd2ae3e65a5a6d58dec?narHash=sha256-S5kltvDDfNQM3xx9XcvzKEOyN2qk8Sa%2BaSOLqZ%2B1Ujc%3D' (2024-05-29)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/b5995681aa319d0e33a6d83a31710d6c6f092820?narHash=sha256-mdBp0b4VIQ71aUK2uBRROUkENk93RUUubjlQkvskNO0%3D' (2024-05-26)
  → 'github:NixOS/nixpkgs/c598bbfe379934e8f379bc474cc1914a7c34fbdc?narHash=sha256-vYbYTeWF4YMKYu6lHLQH%2BOagpubB9aZ1%2BV630h6qJr4%3D' (2024-05-29)
2024-05-30 03:38:32 +00:00
github-actions[bot]
2478833ef8 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/dff68ababdd2c2616d03f26546ba632f5f09d3c6?narHash=sha256-e4pjcLqe1Dexz7enk/%2Bui0aVdcoSiWnrTGjk7KLtAPw%3D' (2024-05-22)
  → 'github:NixOS/nixpkgs/0c007b36981bdbd69ccf0c7df30a174e63660667?narHash=sha256-xaSLDTqKIU55HsCkDnzFKmPiJO2z1xAAvrhUlwlmT2M%3D' (2024-05-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bc5dc89513caa16788f6379962e50383cf3f70b0?narHash=sha256-X%2B99WjSwbxQ7X%2BCTyqZQZqeqGe8nbfAFz%2BtgK2r3O/g%3D' (2024-05-22)
  → 'github:NixOS/nixpkgs/b5995681aa319d0e33a6d83a31710d6c6f092820?narHash=sha256-mdBp0b4VIQ71aUK2uBRROUkENk93RUUubjlQkvskNO0%3D' (2024-05-26)
2024-05-27 05:11:04 +00:00
Jörg Thalheim
9052d1d721
Merge pull request #224 from nix-community/fix-image
add missing nixos-install
2024-05-26 10:42:31 +02:00
Jörg Thalheim
310f23d6d5 add nixos-install
fixes #222
2024-05-26 09:52:08 +02:00
github-actions[bot]
5c5079cdec flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/52bdc131bc8d724993eb57fd654c3a8cab457988?narHash=sha256-Lwjwn/iTgq7gXgpM2wzv8t49ZHNX%2B1GLc8QxCbACD2U%3D' (2024-05-19)
  → 'github:NixOS/nixpkgs/dff68ababdd2c2616d03f26546ba632f5f09d3c6?narHash=sha256-e4pjcLqe1Dexz7enk/%2Bui0aVdcoSiWnrTGjk7KLtAPw%3D' (2024-05-22)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/8a2555763c48e2410054de3f52f7310ce3241ec5?narHash=sha256-2rk8FqB/iQV2d0vQLs684/Tj5PUHaS1sFwG7fng5vXE%3D' (2024-05-19)
  → 'github:NixOS/nixpkgs/bc5dc89513caa16788f6379962e50383cf3f70b0?narHash=sha256-X%2B99WjSwbxQ7X%2BCTyqZQZqeqGe8nbfAFz%2BtgK2r3O/g%3D' (2024-05-22)
2024-05-23 02:19:00 +00:00
dependabot[bot]
aca977f151 build(deps): bump cachix/install-nix-action from 26 to 27
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 26 to 27.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v26...V27)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-05-20 10:17:30 +00:00
github-actions[bot]
a7a6e94802 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/95742536dc6debb5a8b8b78b27001c38f369f1e7' (2024-05-16)
  → 'github:NixOS/nixpkgs/52bdc131bc8d724993eb57fd654c3a8cab457988' (2024-05-19)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/c029b7f004009923bbfc90bbc31263cd4b08759f' (2024-05-15)
  → 'github:NixOS/nixpkgs/8a2555763c48e2410054de3f52f7310ce3241ec5' (2024-05-19)
2024-05-20 02:14:47 +00:00
Jörg Thalheim
8c9cab8c44 also disable man page to save a few mb 2024-05-19 15:22:03 +00:00
Jörg Thalheim
2c54ebe7b8 Reduce memory requirements to 1GB 2024-05-19 14:43:29 +00:00
Jörg Thalheim
7d48cb7843
Merge pull request #217 from nix-community/joerg-ci
remove uneeded traceVal
2024-05-19 16:33:30 +02:00
Jörg Thalheim
c647a22429 remove uneeded traceVal 2024-05-19 16:30:55 +02:00
Jörg Thalheim
5c77e174db use newer nano.enable option 2024-05-19 14:28:51 +00:00
Jörg Thalheim
d6cfce2feb remove grub and syslinux from NixOS 2024-05-19 14:28:51 +00:00
Jörg Thalheim
966d756930 include perlless profile in NixOS
conditionally include perlless module

relax perlless constraint
2024-05-19 14:28:51 +00:00
Jörg Thalheim
f35cc93d09 rewrite activation script with a systemd-initrd compatible version 2024-05-19 14:28:51 +00:00
Jörg Thalheim
d1758754aa update mergify configuration 2024-05-19 10:09:50 +00:00
github-actions[bot]
58d868f762 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6eccabe980dcb2048aab7f97f862fb6d79b98abe' (2024-05-12)
  → 'github:NixOS/nixpkgs/95742536dc6debb5a8b8b78b27001c38f369f1e7' (2024-05-16)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3281bec7174f679eabf584591e75979a258d8c40' (2024-05-12)
  → 'github:NixOS/nixpkgs/c029b7f004009923bbfc90bbc31263cd4b08759f' (2024-05-15)
2024-05-16 02:17:18 +00:00
github-actions[bot]
81e709ca1d flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/392320f29b07e74131d4e4a7b435e8e9b9b85adf' (2024-04-17)
  → 'github:NixOS/nixpkgs/6eccabe980dcb2048aab7f97f862fb6d79b98abe' (2024-05-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/203fac824e2fdfed2e3a832b8123d9a64ee58b43' (2024-04-17)
  → 'github:NixOS/nixpkgs/3281bec7174f679eabf584591e75979a258d8c40' (2024-05-12)
2024-05-13 02:22:33 +00:00
Jörg Thalheim
635d1badf2 image-installer: expose network-status as a program 2024-05-07 09:34:47 +00:00
Jörg Thalheim
f064936faf Add documentation for iso image installer 2024-04-19 10:36:47 +00:00
github-actions[bot]
2ca1ad9c96 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
  → 'github:NixOS/nixpkgs/392320f29b07e74131d4e4a7b435e8e9b9b85adf' (2024-04-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5f81b2812ea76d998cb25a3491cce03093326cb2' (2024-04-14)
  → 'github:NixOS/nixpkgs/203fac824e2fdfed2e3a832b8123d9a64ee58b43' (2024-04-17)
2024-04-18 03:55:39 +00:00
Jörg Thalheim
f4ea7a222c
Merge pull request #204 from nix-community/image-installer
fix build
2024-04-17 12:28:21 +02:00
Jörg Thalheim
d3bb59f276 fix build 2024-04-17 12:27:53 +02:00
Jörg Thalheim
b9b51b1d31
Merge pull request #203 from nix-community/image-installer
Image installer
2024-04-17 12:25:14 +02:00
Jörg Thalheim
8c987b74b3 fix build 2024-04-17 12:24:41 +02:00
Jörg Thalheim
f23d47cef8 image-installer: make json a bit shorter 2024-04-17 12:23:50 +02:00
Jörg Thalheim
0b874a3bee
Merge pull request #202 from nix-community/image-installer
Image installer
2024-04-17 11:59:06 +02:00
Jörg Thalheim
8d35d4a180 add image-installer
add image-installer
2024-04-17 11:56:46 +02:00
Jörg Thalheim
2137ed4108 delete empty file 2024-04-16 12:23:54 +02:00
github-actions[bot]
eaf4939a48 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/423832b68fbbbaed33e9fb5176574fda37a0a2fa' (2024-04-11)
  → 'github:NixOS/nixpkgs/53a2c32bc66f5ae41a28d7a9a49d321172af621e' (2024-04-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ca74eb22840662bbd4aca7c38a35a02d16f0dd0a' (2024-04-10)
  → 'github:NixOS/nixpkgs/5f81b2812ea76d998cb25a3491cce03093326cb2' (2024-04-14)
2024-04-15 05:38:06 +00:00
Jörg Thalheim
52f9a0b418
Merge pull request #199 from andreabedini/patch-1
Update README.md
2024-04-12 10:40:02 +02:00
Andrea Bedini
9f14049b80
Update README.md
Fix link to initrd.
2024-04-11 21:54:10 +08:00
github-actions[bot]
6492fe7bf3 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7adda2c7505f6fb8abe2c234dea1adc051f8dec9' (2024-04-08)
  → 'github:NixOS/nixpkgs/423832b68fbbbaed33e9fb5176574fda37a0a2fa' (2024-04-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/298edc8f1e0dfffce67f50375c9f5952e04a6d02' (2024-04-07)
  → 'github:NixOS/nixpkgs/ca74eb22840662bbd4aca7c38a35a02d16f0dd0a' (2024-04-10)
2024-04-11 05:48:42 +00:00
github-actions[bot]
7512f7569e flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/62c8d691d53d7fd9cd32aa7e4908ff15696b05b7' (2024-04-03)
  → 'github:NixOS/nixpkgs/7adda2c7505f6fb8abe2c234dea1adc051f8dec9' (2024-04-08)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7781caa09d74b971a059a0240a03c5dd68acf3e5' (2024-04-03)
  → 'github:NixOS/nixpkgs/298edc8f1e0dfffce67f50375c9f5952e04a6d02' (2024-04-07)
2024-04-08 03:01:05 +00:00
github-actions[bot]
cb7b776e64 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/4ba6c5140bd5731e687732b918445ce48110f689' (2024-03-31)
  → 'github:NixOS/nixpkgs/62c8d691d53d7fd9cd32aa7e4908ff15696b05b7' (2024-04-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cd1c70d941d69d8d6425984ff8aefca9b28e861a' (2024-03-31)
  → 'github:NixOS/nixpkgs/7781caa09d74b971a059a0240a03c5dd68acf3e5' (2024-04-03)
2024-04-04 04:08:25 +00:00
github-actions[bot]
2cfcd8fd67 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e5592a5d4cbc474158e9f96b11af802f624d37a7' (2024-03-25)
  → 'github:NixOS/nixpkgs/4ba6c5140bd5731e687732b918445ce48110f689' (2024-03-31)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3d41d1087707826b3a90685ab69147f8dc8145d5' (2024-03-24)
  → 'github:NixOS/nixpkgs/cd1c70d941d69d8d6425984ff8aefca9b28e861a' (2024-03-31)
2024-04-01 03:05:06 +00:00
github-actions[bot]
0f84fdca23 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/f091af045dff8347d66d186a62d42aceff159456' (2024-03-20)
  → 'github:NixOS/nixpkgs/e5592a5d4cbc474158e9f96b11af802f624d37a7' (2024-03-25)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/66e2e75c671f9a674a28d340e59a0157efb6f905' (2024-03-20)
  → 'github:NixOS/nixpkgs/3d41d1087707826b3a90685ab69147f8dc8145d5' (2024-03-24)
2024-03-25 03:09:44 +00:00
github-actions[bot]
f702705e1c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/2ba1b9dceb7120a73801f41a2b9bcbc6bc13d64c' (2024-03-17)
  → 'github:NixOS/nixpkgs/f091af045dff8347d66d186a62d42aceff159456' (2024-03-20)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/f471be9644f3ab2f3cb868de1787ab70a537b0e7' (2024-03-17)
  → 'github:NixOS/nixpkgs/66e2e75c671f9a674a28d340e59a0157efb6f905' (2024-03-20)
2024-03-21 02:11:02 +00:00
github-actions[bot]
46f3c4c174 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/446d09bfe74f1c893917a67baee88d978316fbc9' (2024-03-13)
  → 'github:NixOS/nixpkgs/2ba1b9dceb7120a73801f41a2b9bcbc6bc13d64c' (2024-03-17)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
  → 'github:NixOS/nixpkgs/f471be9644f3ab2f3cb868de1787ab70a537b0e7' (2024-03-17)
2024-03-18 02:59:03 +00:00
github-actions[bot]
6286096fcb flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/a27ed4afe0e2889d3b3ab50fc9a80f9bd2a70dc5' (2024-03-11)
  → 'github:NixOS/nixpkgs/446d09bfe74f1c893917a67baee88d978316fbc9' (2024-03-13)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/73d699a6ff1e83df3fd6c1e60931e13667b8ae14' (2024-03-10)
  → 'github:NixOS/nixpkgs/2dbc8f62d8af7a1ab962e4b20d12b25ddcb86ced' (2024-03-13)
2024-03-14 01:43:40 +00:00
dependabot[bot]
3c4378633b build(deps): bump cachix/install-nix-action from 25 to 26
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 25 to 26.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v25...v26)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-11 10:40:58 +00:00
github-actions[bot]
fbb850e9a1 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/03e303468a0b89792bc40c2f3a7cd8a322b66fad' (2024-03-06)
  → 'github:NixOS/nixpkgs/a27ed4afe0e2889d3b3ab50fc9a80f9bd2a70dc5' (2024-03-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e1bf69f4ab16f72d5536e32e0d86b39b2b7892d9' (2024-03-06)
  → 'github:NixOS/nixpkgs/73d699a6ff1e83df3fd6c1e60931e13667b8ae14' (2024-03-10)
2024-03-11 03:02:58 +00:00
github-actions[bot]
9fd019c36b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/b3a5f534d8a260328c5e13bd81c19c0432afbe9f' (2024-03-03)
  → 'github:NixOS/nixpkgs/03e303468a0b89792bc40c2f3a7cd8a322b66fad' (2024-03-06)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/768bb879887ae70e62d7628c82d825bbbf873b4b' (2024-03-03)
  → 'github:NixOS/nixpkgs/e1bf69f4ab16f72d5536e32e0d86b39b2b7892d9' (2024-03-06)
2024-03-07 15:32:42 +00:00
dependabot[bot]
63431919c2 build(deps): bump DeterminateSystems/update-flake-lock from 20 to 21
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 20 to 21.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v20...v21)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-04 10:05:44 +00:00
github-actions[bot]
21ced28614 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e4973102d8e9112c41c5f09263c7489c350042b8' (2024-02-28)
  → 'github:NixOS/nixpkgs/b3a5f534d8a260328c5e13bd81c19c0432afbe9f' (2024-03-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/96990c69fd59e807cee8ff874d0526c70dffdf8f' (2024-02-28)
  → 'github:NixOS/nixpkgs/768bb879887ae70e62d7628c82d825bbbf873b4b' (2024-03-03)
2024-03-04 03:09:16 +00:00
github-actions[bot]
45e24d74e0 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/227a4c47bef2390a7925693c51489e84169b1957' (2024-02-25)
  → 'github:NixOS/nixpkgs/e4973102d8e9112c41c5f09263c7489c350042b8' (2024-02-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/2a34566b67bef34c551f204063faeecc444ae9da' (2024-02-25)
  → 'github:NixOS/nixpkgs/96990c69fd59e807cee8ff874d0526c70dffdf8f' (2024-02-28)
2024-02-29 01:52:07 +00:00
Shea Levy
c090b94b08 kexec-run: Get pubkeys for DOAS_USER.
doas is a smaller replacement for sudo, used by some
distributions (such as Alpine).
2024-02-28 19:11:52 +00:00
github-actions[bot]
84ee92b81f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e6d61b7214a8df4fa5a0e3d76506f12689585bab' (2024-02-21)
  → 'github:NixOS/nixpkgs/227a4c47bef2390a7925693c51489e84169b1957' (2024-02-25)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/591f9cbebeef5dfdcb24997a3069d7f29c365ab9' (2024-02-21)
  → 'github:NixOS/nixpkgs/2a34566b67bef34c551f204063faeecc444ae9da' (2024-02-25)
2024-02-26 02:57:12 +00:00
github-actions[bot]
aea74a85ee flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e0da498ad77ac8909a980f07eff060862417ccf7' (2024-02-18)
  → 'github:NixOS/nixpkgs/e6d61b7214a8df4fa5a0e3d76506f12689585bab' (2024-02-21)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/35c5863c29ce81199ded8a3384f4979b7793f5dc' (2024-02-18)
  → 'github:NixOS/nixpkgs/591f9cbebeef5dfdcb24997a3069d7f29c365ab9' (2024-02-21)
2024-02-22 01:02:47 +00:00
github-actions[bot]
4eebb3c820 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/ad69fdb4d3fc14b3909e75af643d019e6b539a1a' (2024-02-15)
  → 'github:NixOS/nixpkgs/e0da498ad77ac8909a980f07eff060862417ccf7' (2024-02-18)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4dec2a6e52b5d910b428468680707f7f73a1219f' (2024-02-14)
  → 'github:NixOS/nixpkgs/35c5863c29ce81199ded8a3384f4979b7793f5dc' (2024-02-18)
2024-02-19 03:02:25 +00:00
github-actions[bot]
7aa14fd358 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7612e0f257237b4d6d29037e4b4ca318e154beec' (2024-02-11)
  → 'github:NixOS/nixpkgs/ad69fdb4d3fc14b3909e75af643d019e6b539a1a' (2024-02-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/bdc57436da855500d44e9c1ce7450c0772e1cfa1' (2024-02-11)
  → 'github:NixOS/nixpkgs/4dec2a6e52b5d910b428468680707f7f73a1219f' (2024-02-14)
2024-02-15 01:07:19 +00:00
github-actions[bot]
14ae091170 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6832d0d99649db3d65a0e15fa51471537b2c56a6' (2024-02-07)
  → 'github:NixOS/nixpkgs/7612e0f257237b4d6d29037e4b4ca318e154beec' (2024-02-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5ef42fcd84b2baa16f43554f1c1f1d614e23ef9a' (2024-02-07)
  → 'github:NixOS/nixpkgs/bdc57436da855500d44e9c1ce7450c0772e1cfa1' (2024-02-11)
2024-02-12 02:03:05 +00:00
github-actions[bot]
42c18c0572 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/9f2ee8c91ac42da3ae6c6a1d21555f283458247e' (2024-02-05)
  → 'github:NixOS/nixpkgs/6832d0d99649db3d65a0e15fa51471537b2c56a6' (2024-02-07)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5d75993fa5feaa333f3eadd83e0a08fc34432acc' (2024-02-04)
  → 'github:NixOS/nixpkgs/5ef42fcd84b2baa16f43554f1c1f1d614e23ef9a' (2024-02-07)
2024-02-08 03:00:20 +00:00
github-actions[bot]
755065698e flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6eeeacfaf67dd0f915b438bb3a93cfc89db06b09' (2024-02-01)
  → 'github:NixOS/nixpkgs/9f2ee8c91ac42da3ae6c6a1d21555f283458247e' (2024-02-05)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/632751bf0ceeefc74af7a9d2335ea923ad9c831a' (2024-01-31)
  → 'github:NixOS/nixpkgs/5d75993fa5feaa333f3eadd83e0a08fc34432acc' (2024-02-04)
2024-02-05 02:55:41 +00:00
github-actions[bot]
a9b8266f2f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/1e4f8b195d7c34dc9f0bcd919f63b3f03b42908a' (2024-01-28)
  → 'github:NixOS/nixpkgs/6eeeacfaf67dd0f915b438bb3a93cfc89db06b09' (2024-02-01)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3fb3707af869e32b0ad0676f589b16cc7711a376' (2024-01-27)
  → 'github:NixOS/nixpkgs/632751bf0ceeefc74af7a9d2335ea923ad9c831a' (2024-01-31)
2024-02-01 01:01:34 +00:00
github-actions[bot]
64c695ab3c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/7824e4947a8fafed482735c0648f1bffc2a02927' (2024-01-24)
  → 'github:NixOS/nixpkgs/1e4f8b195d7c34dc9f0bcd919f63b3f03b42908a' (2024-01-28)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/5cd2baa57a9ff2d84f2615700434fa04f3067fdb' (2024-01-24)
  → 'github:NixOS/nixpkgs/3fb3707af869e32b0ad0676f589b16cc7711a376' (2024-01-27)
2024-01-29 02:55:58 +00:00
github-actions[bot]
0d3dfc8547 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/d639898e43e88157dc21b779600fb58391a7b4ea' (2024-01-21)
  → 'github:NixOS/nixpkgs/7824e4947a8fafed482735c0648f1bffc2a02927' (2024-01-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7da66b359bcffc532b67035b54b49c25b0c0480c' (2024-01-21)
  → 'github:NixOS/nixpkgs/5cd2baa57a9ff2d84f2615700434fa04f3067fdb' (2024-01-24)
2024-01-25 01:06:13 +00:00
github-actions[bot]
9dd480c8be flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/b0092228a011d1fa5c667dd98d02e7afb0ef3626' (2024-01-18)
  → 'github:NixOS/nixpkgs/d639898e43e88157dc21b779600fb58391a7b4ea' (2024-01-21)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cc3ab0e45687d15cb21663a95f5a53a05abd39e4' (2024-01-16)
  → 'github:NixOS/nixpkgs/7da66b359bcffc532b67035b54b49c25b0c0480c' (2024-01-21)
2024-01-22 02:59:06 +00:00
github-actions[bot]
ad2e23c4a6 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/d71f20967da064275ce084dd823cbd2bd31d5cba' (2024-01-15)
  → 'github:NixOS/nixpkgs/b0092228a011d1fa5c667dd98d02e7afb0ef3626' (2024-01-18)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0c741cd9fbdc435b7ca88e17efc371b48e7c23b8' (2024-01-14)
  → 'github:NixOS/nixpkgs/cc3ab0e45687d15cb21663a95f5a53a05abd39e4' (2024-01-16)
2024-01-18 02:53:40 +00:00
Antonio Yang
17efe22de1 add rsync to installer 2024-01-16 07:35:44 +00:00
dependabot[bot]
97d38e1b77 build(deps): bump cachix/install-nix-action from 24 to 25
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 24 to 25.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v24...v25)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-15 10:24:52 +00:00
github-actions[bot]
000d4bac47 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/2aaf35bc85b2a6f9957fe9df17bcf5f94fbd0e85' (2024-01-11)
  → 'github:NixOS/nixpkgs/d71f20967da064275ce084dd823cbd2bd31d5cba' (2024-01-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/7bb62b90ef7f7e76603bcd52d7e10ddb6d589f15' (2024-01-09)
  → 'github:NixOS/nixpkgs/0c741cd9fbdc435b7ca88e17efc371b48e7c23b8' (2024-01-14)
2024-01-15 03:07:05 +00:00
Jörg Thalheim
694f6e69e8 README: drop experimental flag for static ips 2024-01-13 08:55:55 +00:00
github-actions[bot]
bf5c4f258b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/e6c4e766e523b86a74eae7b1dbc64795e3aa3041' (2024-01-04)
  → 'github:NixOS/nixpkgs/2aaf35bc85b2a6f9957fe9df17bcf5f94fbd0e85' (2024-01-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/382614ec619514fbc48dd9c60f043c4087798ddf' (2024-01-03)
  → 'github:NixOS/nixpkgs/7bb62b90ef7f7e76603bcd52d7e10ddb6d589f15' (2024-01-09)
2024-01-11 01:01:19 +00:00
github-actions[bot]
916bc1ddac flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/bd39e4e241aa5aabbb27307709aef511592cb9e5' (2024-01-01)
  → 'github:NixOS/nixpkgs/e6c4e766e523b86a74eae7b1dbc64795e3aa3041' (2024-01-04)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/eae82ed71467a19374437376fbb7f5e3ad486aeb' (2023-12-31)
  → 'github:NixOS/nixpkgs/382614ec619514fbc48dd9c60f043c4087798ddf' (2024-01-03)
2024-01-04 01:00:24 +00:00
Mic92
a337c75e33 non-interactive: add missing udev rules (#163)
non-interactive: add missing udev rules

* Update nix/zfs-minimal.nix

Co-authored-by: Gary Guo <gary@garyguo.net>
2024-01-03 09:54:53 +00:00
github-actions[bot]
b858bab86b flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/6db1324e4c9f702631a0dfe11b10189485af9fc0' (2023-12-27)
  → 'github:NixOS/nixpkgs/bd39e4e241aa5aabbb27307709aef511592cb9e5' (2024-01-01)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/f930306a698f1ae7045cf3265693b7ebc9512f23' (2023-12-27)
  → 'github:NixOS/nixpkgs/eae82ed71467a19374437376fbb7f5e3ad486aeb' (2023-12-31)
2024-01-01 02:58:13 +00:00
github-actions[bot]
35c9a49b57 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/3128dfc824de336220e71cddc44d417bacc91fd7' (2023-12-24)
  → 'github:NixOS/nixpkgs/6db1324e4c9f702631a0dfe11b10189485af9fc0' (2023-12-27)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cb574470bb7e360016c254867f7734a95812b47f' (2023-12-24)
  → 'github:NixOS/nixpkgs/f930306a698f1ae7045cf3265693b7ebc9512f23' (2023-12-27)
2023-12-28 00:58:41 +00:00
github-actions[bot]
85434de040 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/df3e6d6131d5f5df9b9524c7f4c39bfce7add927' (2023-12-22)
  → 'github:NixOS/nixpkgs/3128dfc824de336220e71cddc44d417bacc91fd7' (2023-12-24)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/d644f3882d553e717e225e69ec8254d6736b8cba' (2023-12-21)
  → 'github:NixOS/nixpkgs/cb574470bb7e360016c254867f7734a95812b47f' (2023-12-24)
2023-12-25 02:54:17 +00:00
Jörg Thalheim
56b5279131 fix kexec-syscall-auto check 2023-12-24 07:07:56 +00:00
Jörg Thalheim
9a02e3d7b2 change to numtide as binary cache 2023-12-24 07:07:56 +00:00
Jörg Thalheim
c6f494de02 Revert "disable flake updates for now"
This reverts commit 3a769c86e2.

We now have a better buildbot to handle this.
2023-12-24 07:07:56 +00:00
Jörg Thalheim
eaf2d21fa9 disable kexec-syscall-auto flag on old kernels 2023-12-23 17:18:52 +00:00
Jörg Thalheim
1d92ed3028
Merge pull request #154 from nix-community/upgrade-aarch64
upgrade zfs on aarch64
2023-12-23 09:19:36 +01:00
Jörg Thalheim
3a769c86e2 disable flake updates for now 2023-12-23 09:19:00 +01:00
Jörg Thalheim
d7dfa237d6 switch out binary cache 2023-12-23 02:20:46 +01:00
Jörg Thalheim
3b7b5998f1 export packages as checks 2023-12-23 02:20:46 +01:00
Jörg Thalheim
1717912538 mergify: upgrade for buildbot 2023-12-23 02:20:46 +01:00
Jörg Thalheim
6da561b62f flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2311':
    'github:NixOS/nixpkgs/8ae56eaea9054590c57f9509341601f05cbb92d7' (2023-12-09)
  → 'github:NixOS/nixpkgs/cf28ee258fd5f9a52de6b9865cdb93a1f96d09b7' (2023-12-12)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e4e2af6d113155799eb9be93e3d8dd32d7300e06' (2023-12-06)
  → 'github:NixOS/nixpkgs/120a26f8ce32ac2bdc0e49a9fed830b7446416b4' (2023-12-11)
2023-12-23 02:20:46 +01:00
Jörg Thalheim
db63ed890f upgrade zfs on aarch64 2023-12-23 02:20:46 +01:00
Jörg Thalheim
d655cc02fc
Merge pull request #152 from nix-community/joerg-ci
disable installer channel in a single place
2023-12-12 11:02:05 +01:00
Jörg Thalheim
73c9e5e338 disable installer channel in a single place 2023-12-10 11:57:48 +01:00
Jörg Thalheim
b7719bef5d update mergify configuration 2023-12-10 11:54:07 +01:00
Jörg Thalheim
86196b2130
Merge pull request #151 from phaer/23-11
build 23.11 instead of 23.05
2023-12-10 11:53:27 +01:00
phaer
1109a26efb build 23.11, don't build 23.05 anymore 2023-12-09 16:39:12 +00:00
mergify[bot]
7dbb493899
Merge pull request #150 from nix-community/update_flake_lock_action
flake.lock: Update
2023-12-07 08:10:58 +00:00
github-actions[bot]
4e84af9d0c flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
  → 'github:NixOS/nixpkgs/0561103cedb11e7554cf34cea81e5f5d578a4753' (2023-12-05)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/0b62f5adfd6635f8013d800ceb0cf39411a8216f' (2023-12-03)
  → 'github:NixOS/nixpkgs/e4e2af6d113155799eb9be93e3d8dd32d7300e06' (2023-12-06)
2023-12-07 08:02:48 +00:00
mergify[bot]
6e106f700d
Merge pull request #149 from nix-community/dependabot/github_actions/cachix/install-nix-action-24
build(deps): bump cachix/install-nix-action from 23 to 24
2023-12-04 10:11:53 +00:00
dependabot[bot]
6a6e5ccc74
build(deps): bump cachix/install-nix-action from 23 to 24
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 23 to 24.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v23...v24)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-12-04 10:05:33 +00:00
mergify[bot]
d5a5de3e0c
Merge pull request #148 from nix-community/update_flake_lock_action
flake.lock: Update
2023-12-04 01:32:28 +00:00
github-actions[bot]
c87dbe2034 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/f237a187117e1fd4cd780cfc25fd78f7f9a3e3cf' (2023-11-29)
  → 'github:NixOS/nixpkgs/e9f06adb793d1cca5384907b3b8a4071d5d7cb19' (2023-12-03)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/e2fa3d60550627938495aa368a1d4635c9cf64ff' (2023-11-29)
  → 'github:NixOS/nixpkgs/0b62f5adfd6635f8013d800ceb0cf39411a8216f' (2023-12-03)
2023-12-04 00:54:29 +00:00
mergify[bot]
e091c84b60
Merge pull request #147 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-30 01:43:15 +00:00
github-actions[bot]
66d70aa898 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/835eab9a7bcaf4365fc96f5d1a756784aea0f5d1' (2023-11-26)
  → 'github:NixOS/nixpkgs/f237a187117e1fd4cd780cfc25fd78f7f9a3e3cf' (2023-11-29)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/173b74db07f26344f3517716edd4bff6987b512d' (2023-11-26)
  → 'github:NixOS/nixpkgs/e2fa3d60550627938495aa368a1d4635c9cf64ff' (2023-11-29)
2023-11-30 00:53:45 +00:00
mergify[bot]
5119908dda
Merge pull request #146 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-27 01:12:07 +00:00
github-actions[bot]
5ba340ce83 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/ee5ddacfab29812b32b5ea8c1dacdadfdf264475' (2023-11-22)
  → 'github:NixOS/nixpkgs/835eab9a7bcaf4365fc96f5d1a756784aea0f5d1' (2023-11-26)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
  → 'github:NixOS/nixpkgs/173b74db07f26344f3517716edd4bff6987b512d' (2023-11-26)
2023-11-27 00:57:04 +00:00
mergify[bot]
d238126a86
Merge pull request #145 from nix-community/update_flake_lock_action
flake.lock: Update
2023-11-23 01:18:19 +00:00
github-actions[bot]
7dab9962ad flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/9faf91e6d0b7743d41cce3b63a8e5c733dc696a3' (2023-11-20)
  → 'github:NixOS/nixpkgs/ee5ddacfab29812b32b5ea8c1dacdadfdf264475' (2023-11-22)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/12a0ade5e458984675b9789a4b260ebabdd2d1ab' (2023-11-19)
  → 'github:NixOS/nixpkgs/da41de71f62bf7fb989a04e39629b8adbf8aa8b5' (2023-11-22)
2023-11-23 00:53:16 +00:00
mergify[bot]
fc531304e2
Merge pull request #144 from nix-community/machine-id
also copy machine-id into installer
2023-11-22 13:45:28 +00:00
Jörg Thalheim
bebc30e7fd also copy machine-id into installer
This can help with keeping the same dhcp leases when the dhcp server uses DUID rather than mac addresses
2023-11-22 10:45:18 +01:00
mergify[bot]
6531732454
Merge pull request #143 from nix-community/joerg-ci
flake.nix: switch back to nixos-unstable-small upstream
2023-11-20 11:40:50 +00:00
Jörg Thalheim
6688a9b437 flake.nix: switch back to nixos-unstable-small upstream 2023-11-20 12:23:12 +01:00
Jörg Thalheim
4dcc041b86
Merge pull request #142 from nix-community/sane-nix-settings
add nix-settings from srvos
2023-11-20 12:15:23 +01:00
Jörg Thalheim
971b6849d5 add nix-settings from srvos
if used as a recovery system, it's useful to have flakes etc enabled.
2023-11-19 13:23:43 +01:00
mergify[bot]
b75f16f72f
Merge pull request #141 from nix-community/joerg-ci
add comment for lvm raid
2023-11-12 11:39:30 +00:00
Jörg Thalheim
c0a2c19f83 add comment for lvm raid 2023-11-12 12:34:58 +01:00
Jörg Thalheim
092b60439f
Merge pull request #140 from nix-community/add-dm-raid
load dm-raid kernel module
2023-11-12 12:33:28 +01:00
zimbatm
a8fbf192c7 load dm-raid kernel module
Fixes https://github.com/nix-community/nixos-anywhere/issues/249
2023-11-12 11:43:01 +01:00
Jörg Thalheim
81ab4e8f6f
Merge pull request #139 from nbdd0121/patch-1
Copy ecdsa/sk keys from /root/.ssh/authorized_keys
2023-11-08 23:18:30 +01:00
Gary Guo
7d89d7c99f
Copy ecdsa/sk keys from /root/.ssh/authorized_keys 2023-11-08 16:13:10 +00:00
mergify[bot]
fca6d15d05
Merge pull request #138 from nix-community/joerg-ci
reduce test in VM to 1.2 GB RAM
2023-11-02 12:08:31 +00:00
mergify[bot]
28250ff73f
Merge branch 'main' into joerg-ci 2023-11-02 12:02:27 +00:00
Jörg Thalheim
1afdae78b7 reduce test in VM to 1.2 GB RAM 2023-11-02 13:01:36 +01:00
Jörg Thalheim
25f4c4dddd
Merge pull request #137 from nix-community/nixpkgs-upstream
no longer delete existing assets
2023-11-02 12:44:58 +01:00
Jörg Thalheim
6c43b7016d no longer delete existing assets
we now have both aarch64/x86_64 overwriting each other
2023-11-02 12:42:50 +01:00
mergify[bot]
233cb26594
Merge pull request #136 from nix-community/nixpkgs-upstream
kexec-installer: disable channel in unstable
2023-11-02 10:41:23 +00:00
Jörg Thalheim
913fba8fbe netboot-installer: disable channel in unstable 2023-11-02 11:09:57 +01:00
Jörg Thalheim
6b3ebfbf99 kexec-installer: disable channel in unstable 2023-11-02 11:09:57 +01:00
mergify[bot]
dd2e96b4a4
Merge pull request #135 from nix-community/nixpkgs-upstream
switch back to nixpkgs upstream
2023-11-02 09:54:17 +00:00
Jörg Thalheim
fba4a2bf0d apply nixpkgs-fmt 2023-11-02 10:43:57 +01:00
Jörg Thalheim
75d7180dc1 netboot-installer: also enable ipv6 router advertisment 2023-11-02 10:43:21 +01:00
Jörg Thalheim
8239d6079a no longer depend on dhcpcd for dhcp networking 2023-11-02 10:43:08 +01:00
Jörg Thalheim
8f0b2d8f63 drop checksum from release tab
it no longer works since we have now two architectures build independently
2023-11-02 08:54:22 +01:00
Jörg Thalheim
8eb1ef49d5 switch to nixos-unstable-small
flake.lock: Update

Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/f9d25531cc073c6ae78c6988e12455eb1e015134' (2023-11-01)
  → 'github:NixOS/nixpkgs/ecd985f22e007e6ac3152d68590c06cbbaea8c0e' (2023-11-02)
2023-11-02 08:54:22 +01:00
Jörg Thalheim
d84d1b296b installer: useNetworkd consistently 2023-10-28 16:11:35 +02:00
Jörg Thalheim
dc68643995 switch back to nixpkgs upstream 2023-10-28 15:58:39 +02:00
mergify[bot]
87bccdbdfb
Merge pull request #134 from Stunkymonkey/fix-typos
fix some typos
2023-10-17 03:59:56 +00:00
Felix Buehler
e62ab61f81 fix some typos 2023-10-16 23:22:54 +02:00
mergify[bot]
c4c73bce65
Merge pull request #132 from nix-community/dependabot/github_actions/actions/checkout-4
build(deps): bump actions/checkout from 3 to 4
2023-09-11 10:54:47 +00:00
dependabot[bot]
23851e1ff0
build(deps): bump actions/checkout from 3 to 4
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-11 10:45:27 +00:00
mergify[bot]
cfae37e520
Merge pull request #131 from nix-community/dependabot/github_actions/cachix/install-nix-action-23
build(deps): bump cachix/install-nix-action from 22 to 23
2023-09-04 11:00:50 +00:00
dependabot[bot]
4e62ea7677
build(deps): bump cachix/install-nix-action from 22 to 23
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 22 to 23.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v22...v23)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-04 10:40:54 +00:00
mergify[bot]
8cddbac8c6
Merge pull request #130 from nix-community/dependabot/github_actions/DeterminateSystems/update-flake-lock-20
build(deps): bump DeterminateSystems/update-flake-lock from 19 to 20
2023-08-28 10:39:16 +00:00
dependabot[bot]
a8e011a556
build(deps): bump DeterminateSystems/update-flake-lock from 19 to 20
Bumps [DeterminateSystems/update-flake-lock](https://github.com/determinatesystems/update-flake-lock) from 19 to 20.
- [Release notes](https://github.com/determinatesystems/update-flake-lock/releases)
- [Commits](https://github.com/determinatesystems/update-flake-lock/compare/v19...v20)

---
updated-dependencies:
- dependency-name: DeterminateSystems/update-flake-lock
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-28 10:28:31 +00:00
mergify[bot]
32c29d4ec7
Merge pull request #129 from nix-community/kexec-auto
kexec-installer: re-enable kexec-syscall-auto
2023-08-26 18:22:53 +00:00
Jörg Thalheim
f11fd49c78 kexec-installer: re-enable kexec-syscall-auto
Seems like GCP changed something about their boot process and the same instance types that failed to kexec, now just works.
This fixes secureboot as well: https://github.com/nix-community/nixos-images/issues/128
2023-08-26 19:36:51 +02:00
Jörg Thalheim
3067fe0c60
Merge pull request #127 from nix-community/ci
flake.lock: Update
2023-08-05 06:49:46 +01:00
Jörg Thalheim
f715155f87 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/9652a97d9738d3e65cf33c0bc24429e495a7868f' (2023-08-04)
  → 'github:Mic92/nixpkgs/831724726ba052189092f52ae0774dd406d657bb' (2023-08-05)
2023-08-05 07:49:32 +02:00
Jörg Thalheim
74ca72e242
Merge pull request #126 from nix-community/ci
also fix netboot on release-23.05
2023-08-05 06:48:15 +01:00
mergify[bot]
2a98397eb4
Merge branch 'main' into ci 2023-08-05 05:46:50 +00:00
Jörg Thalheim
377e275ebc also fix netboot on release-23.05 2023-08-05 07:45:36 +02:00
Jörg Thalheim
8cfcde285d
Merge pull request #125 from nix-community/ci
fix kernel name
2023-08-04 22:40:11 +01:00
Jörg Thalheim
a1478fe225 fix kernel name 2023-08-04 23:40:01 +02:00
Jörg Thalheim
1361e3e22a
Merge pull request #124 from nix-community/ci
ci: improve updating assets
2023-08-04 21:56:02 +01:00
mergify[bot]
4fd1a924cb
Merge branch 'main' into ci 2023-08-04 20:52:28 +00:00
Jörg Thalheim
3b4624dc1a build-images: reformat with shellfmt 2023-08-04 22:51:45 +02:00
Jörg Thalheim
7066549ee6 update assets more atomically 2023-08-04 22:51:45 +02:00
Jörg Thalheim
d694dd7829
Merge pull request #123 from nix-community/ci
nixos-images: return to nixpkgs upstream
2023-08-04 21:26:11 +01:00
Jörg Thalheim
b0fcd6bbe0 disable aarch64 until we fixed the race condition when creating releases 2023-08-04 22:25:49 +02:00
Jörg Thalheim
aaeec10163 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/4f5308922f99987cabb1821b675da86948af00b4' (2023-08-04)
  → 'github:Mic92/nixpkgs/52a39dea62074a5d47001e86646f71dff78ffcad' (2023-08-04)
2023-08-04 22:22:15 +02:00
Jörg Thalheim
49bd69291a flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:Mic92/nixpkgs/15384bf882f524e3a08ed7cb86c811de5b75ba5a' (2023-06-15)
  → 'github:NixOS/nixpkgs/9652a97d9738d3e65cf33c0bc24429e495a7868f' (2023-08-04)
• Updated input 'nixos-unstable':
    'github:Mic92/nixpkgs/d4cab20b3a76fef4b9a487c37107df6351ebce33' (2023-06-16)
  → 'github:NixOS/nixpkgs/4f5308922f99987cabb1821b675da86948af00b4' (2023-08-04)
2023-08-04 22:01:10 +02:00
Jörg Thalheim
b63a9cb113 nixos-images: return to nixpkgs upstream 2023-08-04 21:59:59 +02:00
Jörg Thalheim
fcbf0b7c6c
Merge pull request #122 from nix-community/ci
also enable arm64 in github ci
2023-08-04 20:50:52 +01:00
Jörg Thalheim
40ea0c79e3 also enable arm64 in github ci 2023-08-04 21:50:03 +02:00
mergify[bot]
f98b4775fa
Merge pull request #118 from nix-community/update_flake_lock_action
flake.lock: Update
2023-07-04 17:15:49 +00:00
github-actions[bot]
8561ccba07 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:Mic92/nixpkgs/d21b935395b8880dd4e80dfac4104553cb795d03' (2023-06-15)
  → 'github:Mic92/nixpkgs/d4cab20b3a76fef4b9a487c37107df6351ebce33' (2023-06-16)
2023-07-04 16:36:33 +00:00
Jörg Thalheim
65c15be132
Merge pull request #120 from nix-community/gpt-disk
add missing gptfdisk
2023-07-04 17:31:51 +01:00
Jörg Thalheim
c90d09a5f6 mergify: drop images ci target 2023-07-04 18:31:43 +02:00
mergify[bot]
496b3a800c
Merge branch 'main' into gpt-disk 2023-07-04 16:31:38 +00:00
Jörg Thalheim
9a8b402e63
Merge pull request #119 from nix-community/dependabot/github_actions/cachix/install-nix-action-22
build(deps): bump cachix/install-nix-action from 21 to 22
2023-07-04 17:30:59 +01:00
Jörg Thalheim
e73cbf20a3 add missing gptfdisk
This is needed by disko for gpt
2023-07-04 18:07:03 +02:00
dependabot[bot]
cb80fd6175
build(deps): bump cachix/install-nix-action from 21 to 22
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 21 to 22.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v21...v22)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-19 10:56:56 +00:00
Jörg Thalheim
ccc1a2c08c
Merge pull request #115 from nix-community/update_flake_lock_action
flake.lock: Update
2023-06-15 09:52:48 +01:00
Jörg Thalheim
b713d90778 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:Mic92/nixpkgs/60e994e7ada7ce39b775d92cbb70a611c59f45d1' (2023-06-15)
  → 'github:Mic92/nixpkgs/15384bf882f524e3a08ed7cb86c811de5b75ba5a' (2023-06-15)
2023-06-15 10:20:54 +02:00
Jörg Thalheim
c92fa3d2f7 ping to nixpkgs fork to incorperate aarch64 fix
flake.lock: Update

Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/75eb7c2d47fdc01a0d477e9a89eac7ed366fe898' (2023-06-14)
  → 'github:Mic92/nixpkgs/60e994e7ada7ce39b775d92cbb70a611c59f45d1' (2023-06-15)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/ba1a6ec548000d4a50719d14e6f73f63016674d5' (2023-06-14)
  → 'github:Mic92/nixpkgs/d21b935395b8880dd4e80dfac4104553cb795d03' (2023-06-15)
2023-06-15 10:02:07 +02:00
github-actions[bot]
fbc53c710d flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/5f6396e85487aa59c801da5f7c87ac20098b2fa8' (2023-06-11)
  → 'github:NixOS/nixpkgs/75eb7c2d47fdc01a0d477e9a89eac7ed366fe898' (2023-06-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/3d318cb303f285d2964d4137619cb21ddd56cfd5' (2023-06-11)
  → 'github:NixOS/nixpkgs/ba1a6ec548000d4a50719d14e6f73f63016674d5' (2023-06-14)
2023-06-15 08:53:22 +02:00
Jörg Thalheim
fd8c7d7dd4
Merge pull request #117 from nix-community/label
update label
2023-06-15 07:14:10 +01:00
Jörg Thalheim
6967261261 update-flake-lock: fix label 2023-06-15 08:13:53 +02:00
Jörg Thalheim
89744bafd2 replace bors with mergify 2023-06-15 07:46:46 +02:00
bors[bot]
762e4aa3dd
Merge #112
112: flake.lock: Update r=nix-eval-jobs-bot a=nix-eval-jobs-bot



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2023-06-12 01:09:46 +00:00
github-actions[bot]
ffc36b9def flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2305':
    'github:NixOS/nixpkgs/067a81a6859a020135a73fcbb7b16e9fb43dc435' (2023-06-11)
  → 'github:NixOS/nixpkgs/5f6396e85487aa59c801da5f7c87ac20098b2fa8' (2023-06-11)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/32d8e07a8ea673bc9b8c0f8106fb0b776c6ea6a8' (2023-06-07)
  → 'github:NixOS/nixpkgs/3d318cb303f285d2964d4137619cb21ddd56cfd5' (2023-06-11)
2023-06-12 01:09:27 +00:00
bors[bot]
af9bfe325c
Merge #111
111: link to unattended nixos installer r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-06-11 16:19:33 +00:00
Jörg Thalheim
fb1219ebff link to unattended nixos installer 2023-06-11 18:18:04 +02:00
bors[bot]
13e5db35e8
Merge #110
110: github-ci: update to 23.05 r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-06-11 06:54:56 +00:00
Jörg Thalheim
17720078c7 github-ci: update to 23.05 2023-06-11 08:54:27 +02:00
bors[bot]
5eaf2832d7
Merge #109
109: aarch64-linux: enable ci r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-06-11 06:24:06 +00:00
Jörg Thalheim
b80c95fe68 garnix: enable aarch64-linux 2023-06-11 07:51:31 +02:00
bors[bot]
9ecfd698b6
Merge #108
108: Nixos 23.05 r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-06-11 05:50:36 +00:00
Jörg Thalheim
d2de4da5fb update bors.toml 2023-06-11 07:50:08 +02:00
Jörg Thalheim
e70ef61629 drop disko; add nixos 23.05 images
nixos noninteractive: re-add missing filesystems
2023-06-11 07:44:29 +02:00
bors[bot]
08ff168454
Merge #107
107: nixos noninteractive: re-add missing filesystems r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-06-11 05:38:17 +00:00
Jörg Thalheim
a7f73290d5 nixos noninteractive: re-add missing filesystems 2023-06-11 07:31:34 +02:00
bors[bot]
e252d40dab
Merge #97 #105
97: flake.lock: Update r=Mic92 a=nix-eval-jobs-bot



105: noninteractive: Add zfs packages r=Mic92 a=dantefromhell



Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: dantefromhell <90508808+dantefromhell@users.noreply.github.com>
2023-06-11 03:37:52 +00:00
bors[bot]
2298a9e9e1
Merge #106
106: build(deps): bump cachix/install-nix-action from 20 to 21 r=Mic92 a=dependabot[bot]



Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-11 03:08:31 +00:00
github-actions[bot]
2ba17f37dd flake.lock: Update
Flake lock file updates:

• Updated input 'disko':
    'github:nix-community/disko/2a59f5cf641607dbecb0cfec3ae32247e4aeb311' (2023-05-08)
  → 'github:nix-community/disko/f1178c6e72b7d8ab2b55990397969324822275eb' (2023-06-07)
• Updated input 'disko/nixpkgs':
    'github:NixOS/nixpkgs/eb751d65225ec53de9cf3d88acbf08d275882389' (2023-05-07)
  → 'github:NixOS/nixpkgs/2e56a850786211972d99d2bb39665a9b5a1801d6' (2023-06-04)
• Updated input 'nixos-2211':
    'github:NixOS/nixpkgs/2eb0795720849ae19c068e39b17362d3ebcd585c' (2023-05-15)
  → 'github:NixOS/nixpkgs/51d9b86c045e8b1f7a4b4ff106c7d83b3a6f53c7' (2023-06-07)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/8fb30f6066a87a91c21241f1993a26ff57005486' (2023-05-14)
  → 'github:NixOS/nixpkgs/32d8e07a8ea673bc9b8c0f8106fb0b776c6ea6a8' (2023-06-07)
2023-06-08 01:06:55 +00:00
dependabot[bot]
665b323d39
build(deps): bump cachix/install-nix-action from 20 to 21
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 20 to 21.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v20...v21)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-05-29 10:57:04 +00:00
dantefromhell
eafead23ae
Add zfs packages
ZFS related binaries like `zpool`, `zfs` and `zdb` were missing from the kexec image.

This PR fixes the following issues I encountered during testing in the OVH "Public Cloud":

- Machines pre-installed with Debian 11 print error `zdb: command not found` during `disk-deactivate` when trying to remove `/dev/sda14`

- Trying to create a simple zpool + zfs dataset that is mounted as `/` fails with `zpool: command not found`
On OVH machines the installer would print an error being unable to locate the `zdb` binary,
2023-05-22 00:01:53 +00:00
Jörg Thalheim
dd0801f585 update bors 2023-05-15 17:00:11 +02:00
bors[bot]
108fce87b9
Merge #66
66: add netboot-installer-nixos-unstable r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-05-15 13:41:12 +00:00
Jörg Thalheim
25f782b4ce add netboot-installer-nixos-unstable 2023-05-15 15:40:39 +02:00
Jörg Thalheim
9089946fc0 move out code from kexec-installer into its own module 2023-05-15 14:56:00 +02:00
bors[bot]
3758c6481c
Merge #103
103: flake.lock: Update r=Mic92 a=Mic92



Co-authored-by: Jörg Thalheim <joerg@thalheim.io>
2023-05-15 11:43:51 +00:00
Jörg Thalheim
d7311ed7f8 add missing parted package back to 22.11 release 2023-05-15 13:32:59 +02:00
Jörg Thalheim
8451894552 kexec-installer: add smoketest for binaries 2023-05-15 13:32:59 +02:00
Jörg Thalheim
4ad9c55cf2 kexec-installer: use latest kernel compatible with zfs 2023-05-15 13:32:59 +02:00
Jörg Thalheim
3db198a018 kexec-installer: print dmesg if kexec --load fails
In some cases dmesg contains interesting errors
2023-05-15 13:32:59 +02:00
Jörg Thalheim
8d32c7409c kexec-installer/test: use our kexecTarball directly
before we were importing the configuration into a nixos module.
Now we are actually using our unmodified tarball.
This saves some rebuilds and is closer to what we ship.
2023-05-15 13:32:59 +02:00
Jörg Thalheim
f3854ade97 flake.lock: Update
Flake lock file updates:

• Updated input 'nixos-2211':
    'github:NixOS/nixpkgs/3d302c67ab8647327dba84fbdb443cdbf0e82744' (2023-04-19)
  → 'github:NixOS/nixpkgs/c6d2f3dc0d3efd4285eebe4f8a36a47ba438138e' (2023-05-14)
• Updated input 'nixos-unstable':
    'github:NixOS/nixpkgs/cafa2f02fbbcade5c5c257c190061da555d90913' (2023-04-19)
  → 'github:NixOS/nixpkgs/3e2728f51a8ed5287f2577737c6b5505d56de3e9' (2023-05-14)

flake.lock: Update

Flake lock file updates:

• Updated input 'nixos-unstable':
    'github:B4dM4n/nixpkgs/c51fe112cc73f87f282de24aa0fd929e72bb6ed0' (2023-05-12)
  → 'github:NixOS/nixpkgs/3007746b3f5bfcb49e102b517bca891822a41b31' (2023-05-14)
2023-05-15 13:32:59 +02:00
33 changed files with 1200 additions and 459 deletions

View file

@ -11,15 +11,18 @@ jobs:
fail-fast: false fail-fast: false
matrix: matrix:
tag: tag:
- nixos-22.11 - nixos-24.05
- nixos-unstable - nixos-unstable
runs-on: ubuntu-latest os:
- nscloud-ubuntu-22.04-arm64-4x16
- ubuntu-latest
runs-on: ${{ matrix.os }}
steps: steps:
- uses: actions/checkout@v3 - uses: actions/checkout@v4
- uses: cachix/install-nix-action@v20 - uses: cachix/install-nix-action@v30
with: with:
nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixpkgs-unstable.tar.gz nix_path: nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixpkgs-unstable.tar.gz
- name: Build image - name: Build image
run: ./build-images.sh "${{matrix.tag}}" run: ./build-images.sh "${{ matrix.tag }}" "$(nix eval --raw --impure --expr builtins.currentSystem)"
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

View file

@ -9,16 +9,11 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repository - name: Checkout repository
uses: actions/checkout@v3 uses: actions/checkout@v4
- name: Install Nix - name: Install Nix
uses: cachix/install-nix-action@v20 uses: cachix/install-nix-action@v30
- name: Update flake.lock - name: Update flake.lock
uses: DeterminateSystems/update-flake-lock@v19 uses: DeterminateSystems/update-flake-lock@v24
with: with:
token: ${{ secrets.GH_TOKEN_FOR_UPDATES }} pr-labels: |
pr-body: | merge-queue
Automated changes by the update-flake-lock
```
{{ env.GIT_COMMIT_MESSAGE }}
```
bors merge

15
.mergify.yml Normal file
View file

@ -0,0 +1,15 @@
queue_rules:
- name: default
merge_conditions:
- check-success=buildbot/nix-build
defaults:
actions:
queue:
merge_method: rebase
pull_request_rules:
- name: merge using the merge queue
conditions:
- base=main
- label~=merge-queue|dependencies
actions:
queue: {}

View file

@ -3,21 +3,18 @@
Automatically weekly updated images for NixOS. This project is intended to extend the images created by hydra.nixos.org. Automatically weekly updated images for NixOS. This project is intended to extend the images created by hydra.nixos.org.
We are currently creating the images listed below: We are currently creating the images listed below:
## Netboot images
You can boot the netboot image using this [ipxe script](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/netboot-x86_64-linux.ipxe).
It consists of the [kernel image](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux) and [initrd](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux).
## Kexec tarballs ## Kexec tarballs
These images are used for unattended remote installation in [nixos-anywhere](https://github.com/numtide/nixos-anywhere).
Kexec is a mechanism in Linux to load a new kernel from a running Linux to Kexec is a mechanism in Linux to load a new kernel from a running Linux to
replace the current kernel. This is useful for booting the Nixos installer from replace the current kernel. This is useful for booting the Nixos installer from
existing Linux distributions, such as server provider that do not offer a NixOS existing Linux distributions, such as server provider that do not offer a NixOS
option. After running kexec, the NixOS installer exists only in memory. At the option. After running kexec, the NixOS installer exists only in memory. At the
time of writing, this requires at least 1.5GB of physical RAM (swap does not time of writing, this requires secure boot off in BIOS settings and at least 1GB
count) in the system. If not enough RAM is available, the initrd cannot be of physical RAM (swap does not count) in the system. If not enough RAM is available,
loaded. Because the NixOS runs only in RAM, users can reformat all the system's the initrd cannot be loaded. Because the NixOS runs only in RAM, users can reformat
discs to prepare for a new NixOS installation. all the system's discs to prepare for a new NixOS installation.
It can be booted as follows by running these commands as root: It can be booted as follows by running these commands as root:
@ -30,12 +27,32 @@ The kexec installer comes with the following features:
- Re-uses ssh host keys from the sshd to not break `.ssh/known_hosts` - Re-uses ssh host keys from the sshd to not break `.ssh/known_hosts`
- Authorized ssh keys are read from `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and `/etc/ssh/authorized_keys.d/root` - Authorized ssh keys are read from `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and `/etc/ssh/authorized_keys.d/root`
- (experimental, only tested for nixos-unstable) Static ip addresses and routes - Static ip addresses and routes are restored after reboot.
are restored after reboot. Interface that had dynamic addresses before are Interface that had dynamic addresses before are configured with DHCP and
configured with DHCP and to accept prefixes from ipv6 router advertisment to accept prefixes from ipv6 router advertisement
The actual kexec happens with a slight delay (6s). This allows for easier The actual kexec happens with a slight delay (6s). This allows for easier
integration into automated nixos installation scripts, since you can cleanly integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations is also designed to be run from NixOS, which can be useful for new installations
## Iso installer images
This image allows to boot a NixOS installer off a USB-Stick.
This installer has been optimized for remote installation i.e.
with [nixos-anywhere](https://github.com/numtide/nixos-anywhere) and [clan](https://docs.clan.lol/getting-started/installer/) notably:
* Enables openssh by default
* Generates a random root password on each login
* Enables a Tor hidden SSH service so that by using the `torify ssh <hash>.onion`,
one can log in from remote machines.
* Prints a QR-Code that contains local addresses, the root password
* Includes the [IWD](https://wiki.archlinux.org/title/iwd) deamon for easier wifi setups:
* Run `iwctl` in the terminal for an interactive wifi setup interface.
![Screenshot of the installer](https://github.com/nix-community/nixos-images/releases/download/assets/image-installer-screenshot.jpg)
## Netboot images
You can boot the netboot image using this [ipxe script](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/netboot-x86_64-linux.ipxe).
It consists of the [kernel image](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/bzImage-x86_64-linux) and [initrd](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/initrd-x86_64-linux).

View file

@ -1,10 +0,0 @@
cut_body_after = "" # don't include text from the PR body in the merge commit message
status = [
# garnix
"Evaluate flake.nix",
"package netboot-nixos-2211 [x86_64-linux]",
"package kexec-installer-nixos-2211 [x86_64-linux]",
"package kexec-installer-nixos-unstable [x86_64-linux]",
"check kexec-installer-unstable [x86_64-linux]",
"package netboot-nixos-unstable [x86_64-linux]"
]

View file

@ -5,13 +5,15 @@ set -xeuo pipefail
shopt -s lastpipe shopt -s lastpipe
build_netboot_image() { build_netboot_image() {
declare -r tag=$1 arch=$2 tmp=$3 declare -r tag=$1 channel=$2 arch=$3 tmp=$4
img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-${tag//.}") img=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.netboot-nixos-${channel//./}")
ln -s "$img/bzImage" "$tmp/bzImage-$arch" kernel=$(echo "$img"/*Image)
echo "$tmp/bzImage-$arch" kernelName=$(basename "$kernel")
ln -s "$kernel" "$tmp/$kernelName-$arch"
echo "$tmp/$kernelName-$arch"
ln -s "$img/initrd" "$tmp/initrd-$arch" ln -s "$img/initrd" "$tmp/initrd-$arch"
echo "$tmp/initrd-$arch" echo "$tmp/initrd-$arch"
sed -e "s!^kernel bzImage!kernel https://github.com/nix-community/nixos-images/releases/download/${tag}/bzImage-${arch}!" \ sed -e "s!^kernel $kernelName!kernel https://github.com/nix-community/nixos-images/releases/download/${tag}/$kernelName-${arch}!" \
-e "s!^initrd initrd!initrd https://github.com/nix-community/nixos-images/releases/download/${tag}/initrd-${arch}!" \ -e "s!^initrd initrd!initrd https://github.com/nix-community/nixos-images/releases/download/${tag}/initrd-${arch}!" \
-e "s!initrd=initrd!initrd=initrd-${arch}!" \ -e "s!initrd=initrd!initrd=initrd-${arch}!" \
<"$img/netboot.ipxe" \ <"$img/netboot.ipxe" \
@ -20,30 +22,37 @@ build_netboot_image() {
} }
build_kexec_installer() { build_kexec_installer() {
declare -r tag=$1 arch=$2 tmp=$3 variant=$4 declare -r channel=$1 arch=$2 tmp=$3 variant=$4
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-${tag//.}${variant}") out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.kexec-installer-nixos-${channel}${variant}")
echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz" echo "$out/nixos-kexec-installer${variant}-$arch.tar.gz"
} }
build_image_installer() {
declare -r channel=$1 arch=$2 tmp=$3
out=$(nix build --print-out-paths --option accept-flake-config true -L ".#packages.${arch}.image-installer-nixos-${channel//./}")
echo "$out/iso/nixos-installer-${arch}.iso"
}
main() { main() {
declare -r tag=${1:-nixos-unstable} arch=${2:-x86_64-linux} declare -r tag=${1:-nixos-unstable} arch=${2:-x86_64-linux}
tmp="$(mktemp -d)" tmp="$(mktemp -d)"
trap 'rm -rf -- "$tmp"' EXIT trap 'rm -rf -- "$tmp"' EXIT
( (
build_kexec_installer "$tag" "$arch" "$tmp" "" channel=$(if [[ "$tag" == nixos-unstable ]]; then echo "unstable"; else echo "stable"; fi)
build_kexec_installer "$tag" "$arch" "$tmp" "-noninteractive" build_kexec_installer "$channel" "$arch" "$tmp" ""
build_netboot_image "$tag" "$arch" "$tmp" build_kexec_installer "$channel" "$arch" "$tmp" "-noninteractive"
build_netboot_image "$tag" "$channel" "$arch" "$tmp"
build_image_installer "$channel" "$arch" "$tmp"
) | readarray -t assets ) | readarray -t assets
for asset in "${assets[@]}"; do for asset in "${assets[@]}"; do
pushd "$(dirname "$asset")" pushd "$(dirname "$asset")"
sha256sum "$(basename "$asset")" >> "$TMP/sha256sums"
popd popd
done done
assets+=("$TMP/sha256sums")
# Since we cannot atomically update a release, we delete the old one before if ! gh release view "$tag"; then
gh release delete "$tag" </dev/null || true gh release create --title "$tag (build $(date +"%Y-%m-%d"))" "$tag"
gh release create --title "$tag (build $(date +"%Y-%m-%d"))" "$tag" "${assets[@]}" </dev/null fi
gh release upload --clobber "$tag" "${assets[@]}"
} }
main "$@" main "$@"

View file

@ -1,46 +1,28 @@
{ {
"nodes": { "nodes": {
"disko": { "nixos-stable": {
"inputs": {
"nixpkgs": "nixpkgs"
},
"locked": { "locked": {
"lastModified": 1683508929, "lastModified": 1729181673,
"narHash": "sha256-AqkIrwewCL8+zlkqhNxheF+kOfyakzZDk43SqRTIqRE=", "narHash": "sha256-LDiPhQ3l+fBjRATNtnuDZsBS7hqoBtPkKBkhpoBHv3I=",
"owner": "nix-community",
"repo": "disko",
"rev": "2a59f5cf641607dbecb0cfec3ae32247e4aeb311",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"nixos-2211": {
"locked": {
"lastModified": 1681932375,
"narHash": "sha256-tSXbYmpnKSSWpzOrs27ie8X3I0yqKA6AuCzCYNtwbCU=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "3d302c67ab8647327dba84fbdb443cdbf0e82744", "rev": "4eb33fe664af7b41a4c446f87d20c9a0a6321fa3",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "release-22.11", "ref": "nixos-24.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1681914506, "lastModified": 1729450260,
"narHash": "sha256-frb95rhVUKAeRdHKfD2vbO1kv8U+G9JMAoLHLCRPNa4=", "narHash": "sha256-3GNZr0V4b19RZ5mlyiY/4F8N2pzitvjDU6aHMWjAqLI=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cafa2f02fbbcade5c5c257c190061da555d90913", "rev": "e3f55158e7587c5a5fdb0e86eb7ca4f455f0928f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -50,26 +32,9 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs": {
"locked": {
"lastModified": 1683442750,
"narHash": "sha256-IiJ0WWW6OcCrVFl1ijE+gTaP0ChFfV6dNkJR05yStmw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "eb751d65225ec53de9cf3d88acbf08d275882389",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"disko": "disko", "nixos-stable": "nixos-stable",
"nixos-2211": "nixos-2211",
"nixos-unstable": "nixos-unstable" "nixos-unstable": "nixos-unstable"
} }
} }

View file

@ -2,61 +2,84 @@
description = "NixOS images"; description = "NixOS images";
inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small"; inputs.nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
inputs.nixos-2211.url = "github:NixOS/nixpkgs/release-22.11"; inputs.nixos-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
inputs.disko.url = "github:nix-community/disko";
nixConfig.extra-substituters = [ nixConfig.extra-substituters = [ "https://nix-community.cachix.org" ];
"https://cache.garnix.io" nixConfig.extra-trusted-public-keys = [ "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=" ];
];
nixConfig.extra-trusted-public-keys = [
"cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
];
outputs = { self, nixos-unstable, nixos-2211, disko }: let outputs = { self, nixos-unstable, nixos-stable }:
supportedSystems = [ "aarch64-linux" "x86_64-linux" ]; let
supportedSystems = [ "riscv64-linux" ];
forAllSystems = nixos-unstable.lib.genAttrs supportedSystems; forAllSystems = nixos-unstable.lib.genAttrs supportedSystems;
in { in
packages = forAllSystems (system: let {
hydraJobs = { inherit (self) checks; };
packages = forAllSystems (system:
let
netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system}; netboot = nixpkgs: (import (nixpkgs + "/nixos/release.nix") { }).netboot.${system};
kexec-installer = nixpkgs: modules: (nixpkgs.legacyPackages.${system}.nixos (modules ++ [self.nixosModules.kexec-installer])).config.system.build.kexecTarball; kexec-installer = nixpkgs: module: (nixpkgs.legacyPackages.${system}.nixos [ module self.nixosModules.kexec-installer ]).config.system.build.kexecTarball;
netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ]).config.system.build.netboot; netboot-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.netboot-installer ]).config.system.build.netboot;
in { image-installer = nixpkgs: (nixpkgs.legacyPackages.${system}.nixos [ self.nixosModules.image-installer ]).config.system.build.isoImage;
in
{
netboot-nixos-unstable = netboot nixos-unstable; netboot-nixos-unstable = netboot nixos-unstable;
netboot-nixos-2211 = netboot nixos-2211; netboot-nixos-stable = netboot nixos-stable;
kexec-installer-nixos-unstable = kexec-installer nixos-unstable []; kexec-installer-nixos-unstable = kexec-installer nixos-unstable {};
kexec-installer-nixos-2211 = kexec-installer nixos-2211 []; kexec-installer-nixos-stable = kexec-installer nixos-stable {};
kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable [ image-installer-nixos-unstable = image-installer nixos-unstable;
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; } image-installer-nixos-stable = image-installer nixos-stable;
self.nixosModules.noninteractive
({pkgs, ...}: { kexec-installer-nixos-unstable-noninteractive = kexec-installer nixos-unstable {
boot.kernelPackages = disko.legacyPackages.${pkgs.hostPlatform.system}.linuxPackages_bcachefs; _file = __curPos.file;
}) system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
]; imports = [
kexec-installer-nixos-2211-noninteractive = kexec-installer nixos-2211 [
{ system.kexec-installer.name = "nixos-kexec-installer-noninteractive"; }
self.nixosModules.noninteractive self.nixosModules.noninteractive
]; ];
};
kexec-installer-nixos-stable-noninteractive = kexec-installer nixos-stable {
_file = __curPos.file;
system.kexec-installer.name = "nixos-kexec-installer-noninteractive";
imports = [
self.nixosModules.noninteractive
];
};
netboot-installer-nixos-unstable = netboot-installer nixos-unstable; netboot-installer-nixos-unstable = netboot-installer nixos-unstable;
netboot-installer-nixos-2211 = netboot-installer nixos-2211; netboot-installer-nixos-stable = netboot-installer nixos-stable;
}); });
nixosModules = { nixosModules = {
kexec-installer = ./nix/kexec-installer/module.nix; kexec-installer = ./nix/kexec-installer/module.nix;
noninteractive = ./nix/noninteractive.nix; noninteractive = ./nix/noninteractive.nix;
# TODO: also add a test here once we have https://github.com/NixOS/nixpkgs/pull/228346 merged
netboot-installer = ./nix/netboot-installer/module.nix; netboot-installer = ./nix/netboot-installer/module.nix;
image-installer = ./nix/image-installer/module.nix;
}; };
checks.x86_64-linux = let checks =
pkgs = nixos-unstable.legacyPackages.x86_64-linux; let
in { # re-export the packages as checks
kexec-installer-unstable = pkgs.callPackage ./nix/kexec-installer/test.nix {}; packages = forAllSystems (system: nixos-unstable.lib.mapAttrs' (n: nixos-unstable.lib.nameValuePair "package-${n}") self.packages.${system});
shellcheck = pkgs.runCommand "shellcheck" { checks =
nativeBuildInputs = [ pkgs.shellcheck ]; let
} '' pkgsUnstable = nixos-unstable.legacyPackages.riscv64-linux;
shellcheck ${(pkgs.nixos [self.nixosModules.kexec-installer]).config.system.build.kexecRun} pkgsStable = nixos-stable.legacyPackages.riscv64-linux;
touch $out
''; bootTests = pkgs: channel: suffix: pkgs.lib.mapAttrs' (name: pkgs.lib.nameValuePair "${name}${suffix}") (pkgs.callPackages ./nix/image-installer/tests.nix {
kexec-installer-2211 = nixos-2211.legacyPackages.x86_64-linux.callPackage ./nix/kexec-installer/test.nix {}; nixpkgs = channel;
nixosModules = self.nixosModules;
});
in
{
kexec-installer-unstable = pkgsUnstable.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.riscv64-linux.kexec-installer-nixos-unstable-noninteractive;
}; };
kexec-installer-stable = nixos-stable.legacyPackages.riscv64-linux.callPackage ./nix/kexec-installer/test.nix {
kexecTarball = self.packages.riscv64-linux.kexec-installer-nixos-stable-noninteractive;
};
} // (bootTests pkgsUnstable nixos-unstable "-nixos-unstable")
// (bootTests pkgsStable nixos-stable "-nixos-stable");
in
nixos-unstable.lib.recursiveUpdate packages { riscv64-linux = checks; };
}; };
} }

View file

@ -0,0 +1,63 @@
{
config,
lib,
pkgs,
...
}:
{
options.hidden-ssh-announce = {
enable = lib.mkEnableOption "hidden-ssh-announce";
script = lib.mkOption {
type = lib.types.package;
default = pkgs.writers.writeDash "test-output" "echo $1";
description = ''
script to run when the hidden tor service was started and they hostname is known.
takes the hostname as $1
'';
};
};
config = lib.mkIf config.hidden-ssh-announce.enable {
services.openssh.enable = true;
services.tor = {
enable = true;
relay.onionServices.hidden-ssh = {
version = 3;
map = [
{
port = 22;
target.port = 22;
}
];
};
client.enable = true;
};
systemd.services.hidden-ssh-announce = {
description = "announce hidden ssh";
after = [
"tor.service"
"network-online.target"
];
wants = [
"tor.service"
"network-online.target"
];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
# ${pkgs.tor}/bin/torify
ExecStart = pkgs.writeShellScript "announce-hidden-service" ''
set -efu
until test -e ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname; do
echo "still waiting for ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname"
sleep 1
done
${config.hidden-ssh-announce.script} "$(cat ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname)"
'';
PrivateTmp = "true";
User = "tor";
Type = "oneshot";
};
};
};
}

View file

@ -0,0 +1,125 @@
{
lib,
pkgs,
modulesPath,
...
}:
let
network-status = pkgs.writeShellScriptBin "network-status" ''
export PATH=${
lib.makeBinPath (
with pkgs;
[
iproute2
coreutils
gnugrep
nettools
gum
]
)
}
set -efu -o pipefail
msgs=()
if [[ -e /var/shared/qrcode.utf8 ]]; then
qrcode=$(gum style --border-foreground 240 --border normal "$(< /var/shared/qrcode.utf8)")
msgs+=("$qrcode")
fi
network_status="Root password: $(cat /var/shared/root-password)
Local network addresses:
$(ip -brief -color addr | grep -v 127.0.0.1)
$([[ -e /var/shared/onion-hostname ]] && echo "Onion address: $(cat /var/shared/onion-hostname)" || echo "Onion address: Waiting for tor network to be ready...")
Multicast DNS: $(hostname).local"
network_status=$(gum style --border-foreground 240 --border normal "$network_status")
msgs+=("$network_status")
msgs+=("Press 'Ctrl-C' for console access")
gum join --vertical "''${msgs[@]}"
'';
in
{
imports = [
(modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
../installer.nix
../noveau-workaround.nix
./hidden-ssh-announcement.nix
./wifi.nix
];
systemd.tmpfiles.rules = [ "d /var/shared 0777 root root - -" ];
services.openssh.settings.PermitRootLogin = "yes";
system.activationScripts.root-password = ''
mkdir -p /var/shared
${pkgs.xkcdpass}/bin/xkcdpass --numwords 3 --delimiter - --count 1 > /var/shared/root-password
echo "root:$(cat /var/shared/root-password)" | chpasswd
'';
hidden-ssh-announce = {
enable = true;
script = pkgs.writeShellScript "write-hostname" ''
set -efu
export PATH=${
lib.makeBinPath (
with pkgs;
[
iproute2
coreutils
jq
qrencode
]
)
}
mkdir -p /var/shared
echo "$1" > /var/shared/onion-hostname
local_addrs=$(ip -json addr | jq '[map(.addr_info) | flatten | .[] | select(.scope == "global") | .local]')
jq -nc \
--arg password "$(cat /var/shared/root-password)" \
--arg onion_address "$(cat /var/shared/onion-hostname)" \
--argjson local_addrs "$local_addrs" \
'{ pass: $password, tor: $onion_address, addrs: $local_addrs }' \
> /var/shared/login.json
cat /var/shared/login.json | qrencode -s 2 -m 2 -t utf8 -o /var/shared/qrcode.utf8
'';
};
services.getty.autologinUser = lib.mkForce "root";
console.earlySetup = true;
console.font = lib.mkDefault "${pkgs.terminus_font}/share/consolefonts/ter-u22n.psf.gz";
environment.systemPackages = [ network-status ];
# Less ipv6 addresses to reduce the noise
networking.tempAddresses = "disabled";
# Tango theme: https://yayachiken.net/en/posts/tango-colors-in-terminal/
console.colors = lib.mkDefault [
"000000"
"CC0000"
"4E9A06"
"C4A000"
"3465A4"
"75507B"
"06989A"
"D3D7CF"
"555753"
"EF2929"
"8AE234"
"FCE94F"
"739FCF"
"AD7FA8"
"34E2E2"
"EEEEEC"
];
programs.bash.interactiveShellInit = ''
if [[ "$(tty)" =~ /dev/(tty1|hvc0|ttyS0)$ ]]; then
# workaround for https://github.com/NixOS/nixpkgs/issues/219239
systemctl restart systemd-vconsole-setup.service
watch --no-title --color ${network-status}/bin/network-status
fi
'';
# No one got time for xz compression.
isoImage.squashfsCompression = "zstd";
isoImage.isoName = lib.mkForce "nixos-installer-${pkgs.system}.iso";
}

View file

@ -0,0 +1,105 @@
{
pkgs,
lib,
nixpkgs,
nixos,
nixosModules,
}:
let
testConfig = (
nixos [
(
{ modulesPath, ... }:
{
imports = [
nixosModules.image-installer
"${modulesPath}/testing/test-instrumentation.nix"
];
}
)
]
);
iso = testConfig.config.system.build.isoImage;
mkStartCommand =
{
memory ? 2048,
cdrom ? null,
usb ? null,
uefi ? false,
extraFlags ? [ ],
}:
let
qemu-common = import (nixpkgs + "/nixos/lib/qemu-common.nix") { inherit lib pkgs; };
qemu = qemu-common.qemuBinary pkgs.qemu_test;
flags =
[
"-m"
(toString memory)
"-netdev"
"user,id=net0"
"-device"
"virtio-net-pci,netdev=net0"
]
++ lib.optionals (cdrom != null) [
"-cdrom"
cdrom
]
++ lib.optionals (usb != null) [
"-device"
"usb-ehci"
"-drive"
"id=usbdisk,file=${usb},if=none,readonly"
"-device"
"usb-storage,drive=usbdisk"
]
++ lib.optionals uefi [
"-drive"
"if=pflash,format=raw,unit=0,readonly=on,file=${pkgs.OVMF.firmware}"
"-drive"
"if=pflash,format=raw,unit=1,readonly=on,file=${pkgs.OVMF.variables}"
]
++ extraFlags;
flagsStr = lib.concatStringsSep " " flags;
in
"${qemu} ${flagsStr}";
makeBootTest =
name: config:
let
startCommand = mkStartCommand config;
in
pkgs.testers.runNixOSTest {
name = "boot-${name}";
nodes = { };
testScript = ''
machine = create_machine("${startCommand}")
machine.start()
machine.wait_for_unit("multi-user.target")
machine.succeed("nix store verify --no-trust -r --option experimental-features nix-command /run/current-system")
machine.shutdown()
'';
};
in
{
uefi-cdrom = makeBootTest "uefi-cdrom" {
uefi = true;
cdrom = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
uefi-usb = makeBootTest "uefi-usb" {
uefi = true;
usb = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
bios-cdrom = makeBootTest "bios-cdrom" {
cdrom = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
bios-usb = makeBootTest "bios-usb" {
usb = "${iso}/iso/nixos-installer-${pkgs.hostPlatform.system}.iso";
};
}

View file

@ -0,0 +1,17 @@
{
imports = [ ../networkd.nix ];
# use iwd instead of wpa_supplicant
networking.wireless.enable = false;
# Use iwd instead of wpa_supplicant. It has a user friendly CLI
networking.wireless.iwd = {
enable = true;
settings = {
Network = {
EnableIPv6 = true;
RoutePriorityOffset = 300;
};
Settings.AutoConnect = true;
};
};
}

45
nix/installer.nix Normal file
View file

@ -0,0 +1,45 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
# ./latest-zfs-kernel.nix
./nix-settings.nix
];
# more descriptive hostname than just "nixos"
networking.hostName = lib.mkDefault "nixos-installer";
# We are stateless, so just default to latest.
system.stateVersion = config.system.nixos.version;
# Enable bcachefs support
boot.supportedFilesystems.bcachefs = lib.mkDefault true;
# use latest kernel we can support to get more hardware support
# boot.zfs.package = pkgs.zfsUnstable;
documentation.enable = false;
documentation.man.man-db.enable = false;
# make it easier to debug boot failures
boot.initrd.systemd.emergencyAccess = true;
environment.systemPackages = [
pkgs.nixos-install-tools
# for zapping of disko
pkgs.jq
# for copying extra files of nixos-anywhere
pkgs.rsync
# alternative to nixos-generate-config
# TODO: use nixpkgs again after next nixos release
(pkgs.callPackage ./nixos-facter.nix {})
pkgs.disko
];
# Don't add nixpkgs to the image to save space, for our intended use case we don't need it
system.installer.channel.enable = false;
}

48
nix/kexec-installer/kexec-run.sh Normal file → Executable file
View file

@ -1,6 +1,19 @@
#!/bin/sh #!/bin/sh
set -ex set -ex
kexec_extra_flags=""
while [ $# -gt 0 ]; do
case "$1" in
--kexec-extra-flags)
kexec_extra_flags="$2"
shift
;;
esac
shift
done
# provided by nix # provided by nix
init="@init@" init="@init@"
kernelParams="@kernelParams@" kernelParams="@kernelParams@"
@ -21,12 +34,16 @@ extractPubKeys() {
key="$home/$file" key="$home/$file"
if test -e "$key"; then if test -e "$key"; then
# workaround for debian shenanigans # workaround for debian shenanigans
grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys || true grep -o '\(\(ssh\|ecdsa\|sk\)-[^ ]* .*\)' "$key" >> ssh/authorized_keys || true
fi fi
done done
} }
extractPubKeys /root extractPubKeys /root
if test -n "${DOAS_USER-}"; then
SUDO_USER="$DOAS_USER"
fi
if test -n "${SUDO_USER-}"; then if test -n "${SUDO_USER-}"; then
sudo_home=$(sh -c "echo ~$SUDO_USER") sudo_home=$(sh -c "echo ~$SUDO_USER")
extractPubKeys "$sudo_home" extractPubKeys "$sudo_home"
@ -50,21 +67,36 @@ done
"$SCRIPT_DIR/ip" -4 --json route > routes-v4.json "$SCRIPT_DIR/ip" -4 --json route > routes-v4.json
"$SCRIPT_DIR/ip" -6 --json route > routes-v6.json "$SCRIPT_DIR/ip" -6 --json route > routes-v6.json
[ -f /etc/machine-id ] && cp /etc/machine-id machine-id
find . | cpio -o -H newc | gzip -9 >> "$SCRIPT_DIR/initrd" find . | cpio -o -H newc | gzip -9 >> "$SCRIPT_DIR/initrd"
# Dropped --kexec-syscall-auto because it broke on GCP... kexecSyscallFlags=""
"$SCRIPT_DIR/kexec" --load "$SCRIPT_DIR/bzImage" \ # only do kexec-syscall-auto on kernels newer than 6.0.
--initrd="$SCRIPT_DIR/initrd" --no-checks \ # On older kernel we often get errors like: https://github.com/nix-community/nixos-anywhere/issues/264
--command-line "init=$init $kernelParams" if printf "%s\n" "6.1" "$(uname -r)" | sort -c -V 2>&1; then
kexecSyscallFlags="--kexec-syscall-auto"
fi
if ! sh -c "'$SCRIPT_DIR/kexec' --load '$SCRIPT_DIR/bzImage' \
$kexecSyscallFlags \
$kexec_extra_flags \
--initrd='$SCRIPT_DIR/initrd' --no-checks \
--command-line 'init=$init $kernelParams'"
then
echo "kexec failed, dumping dmesg"
dmesg | tail -n 100
exit 1
fi
# Disconnect our background kexec from the terminal # Disconnect our background kexec from the terminal
echo "machine will boot into nixos in in 6s..." echo "machine will boot into nixos in 6s..."
if test -e /dev/kmsg; then if test -e /dev/kmsg; then
# this makes logging visible in `dmesg`, or the system consol or tools like journald # this makes logging visible in `dmesg`, or the system console or tools like journald
exec > /dev/kmsg 2>&1 exec > /dev/kmsg 2>&1
else else
exec > /dev/null 2>&1 exec > /dev/null 2>&1
fi fi
# We will kexec in background so we can cleanly finish the script before the hosts go down. # We will kexec in background so we can cleanly finish the script before the hosts go down.
# This makes integration with tools like terraform easier. # This makes integration with tools like terraform easier.
nohup sh -c "sleep 6 && '$SCRIPT_DIR/kexec' -e" & nohup sh -c "sleep 6 && '$SCRIPT_DIR/kexec' -e ${kexec_extra_flags}" &

View file

@ -0,0 +1,26 @@
#!/usr/bin/env -S nix shell --inputs-from .# nixos-unstable#bash nixos-unstable#iproute2 nixos-unstable#findutils nixos-unstable#coreutils nixos-unstable#python3 nixos-unstable#jq --command bash
set -eu
SCRIPT_DIR=$(dirname "$(readlink -f "$0")")
# This script can be used to see what network configuration would be restored by the restore_routes.py script for the current system.
tmp=$(mktemp -d)
trap "rm -rf $tmp" EXIT
ip --json address >"$tmp/addrs.json"
ip -6 --json route >"$tmp/routes-v6.json"
ip -4 --json route >"$tmp/routes-v4.json"
python3 "$SCRIPT_DIR/restore_routes.py" "$tmp/addrs.json" "$tmp/routes-v4.json" "$tmp/routes-v6.json" "$tmp"
ls -la "$tmp"
find "$tmp" -type f -name "*.json" -print0 | while IFS= read -r -d '' file; do
echo -e "\033[0;31m$(basename "$file")\033[0m"
jq . "$file"
echo ""
done
find "$tmp" -type f -name "*.network" -print0 | while IFS= read -r -d '' file; do
echo -e "\033[0;31m$(basename "$file")\033[0m"
cat "$file"
echo ""
done

View file

@ -1,15 +1,27 @@
{ config, lib, modulesPath, pkgs, ... }: { config, lib, modulesPath, pkgs, ... }:
let let
restore-network = pkgs.writers.writePython3 "restore-network" { writePython3 = pkgs.writers.makePythonWriter
pkgs.python3Minimal pkgs.python3Packages pkgs.buildPackages.python3Packages;
# writePython3Bin takes the same arguments as writePython3 but outputs a directory (like writeScriptBin)
writePython3Bin = name: writePython3 "/bin/${name}";
restore-network = writePython3Bin "restore-network" {
flakeIgnore = [ "E501" ]; flakeIgnore = [ "E501" ];
} ./restore_routes.py; } ./restore_routes.py;
# does not link with iptables enabled # does not link with iptables enabled
iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; }; iprouteStatic = pkgs.pkgsStatic.iproute2.override { iptables = null; };
in { in
{
imports = [ imports = [
(modulesPath + "/installer/netboot/netboot-minimal.nix") (modulesPath + "/installer/netboot/netboot-minimal.nix")
../installer.nix
../networkd.nix
../serial.nix
../restore-remote-access.nix
]; ];
options = { options = {
system.kexec-installer.name = lib.mkOption { system.kexec-installer.name = lib.mkOption {
type = lib.types.str; type = lib.types.str;
@ -21,9 +33,7 @@ in {
}; };
config = { config = {
# We are stateless, so just default to latest. boot.initrd.compressor = "xz";
system.stateVersion = config.system.nixos.version;
# This is a variant of the upstream kexecScript that also allows embedding # This is a variant of the upstream kexecScript that also allows embedding
# a ssh key. # a ssh key.
system.build.kexecRun = pkgs.runCommand "kexec-run" { } '' system.build.kexecRun = pkgs.runCommand "kexec-run" { } ''
@ -44,31 +54,16 @@ in {
cp "${config.system.build.kexecRun}" kexec/run cp "${config.system.build.kexecRun}" kexec/run
cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" kexec/kexec cp "${pkgs.pkgsStatic.kexec-tools}/bin/kexec" kexec/kexec
cp "${iprouteStatic}/bin/ip" kexec/ip cp "${iprouteStatic}/bin/ip" kexec/ip
${lib.optionalString (pkgs.hostPlatform == pkgs.buildPlatform) ''
kexec/ip -V
kexec/kexec --version
''}
tar -czvf $out/${config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz kexec tar -czvf $out/${config.system.kexec-installer.name}-${pkgs.stdenv.hostPlatform.system}.tar.gz kexec
''; '';
# IPMI SOL console redirection stuff
boot.kernelParams =
[ "console=tty0" ] ++
(lib.optional (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) "console=ttyAMA0,115200") ++
(lib.optional (pkgs.stdenv.hostPlatform.isRiscV) "console=ttySIF0,115200") ++
[ "console=ttyS0,115200" ];
documentation.enable = false;
# Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable.
networking.firewall.enable = false;
systemd.network.enable = true;
networking.dhcpcd.enable = false;
# for detection if we are on kexec # for detection if we are on kexec
environment.etc.is_kexec.text = "true"; environment.etc.is_kexec.text = "true";
# for zapping of disko
environment.systemPackages = [
pkgs.jq
];
systemd.services.restore-network = { systemd.services.restore-network = {
before = [ "network-pre.target" ]; before = [ "network-pre.target" ];
wants = [ "network-pre.target" ]; wants = [ "network-pre.target" ];
@ -78,7 +73,7 @@ in {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
ExecStart = [ ExecStart = [
"${restore-network} /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network" "${restore-network}/bin/restore-network /root/network/addrs.json /root/network/routes-v4.json /root/network/routes-v6.json /etc/systemd/network"
]; ];
}; };
@ -88,37 +83,5 @@ in {
"/root/network/routes-v6.json" "/root/network/routes-v6.json"
]; ];
}; };
systemd.services.log-network-status = {
wantedBy = [ "multi-user.target" ];
# No point in restarting this. We just need this after boot
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
StandardOutput = "journal+console";
ExecStart = [
# Allow failures, so it still prints what interfaces we have even if we
# not get online
"-${pkgs.systemd}/lib/systemd/systemd-networkd-wait-online"
"${pkgs.iproute2}/bin/ip -c addr"
"${pkgs.iproute2}/bin/ip -c -6 route"
"${pkgs.iproute2}/bin/ip -c -4 route"
];
};
};
# Restore ssh host and user keys if they are available.
# This avoids warnings of unknown ssh keys.
boot.initrd.postMountCommands = ''
mkdir -m 700 -p /mnt-root/root/.ssh
mkdir -m 755 -p /mnt-root/etc/ssh
mkdir -m 755 -p /mnt-root/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /mnt-root/root/.ssh
fi
install -m 400 ssh/ssh_host_* /mnt-root/etc/ssh
cp *.json /mnt-root/root/network/
'';
}; };
} }

View file

@ -1,40 +1,86 @@
import json import json
import sys import sys
from pathlib import Path from pathlib import Path
from typing import Any from typing import Any, Iterator
from dataclasses import dataclass
def filter_interfaces(network: list[dict[str, Any]]) -> list[dict[str, Any]]: @dataclass
output = [] class Address:
address: str
family: str
prefixlen: int
preferred_life_time: int = 0
valid_life_time: int = 0
@dataclass
class Interface:
name: str
ifname: str | None
mac_address: str
dynamic_addresses: list[Address]
static_addresses: list[Address]
static_routes: list[dict[str, Any]]
def filter_interfaces(network: list[dict[str, Any]]) -> list[Interface]:
interfaces = []
for net in network: for net in network:
if net.get("link_type") == "loopback": if net.get("link_type") == "loopback":
continue continue
if not net.get("address"): if not (mac_address := net.get("address")):
# We need a mac address to match devices reliable # We need a mac address to match devices reliable
continue continue
addr_info = [] static_addresses = []
has_dynamic_address = False dynamic_addresses = []
for addr in net.get("addr_info", []): for info in net.get("addr_info", []):
# no link-local ipv4/ipv6 # no link-local ipv4/ipv6
if addr.get("scope") == "link": if info.get("scope") == "link":
continue continue
# do not explicitly configure addresses from dhcp or router advertisment if (preferred_life_time := info.get("preferred_life_time")) is None:
if addr.get("dynamic", False): continue
has_dynamic_address = True if (valid_life_time := info.get("valid_life_time")) is None:
continue
if (prefixlen := info.get("prefixlen")) is None:
continue
if (family := info.get("family")) not in ["inet", "inet6"]:
continue
if (local := info.get("local")) is None:
continue
if (dynamic := info.get("dynamic", False)) is None:
continue continue
else:
addr_info.append(addr)
if addr_info != [] or has_dynamic_address:
net["addr_info"] = addr_info
output.append(net)
return output address = Address(
address=local,
family=family,
prefixlen=prefixlen,
preferred_life_time=preferred_life_time,
valid_life_time=valid_life_time,
)
if dynamic:
dynamic_addresses.append(address)
else:
static_addresses.append(address)
interfaces.append(
Interface(
name=net.get("ifname", mac_address.replace(":", "-")),
ifname=net.get("ifname"),
mac_address=mac_address,
dynamic_addresses=dynamic_addresses,
static_addresses=static_addresses,
static_routes=[],
)
)
return interfaces
def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]: def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]:
filtered = [] filtered = []
for route in routes: for route in routes:
# Filter out routes set by addresses with subnets, dhcp and router advertisment # Filter out routes set by addresses with subnets, dhcp and router advertisement
if route.get("protocol") in ["dhcp", "kernel", "ra"]: if route.get("protocol") in ["dhcp", "kernel", "ra"]:
continue continue
filtered.append(route) filtered.append(route)
@ -42,46 +88,81 @@ def filter_routes(routes: list[dict[str, Any]]) -> list[dict[str, Any]]:
return filtered return filtered
def generate_networkd_units( def find_most_recent_v4_lease(addresses: list[Address]) -> Address | None:
interfaces: list[dict[str, Any]], routes: list[dict[str, Any]], directory: Path most_recent_address = None
) -> None: most_recent_lifetime = -1
directory.mkdir(exist_ok=True) for addr in addresses:
for interface in interfaces: if addr.family == "inet6":
name = f"{interface['ifname']}.network"
addresses = [
f"Address = {addr['local']}/{addr['prefixlen']}"
for addr in interface.get("addr_info", [])
]
route_sections = []
for route in routes:
if route.get("dev", "nodev") != interface.get("ifname", "noif"):
continue continue
lifetime = max(addr.preferred_life_time, addr.valid_life_time)
if lifetime > most_recent_lifetime:
most_recent_lifetime = lifetime
most_recent_address = addr
return most_recent_address
route_section = "[Route]\n"
if route.get("dst") != "default": def generate_routes(
# can be skipped for default routes interface: Interface, routes: list[dict[str, Any]]
route_section += f"Destination = {route['dst']}\n" ) -> Iterator[str]:
gateway = route.get("gateway") for route in routes:
if gateway: if interface.ifname is None or route.get("dev") != interface.ifname:
route_section += f"Gateway = {gateway}\n" continue
# we may ignore on-link default routes here, but I don't see how # we may ignore on-link default routes here, but I don't see how
# they would be useful for internet connectivity anyway # they would be useful for internet connectivity anyway
route_sections.append(route_section)
# FIXME in some networks we might not want to trust dhcp or router advertisments yield "[Route]"
unit = f""" if route.get("dst") != "default":
# can be skipped for default routes
yield f"Destination = {route['dst']}"
gateway = route.get("gateway")
# route v4 via v6
route_via = route.get("via")
if route_via and route_via.get("family") == "inet6":
gateway = route_via.get("host")
if route.get("dst") == "default":
yield "Destination = 0.0.0.0/0"
if gateway:
yield f"Gateway = {gateway}"
def generate_networkd_units(
interfaces: list[Interface], routes: list[dict[str, Any]], directory: Path
) -> None:
directory.mkdir(exist_ok=True)
for interface in interfaces:
# FIXME in some networks we might not want to trust dhcp or router advertisements
unit_sections = [
f"""
[Match] [Match]
MACAddress = {interface["address"]} MACAddress = {interface.mac_address}
[Network] [Network]
# both ipv4 and ipv6
DHCP = yes DHCP = yes
# lets us discover the switch port we're connected to
LLDP = yes
# ipv6 router advertisements
IPv6AcceptRA = yes IPv6AcceptRA = yes
""" # allows us to ping "nixos.local"
unit += "\n".join(addresses) MulticastDNS = yes"""
unit += "\n" + "\n".join(route_sections) ]
(directory / name).write_text(unit) unit_sections.extend(
f"Address = {addr.address}/{addr.prefixlen}"
for addr in interface.static_addresses
)
unit_sections.extend(generate_routes(interface, routes))
most_recent_v4_lease = find_most_recent_v4_lease(interface.dynamic_addresses)
if most_recent_v4_lease:
unit_sections.append("[DHCPv4]")
unit_sections.append(f"RequestAddress = {most_recent_v4_lease.address}")
# trailing newline at the end
unit_sections.append("")
(directory / f"00-{interface.name}.network").write_text(
"\n".join(unit_sections)
)
def main() -> None: def main() -> None:

View file

@ -0,0 +1,7 @@
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
QyNTUxOQAAACA8wk9uIqPk7FZFhRs0ZQ4Q/b0Rd//Rpq2i9e3v33+WwgAAAJjeXdO33l3T
twAAAAtzc2gtZWQyNTUxOQAAACA8wk9uIqPk7FZFhRs0ZQ4Q/b0Rd//Rpq2i9e3v33+Wwg
AAAEBiNUp5mUe87gWrXbjd36dqt/6waDLdoYV1woR8in4ehDzCT24io+TsVkWFGzRlDhD9
vRF3/9GmraL17e/ff5bCAAAAE2pvZXJnQHR1cmluZ21hY2hpbmUBAg==
-----END OPENSSH PRIVATE KEY-----

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDzCT24io+TsVkWFGzRlDhD9vRF3/9GmraL17e/ff5bC joerg@turingmachine

View file

@ -1,38 +1,36 @@
{ pkgs ? import <nixpkgs> {} }: { pkgs
, lib
, kexecTarball
, nixos-facter ? null
}:
let pkgs.testers.runNixOSTest {
makeTest = import (pkgs.path + "/nixos/tests/make-test-python.nix");
makeTest' = args: makeTest args {
inherit pkgs;
inherit (pkgs) system;
};
in makeTest' {
name = "kexec-installer"; name = "kexec-installer";
meta = with pkgs.lib.maintainers; { meta = with pkgs.lib.maintainers; {
maintainers = [ mic92 ]; maintainers = [ mic92 ];
}; };
nodes = { nodes = {
node1 = { modulesPath, ... }: { node1 = { modulesPath, pkgs, ... }: {
virtualisation.vlans = [ 1 ]; virtualisation.vlans = [ ];
environment.noXlibs = false; # avoid recompilation
imports = [ imports = [
(modulesPath + "/profiles/minimal.nix") (modulesPath + "/profiles/minimal.nix")
]; ];
virtualisation.memorySize = 1024 + 512; system.extraDependencies = [ kexecTarball ];
virtualisation.memorySize = 1 * 1024;
virtualisation.diskSize = 4 * 1024; virtualisation.diskSize = 4 * 1024;
virtualisation.useBootLoader = true; virtualisation.forwardPorts = [{
virtualisation.useEFIBoot = true; host.port = 2222;
boot.loader.systemd-boot.enable = true; guest.port = 22;
boot.loader.efi.canTouchEfiVariables = true; }];
services.openssh.enable = true; services.openssh.enable = true;
networking = { networking.useNetworkd = true;
useNetworkd = true; networking.useDHCP = false;
useDHCP = false;
}; users.users.root.openssh.authorizedKeys.keyFiles = [ ./ssh-keys/id_ed25519.pub ];
systemd.network = { systemd.network = {
networks = { networks = {
@ -41,152 +39,173 @@ in makeTest' {
# /etc/systemd/network/{40-eth1,99-main}.network already # /etc/systemd/network/{40-eth1,99-main}.network already
# exists. This network unit must be loaded for the test, # exists. This network unit must be loaded for the test,
# however, hence why this network is named such. # however, hence why this network is named such.
"01-eth1" = {
name = "eth1"; "01-eth0" = {
name = "eth0";
address = [ address = [
# Some static addresses that we want to see in the kexeced image # Some static addresses that we want to see in the kexeced image
"192.168.42.1/24" "192.168.42.1/24"
"42::1/64" "42::1/64"
]; ];
routes = [ routes = if pkgs.lib.versionAtLeast lib.version "24.11" then [
{ Destination = "192.168.43.0/24"; }
{ Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }
{ Destination = "192.168.45.0/24"; Gateway = "43::1"; }
{ Destination = "43::0/64"; }
{ Destination = "44::1/64"; Gateway = "43::1"; }
] else [
# Some static routes that we want to see in the kexeced image # Some static routes that we want to see in the kexeced image
{ routeConfig = { Destination = "192.168.43.0/24"; }; } { routeConfig = { Destination = "192.168.43.0/24"; }; }
{ routeConfig = { Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }; } { routeConfig = { Destination = "192.168.44.0/24"; Gateway = "192.168.43.1"; }; }
{ routeConfig = { Destination = "192.168.45.0/24"; Gateway = "43::1"; }; }
{ routeConfig = { Destination = "43::0/64"; }; } { routeConfig = { Destination = "43::0/64"; }; }
{ routeConfig = { Destination = "44::1/64"; Gateway = "43::1"; }; } { routeConfig = { Destination = "44::1/64"; Gateway = "43::1"; }; }
]; ];
networkConfig = { networkConfig = { DHCP = "yes"; IPv6AcceptRA = true; };
DHCP = "yes";
IPv6AcceptRA = true;
}; };
}; };
}; };
} // lib.optionalAttrs (lib.versionOlder lib.version "24.11pre") {
# avoid second overlay
environment.noXlibs = false;
}; };
}; };
node2 = { pkgs, modulesPath, ... }: { testScript = /*python*/ ''
environment.systemPackages = [ pkgs.hello ]; import json
imports = [ import time
./module.nix import subprocess
../noninteractive.nix import socket
]; import http.server
}; from threading import Thread
from typing import Optional
router = { config, pkgs, ... }: { start_all()
virtualisation.vlans = [ 1 ];
networking = {
useNetworkd = true;
useDHCP = false;
firewall.enable = false;
};
systemd.network = {
networks = {
# systemd-networkd will load the first network unit file
# that matches, ordered lexiographically by filename.
# /etc/systemd/network/{40-eth1,99-main}.network already
# exists. This network unit must be loaded for the test,
# however, hence why this network is named such.
"01-eth1" = {
name = "eth1";
address = [
"2001:db8::1/64"
];
ipv6Prefixes = [
{ ipv6PrefixConfig = { Prefix = "2001:db8::/64"; AddressAutoconfiguration = true; OnLink = true; }; }
];
# does not work in 22.11
#ipv6RoutePrefixes = [ { ipv6RoutePrefixConfig = { Route = "::/0"; LifetimeSec = 3600; }; }];
extraConfig = ''
[IPv6RoutePrefix]
Route = ::/0
LifetimeSec = 3600
'';
networkConfig = {
DHCPServer = true;
Address = "10.0.0.1/24";
IPv6SendRA = true;
};
dhcpServerConfig = {
PoolOffset = 100;
PoolSize = 1;
EmitRouter = true;
};
};
};
};
};
}; class DualStackServer(http.server.HTTPServer):
def server_bind(self):
self.socket.setsockopt(socket.IPPROTO_IPV6, socket.IPV6_V6ONLY, 0)
return super().server_bind()
DualStackServer.address_family = socket.AF_INET6
httpd = DualStackServer(("::", 0), http.server.SimpleHTTPRequestHandler)
testScript = { nodes, ... }: '' http.server.HTTPServer.address_family = socket.AF_INET6
# Test whether reboot via kexec works. port = httpd.server_port
def serve_forever(httpd):
with httpd:
httpd.serve_forever()
thread = Thread(target=serve_forever, args=(httpd, ))
thread.setDaemon(True)
thread.start()
router.wait_for_unit("network-online.target") node1.wait_until_succeeds(f"curl -v -I http://10.0.2.2:{port}")
router.succeed("ip addr >&2") node1.wait_until_succeeds(f"curl -v -I http://[fec0::2]:{port}")
router.succeed("ip route >&2")
router.succeed("ip -6 route >&2")
router.succeed("networkctl status eth1 >&2")
node1.wait_until_succeeds("ping -c1 10.0.0.1")
node1.wait_until_succeeds("ping -c1 2001:db8::1")
node1.succeed("ip addr >&2") node1.succeed("ip addr >&2")
node1.succeed("ip route >&2") node1.succeed("ip route >&2")
node1.succeed("ip -6 route >&2") node1.succeed("ip -6 route >&2")
node1.succeed("networkctl status eth1 >&2") node1.succeed("networkctl status eth0 >&2")
host_ed25519_before = node1.succeed("cat /etc/ssh/ssh_host_ed25519_key.pub") def ssh(cmd: list[str], check: bool = True, stdout: Optional[int] = None) -> subprocess.CompletedProcess[str]:
ssh_cmd = [
"${pkgs.openssh}/bin/ssh",
"-o", "StrictHostKeyChecking=no",
"-o", "ConnectTimeout=1",
"-i", "${./ssh-keys/id_ed25519}",
"-p", "2222",
"root@127.0.0.1",
"--"
] + cmd
print(" ".join(ssh_cmd))
return subprocess.run(ssh_cmd,
text=True,
check=check,
stdout=stdout)
while not ssh(["true"], check=False).returncode == 0:
time.sleep(1)
ssh(["cp", "--version"])
host_ed25519_before = node1.succeed("cat /etc/ssh/ssh_host_ed25519_key.pub").strip()
node1.succeed('ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -q -N ""') node1.succeed('ssh-keygen -t ed25519 -f /root/.ssh/id_ed25519 -q -N ""')
root_ed25519_before = node1.succeed('tee /root/.ssh/authorized_keys < /root/.ssh/id_ed25519.pub') root_ed25519_before = node1.succeed('tee /root/.ssh/authorized_keys < /root/.ssh/id_ed25519.pub').strip()
# Kexec node1 to the toplevel of node2 via the kexec-boot script # Kexec node1 to the toplevel of node2 via the kexec-boot script
node1.succeed('touch /run/foo') node1.succeed('touch /run/foo')
node1.fail('hello') old_machine_id = node1.succeed("cat /etc/machine-id").strip()
node1.succeed('tar -xf ${nodes.node2.system.build.kexecTarball}/nixos-kexec-installer-${pkgs.system}.tar.gz -C /root') node1.fail('parted --version >&2')
node1.execute('/root/kexec/run') node1.succeed('tar -xf ${kexecTarball}/nixos-kexec-installer-noninteractive-${pkgs.system}.tar.gz -C /root')
# wait for machine to kexec node1.succeed('/root/kexec/ip -V >&2')
node1.execute('sleep 9999', check_return=False) node1.succeed('/root/kexec/kexec --version >&2')
node1.succeed('! test -e /run/foo') node1.succeed('/root/kexec/run >&2')
node1.succeed('hello')
node1.succeed('[ "$(hostname)" = "node2" ]')
node1.wait_for_unit("sshd.service")
host_ed25519_after = node1.succeed("cat /etc/ssh/ssh_host_ed25519_key.pub") # wait for kexec to finish
assert host_ed25519_before == host_ed25519_after, f"{host_ed25519_before} != {host_ed25519_after}" while ssh(["true"], check=False).returncode == 0:
print("Waiting for kexec to finish...")
time.sleep(1)
root_ed25519_after = node1.succeed("cat /root/.ssh/authorized_keys") while ssh(["true"], check=False).returncode != 0:
assert root_ed25519_before == root_ed25519_after, f"{root_ed25519_before} != {root_ed25519_after}" print("Waiting for node2 to come up...")
time.sleep(1)
# See if we can reach the router after kexec while ssh(["systemctl is-active restore-network"], check=False).returncode != 0:
node1.wait_for_unit("restore-network.service") print("Waiting for network to be restored...")
node1.wait_until_succeeds("cat /etc/systemd/network/eth1.network >&2") time.sleep(1)
node1.wait_until_succeeds("ping -c1 10.0.0.1") ssh(["systemctl", "status", "restore-network"])
node1.wait_until_succeeds("ping -c1 2001:db8::1")
# Check if static addresses have been restored print(ssh(["ip", "addr"]))
node1.wait_until_succeeds("ping -c1 42::1") print(ssh(["ip", "route"]))
node1.wait_until_succeeds("ping -c1 192.168.42.1") print(ssh(["ip", "-6", "route"]))
print(ssh(["networkctl", "status"]))
out = node1.wait_until_succeeds("ip route get 192.168.43.2") new_machine_id = ssh(["cat", "/etc/machine-id"], stdout=subprocess.PIPE).stdout.strip()
assert old_machine_id == new_machine_id, f"{old_machine_id} != {new_machine_id}, machine-id changed"
assert ssh(["ls", "-la", "/run/foo"], check=False).returncode != 0, "kexeced node1 still has /run/foo"
print(ssh(["parted", "--version"]))
host = ssh(["hostname"], stdout=subprocess.PIPE).stdout.strip()
assert host == "nixos-installer", f"hostname is {host}, not nixos-installer"
has_nixos_facter=${if nixos-facter != null then "True" else "False"}
if has_nixos_facter == True:
data = json.loads(ssh(["nixos-facter"], stdout=subprocess.PIPE).stdout)
assert data["virtualisation"] == "kvm", f"virtualisation is {data['virtualisation']}, not kvm"
host_ed25519_after = ssh(["cat", "/etc/ssh/ssh_host_ed25519_key.pub"], stdout=subprocess.PIPE).stdout.strip()
assert host_ed25519_before == host_ed25519_after, f"'{host_ed25519_before}' != '{host_ed25519_after}'"
root_ed25519_after = ssh(["cat", "/root/.ssh/authorized_keys"], stdout=subprocess.PIPE).stdout.strip()
assert root_ed25519_before in root_ed25519_after, f"'{root_ed25519_before}' not included in '{root_ed25519_after}'"
print(ssh(["cat", "/etc/systemd/network/00-eth0.network"]))
ssh(["curl", "-v", "-I", f"http://10.0.2.2:{port}"])
ssh(["curl", "-v", "-I", f"http://[fec0::2]:{port}"])
## Check if static addresses have been restored
ssh(["ping", "-c1", "42::1"])
ssh(["ping", "-c1", "192.168.42.1"])
out = ssh(["ip", "route", "get", "192.168.43.2"], stdout=subprocess.PIPE).stdout
print(out) print(out)
assert "192.168.43.2 dev eth1" in out assert "192.168.43.2 dev" in out, f"route to `192.168.43.2 dev` not found: {out}"
out = node1.wait_until_succeeds("ip route get 192.168.44.2") out = ssh(["ip", "route", "get", "192.168.44.2"], stdout=subprocess.PIPE).stdout
print(out) print(out)
assert "192.168.44.2 via 192.168.43.1" in out assert "192.168.44.2 via 192.168.43.1" in out, f"route to `192.168.44.2 via 192.168.43.1` not found: {out}"
out = node1.wait_until_succeeds("ip route get 43::2") out = ssh(["ip", "route", "get", "192.168.45.2"], stdout=subprocess.PIPE).stdout
print(out) print(out)
assert "43::2 from :: dev eth1" in out assert "192.168.45.2 via inet6 43::1" in out, f"route to `192.168.45.2 via inet6 43::1` not found: {out}"
out = node1.wait_until_succeeds("ip route get 44::2") out = ssh(["ip", "route", "get", "43::2"], stdout=subprocess.PIPE).stdout
print(out) print(out)
assert "44::2 from :: via 43::1" in out assert "43::2 from :: dev" in out, f"route `43::2 from dev` not found: {out}"
node1.succeed("ip addr >&2") out = ssh(["ip", "route", "get", "44::2"], stdout=subprocess.PIPE).stdout
node1.succeed("ip route >&2") print(out)
node1.succeed("ip -6 route >&2") assert "44::2 from :: via 43::1" in out, f"route to `44::2 from :: via 43::1` not found: {out}"
node1.succeed("networkctl status eth1 >&2")
node1.shutdown() node1.crash()
''; '';
} }

26
nix/latest-zfs-kernel.nix Normal file
View file

@ -0,0 +1,26 @@
{
lib,
pkgs,
config,
...
}:
let
isUnstable = config.boot.zfs.package == pkgs.zfsUnstable;
zfsCompatibleKernelPackages = lib.filterAttrs (
name: kernelPackages:
(builtins.match "linux_[0-9]+_[0-9]+" name) != null
&& (builtins.tryEval kernelPackages).success
&& (
(!isUnstable && !kernelPackages.zfs.meta.broken)
|| (isUnstable && !kernelPackages.zfs_unstable.meta.broken)
)
) pkgs.linuxKernel.packages;
latestKernelPackage = lib.last (
lib.sort (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) (builtins.attrValues zfsCompatibleKernelPackages)
);
in
{
# Note this might jump back and worth as kernel get added or removed.
boot.kernelPackages = latestKernelPackage;
}

View file

@ -0,0 +1,22 @@
{ pkgs, ... }:
{
systemd.services.log-network-status = {
wantedBy = [ "multi-user.target" ];
# No point in restarting this. We just need this after boot
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
StandardOutput = "journal+console";
ExecStart = [
# Allow failures, so it still prints what interfaces we have even if we
# not get online
"-${pkgs.systemd}/lib/systemd/systemd-networkd-wait-online"
"${pkgs.iproute2}/bin/ip -c addr"
"${pkgs.iproute2}/bin/ip -c -6 route"
"${pkgs.iproute2}/bin/ip -c -4 route"
"${pkgs.systemd}/bin/networkctl status"
];
};
};
}

View file

@ -2,6 +2,10 @@
{ {
imports = [ imports = [
(modulesPath + "/installer/netboot/netboot-minimal.nix") (modulesPath + "/installer/netboot/netboot-minimal.nix")
../installer.nix
../networkd.nix
../serial.nix
../restore-remote-access.nix
]; ];
# We are stateless, so just default to latest. # We are stateless, so just default to latest.
@ -20,28 +24,12 @@
]; ];
preferLocalBuild = true; preferLocalBuild = true;
}; };
# IPMI SOL console redirection stuff
boot.kernelParams =
[ "console=tty0" ] ++
(lib.optional (pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64) "console=ttyAMA0,115200") ++
(lib.optional (pkgs.stdenv.hostPlatform.isRiscV) "console=ttySIF0,115200") ++
[ "console=ttyS0,115200" ];
documentation.enable = false;
# Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable.
networking.firewall.enable = false;
systemd.network.enable = true;
networking.dhcpcd.enable = false;
systemd.network.networks."10-uplink" = { systemd.network.networks."10-uplink" = {
matchConfig.Type = "ether"; matchConfig.Type = "ether";
networkConfig = { networkConfig = {
DHCP = "yes"; DHCP = "yes";
LLMNR = "yes";
EmitLLDP = "yes"; EmitLLDP = "yes";
IPv6AcceptRA = "no"; IPv6AcceptRA = "yes";
MulticastDNS = "yes"; MulticastDNS = "yes";
LinkLocalAddressing = "yes"; LinkLocalAddressing = "yes";
LLDP = "yes"; LLDP = "yes";
@ -53,29 +41,6 @@
}; };
}; };
# for zapping of disko
environment.systemPackages = [
pkgs.jq
];
systemd.services.log-network-status = {
wantedBy = [ "multi-user.target" ];
# No point in restarting this. We just need this after boot
restartIfChanged = false;
serviceConfig = {
Type = "oneshot";
StandardOutput = "journal+console";
ExecStart = [
# Allow failures, so it still prints what interfaces we have even if we
# not get online
"-${pkgs.systemd}/lib/systemd/systemd-networkd-wait-online"
"${pkgs.iproute2}/bin/ip -c addr"
"${pkgs.iproute2}/bin/ip -c -6 route"
"${pkgs.iproute2}/bin/ip -c -4 route"
];
};
};
networking.hostName = ""; networking.hostName = "";
# overrides normal activation script for setting hostname # overrides normal activation script for setting hostname
system.activationScripts.hostname = lib.mkForce '' system.activationScripts.hostname = lib.mkForce ''
@ -89,14 +54,4 @@
done done
hostname "''${hostParam[1]:-nixos}" hostname "''${hostParam[1]:-nixos}"
''; '';
boot.initrd.postMountCommands = ''
# add user keys if they are available.
mkdir -m 700 -p /mnt-root/root/.ssh
mkdir -m 755 -p /mnt-root/etc/ssh
mkdir -m 755 -p /mnt-root/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /mnt-root/root/.ssh
fi
'';
} }

13
nix/networkd.nix Normal file
View file

@ -0,0 +1,13 @@
{ lib, ... }:
{
# Not really needed. Saves a few bytes and the only service we are running is sshd, which we want to be reachable.
networking.firewall.enable = false;
networking.useNetworkd = true;
systemd.network.enable = true;
# mdns
networking.firewall.allowedUDPPorts = [ 5353 ];
systemd.network.networks."99-ethernet-default-dhcp".networkConfig.MulticastDNS = lib.mkDefault "yes";
systemd.network.networks."99-wireless-client-dhcp".networkConfig.MulticastDNS = lib.mkDefault "yes";
}

24
nix/nix-settings.nix Normal file
View file

@ -0,0 +1,24 @@
# take from srvos
{ lib, ... }:
{
# Fallback quickly if substituters are not available.
nix.settings.connect-timeout = 5;
# Enable flakes
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# The default at 10 is rarely enough.
nix.settings.log-lines = lib.mkDefault 25;
# Avoid disk full issues
nix.settings.max-free = lib.mkDefault (3000 * 1024 * 1024);
nix.settings.min-free = lib.mkDefault (512 * 1024 * 1024);
# TODO: cargo culted.
nix.daemonCPUSchedPolicy = lib.mkDefault "batch";
nix.daemonIOSchedClass = lib.mkDefault "idle";
nix.daemonIOSchedPriority = lib.mkDefault 7;
# Avoid copying unnecessary stuff over SSH
nix.settings.builders-use-substitutes = true;
}

71
nix/nixos-facter.nix Normal file
View file

@ -0,0 +1,71 @@
{
lib,
buildGoModule,
fetchFromGitHub,
hwinfo,
libusb1,
gcc,
pkg-config,
util-linux,
pciutils,
stdenv,
}:
let
# We are waiting on some changes to be merged upstream: https://github.com/openSUSE/hwinfo/pulls
hwinfoOverride = hwinfo.overrideAttrs {
src = fetchFromGitHub {
owner = "numtide";
repo = "hwinfo";
rev = "a559f34934098d54096ed2078e750a8245ae4044";
hash = "sha256-3abkWPr98qXXQ17r1Z43gh2M5hl/DHjW2hfeWl+GSAs=";
};
};
in
buildGoModule rec {
pname = "nixos-facter";
version = "0.1.1";
src = fetchFromGitHub {
owner = "numtide";
repo = "nixos-facter";
rev = "v${version}";
hash = "sha256-vlPmvCrgX64dcf//BPtQszBt7dkq35JpgQg+/LW0AqM=";
};
vendorHash = "sha256-5leiTNp3FJmgFd0SKhu18hxYZ2G9SuQPhZJjki2SDVs=";
CGO_ENABLED = 1;
buildInputs = [
libusb1
hwinfoOverride
];
nativeBuildInputs = [
gcc
pkg-config
];
runtimeInputs = [
libusb1
util-linux
pciutils
];
ldflags = [
"-s"
"-w"
"-X git.numtide.com/numtide/nixos-facter/build.Name=nixos-facter"
"-X git.numtide.com/numtide/nixos-facter/build.Version=v${version}"
"-X github.com/numtide/nixos-facter/pkg/build.System=${stdenv.hostPlatform.system}"
];
meta = {
description = "Declarative hardware configuration for NixOS";
homepage = "https://github.com/numtide/nixos-facter";
license = lib.licenses.gpl3Plus;
maintainers = [ lib.maintainers.brianmcgee ];
mainProgram = "nixos-facter";
platforms = lib.platforms.linux;
};
}

12
nix/no-bootloaders.nix Normal file
View file

@ -0,0 +1,12 @@
{ lib, ... }: {
# HACK: Drop this, once we have 24.11 everywhere
nixpkgs.overlays = lib.optionals (lib.versionOlder lib.version "24.11pre") [
# Both syslinux and grub also reference perl
(final: prev: {
# we don't need grub: save ~ 60MB
grub2 = prev.coreutils;
grub2_efi = prev.coreutils;
syslinux = prev.coreutils;
})
];
}

View file

@ -1,13 +1,25 @@
# This module optimizes for non-interactive deployments by remove some store paths # This module optimizes for non-interactive deployments by remove some store paths
# which are primarily useful for interactive installations. # which are primarily useful for interactive installations.
{ config, lib, pkgs, ... }: { { lib, pkgs, modulesPath, ... }:
{
disabledModules = [ disabledModules = [
# This module adds values to multiple lists (systemPackages, supportedFilesystems) # This module adds values to multiple lists (systemPackages, supportedFilesystems)
# which are impossible/unpractical to remove, so we disable the entire module. # which are impossible/unpractical to remove, so we disable the entire module.
"profiles/base.nix" "profiles/base.nix"
]; ];
imports = [
# ./zfs-minimal.nix
./no-bootloaders.nix
./python-minimal.nix
./noveau-workaround.nix
# reduce closure size by removing perl
"${modulesPath}/profiles/perlless.nix"
# FIXME: we still are left with nixos-generate-config due to nixos-install-tools
{ system.forbiddenDependenciesRegexes = lib.mkForce []; }
];
# among others, this prevents carrying a stdenv with gcc in the image # among others, this prevents carrying a stdenv with gcc in the image
system.extraDependencies = lib.mkForce [ ]; system.extraDependencies = lib.mkForce [ ];
@ -15,17 +27,47 @@
nix.registry = lib.mkForce { }; nix.registry = lib.mkForce { };
# would pull in nano # would pull in nano
programs.nano.syntaxHighlight = lib.mkForce false; programs.nano.enable = false;
# prevents nano, strace # prevents strace
environment.defaultPackages = lib.mkForce [ pkgs.rsync ]; environment.defaultPackages = lib.mkForce [
pkgs.rsync
pkgs.parted
pkgs.gptfdisk
pkgs.e2fsprogs
];
# zfs support is accidentally disabled by excluding base.nix, re-enable it # normal users are not allowed with sys-users
boot = { # see https://github.com/NixOS/nixpkgs/pull/328926
kernelModules = [ "zfs" ]; users.users.nixos = {
extraModulePackages = [ config.boot.kernelPackages.zfs ]; isSystemUser = true;
isNormalUser = lib.mkForce false;
shell = "/run/current-system/sw/bin/bash";
group = "nixos";
}; };
users.groups.nixos = {};
# we can drop this after 23.05 has been released, which has this set by default # we prefer root as this is also what we use in nixos-anywhere
hardware.enableRedistributableFirmware = lib.mkForce false; services.getty.autologinUser = lib.mkForce "root";
# we are missing this from base.nix
boot.supportedFilesystems = [
"ext4"
"btrfs"
# probably not needed but does not seem to increase closure size
"cifs"
"f2fs"
## anyone still using this over ext4?
#"jfs"
"ntfs"
## no longer seems to be maintained, anyone still using it?
#"reiserfs"
"vfat"
"xfs"
];
boot.kernelModules = [
# we have to explicitly enable this, otherwise it is not loaded even when creating a raid:
# https://github.com/nix-community/nixos-anywhere/issues/249
"dm-raid"
];
} }

View file

@ -0,0 +1,4 @@
{
# fixes blank screen on boot for some cards
boot.kernelParams = [ "nouveau.modeset=0" ];
}

10
nix/python-minimal.nix Normal file
View file

@ -0,0 +1,10 @@
{
nixpkgs.overlays = [
(final: prev: {
bcachefs-tools = prev.bcachefs-tools.override { python3 = final.python3Minimal; };
cifs-utils = prev.cifs-utils.override { python3 = final.python3Minimal; };
nfs-utils = prev.nfs-utils.override { python3 = final.python3Minimal; };
talloc = prev.talloc.override { python3 = final.python3Minimal; };
})
];
}

View file

@ -0,0 +1,29 @@
{
# We have a bug in 23.11 in combination with netboot.
boot.initrd.systemd.enable = true;
boot.initrd.systemd.services.restore-state-from-initrd = {
unitConfig = {
DefaultDependencies = false;
RequiresMountsFor = "/sysroot /dev";
};
wantedBy = [ "initrd.target" ];
requiredBy = [ "rw-etc.service" ];
before = [ "rw-etc.service" ];
serviceConfig.Type = "oneshot";
# Restore ssh host and user keys if they are available.
# This avoids warnings of unknown ssh keys.
script = ''
mkdir -m 700 -p /sysroot/root/.ssh
mkdir -m 755 -p /sysroot/etc/ssh
mkdir -m 755 -p /sysroot/root/network
if [[ -f ssh/authorized_keys ]]; then
install -m 400 ssh/authorized_keys /sysroot/root/.ssh
fi
install -m 400 ssh/ssh_host_* /sysroot/etc/ssh
cp *.json /sysroot/root/network/
if [[ -f machine-id ]]; then
cp machine-id /sysroot/etc/machine-id
fi
'';
};
}

11
nix/serial.nix Normal file
View file

@ -0,0 +1,11 @@
{ pkgs, lib, ... }:
{
# IPMI SOL console redirection stuff
boot.kernelParams =
[ "console=tty0" ]
++ (lib.optional (
pkgs.stdenv.hostPlatform.isAarch32 || pkgs.stdenv.hostPlatform.isAarch64
) "console=ttyAMA0,115200")
++ (lib.optional (pkgs.stdenv.hostPlatform.isRiscV) "console=ttySIF0,115200")
++ [ "console=ttyS0,115200" ];
}

21
nix/zfs-minimal.nix Normal file
View file

@ -0,0 +1,21 @@
{ config, lib, pkgs, ... }:
# incorperate a space-optimized version of zfs
let
zfs = pkgs.zfsUnstable.override {
# this overrides saves 10MB
samba = pkgs.coreutils;
python3 = pkgs.python3Minimal;
};
in
{
services.udev.packages = [ zfs ]; # to hook zvol naming, etc.
# unsure if need this, but in future udev rules could potentially point to systemd services.
systemd.packages = [ zfs ];
environment.defaultPackages = lib.mkForce [ zfs ]; # this merges with outer noninteractive module.
boot.kernelModules = [ "zfs" ];
boot.extraModulePackages = [ config.boot.kernelPackages.zfs_unstable ];
networking.hostId = lib.mkDefault "8425e349";
}