From dcf2a3b48434ebe1879d9d99ffe68a2870fc4fd0 Mon Sep 17 00:00:00 2001 From: Dustin Frisch Date: Mon, 18 Nov 2024 11:02:48 +0100 Subject: [PATCH] Make installer image more independent --- installer.nix | 81 +++++++++++++++++++++++++++++++++ installer/default.nix | 86 ----------------------------------- installer/installer.nix | 19 -------- machines/nfs/dhcp.nix | 22 --------- machines/nfs/netinstaller.nix | 38 ++++++++++------ 5 files changed, 105 insertions(+), 141 deletions(-) create mode 100644 installer.nix delete mode 100644 installer/default.nix delete mode 100644 installer/installer.nix diff --git a/installer.nix b/installer.nix new file mode 100644 index 0000000..1cb1c43 --- /dev/null +++ b/installer.nix @@ -0,0 +1,81 @@ +{ pkgs, lib, modulesPath, config, ... }: + +with lib; + +let + auto-installer = pkgs.writers.writeBash "auto-installer" '' + set -o errexit + set -o nounset + set -o pipefail + + set -x + + if [[ "$(cat /proc/cmdline)" =~ nixos\.install=([^ ]+) ]]; then + INSTALL="''${BASH_REMATCH[1]}" + else + echo "No install derivation found" >&2 + exit 1 + fi + + ${pkgs.retry}/bin/retry \ + --times 10 \ + --delay 15 \ + -- ${pkgs.nix}/bin/nix-store \ + --realize \ + --add-root /tmp/installer \ + "$INSTALL" + + exec /tmp/installer + ''; + +in +{ + imports = [ + "${modulesPath}/installer/netboot/netboot-minimal.nix" + + ./shared/network.nix + ./shared/cache.nix + ./shared/users.nix + ]; + + _module.args = { + name = "installer"; + }; + + networking.useDHCP = mkForce true; + + services.getty.autologinUser = lib.mkForce "root"; + + systemd.services."auto-install" = { + description = "Automated NixOS installer"; + + wants = [ "network-online.target" ]; + after = [ "network-online.target" ]; + + conflicts = [ "getty@tty1.service" ]; + + wantedBy = [ "multi-user.target" ]; + + path = with pkgs; [ bash nix ]; + + unitConfig = { + AssertKernelCommandLine = "nixos.install"; + + FailureAction = "force-reboot"; + }; + + serviceConfig = { + Type = "oneshot"; + + ExecStart = auto-installer; + + StandardInput = "none"; + StandardOutput = "journal+console"; + StandardError = "journal+console"; + }; + }; + + # Expose the installer script + system.build.installer = installer; +} + diff --git a/installer/default.nix b/installer/default.nix deleted file mode 100644 index 3be9e1e..0000000 --- a/installer/default.nix +++ /dev/null @@ -1,86 +0,0 @@ -{ pkgs, lib, modulesPath, config, target, ... }: - -with lib; - -let - installer = pkgs.callPackage ./installer.nix { inherit target; }; - - auto-installer = - let - # This removes the direct dependency from the installer to the target image. - # The install script is realized later during runtime using the cache. - # To make this work, the cache must provide the real installer script. - installer-path = builtins.unsafeDiscardStringContext (toString installer); - - in - pkgs.writers.writeBash "auto-installer" '' - set -o errexit - set -o nounset - set -o pipefail - - set -x - - ${pkgs.retry}/bin/retry \ - --times 10 \ - --delay 15 \ - -- ${pkgs.nix}/bin/nix-store \ - --realize \ - --add-root /tmp/installer \ - "${installer-path}" - - /tmp/installer - - reboot - ''; - -in -{ - imports = [ - "${modulesPath}/installer/netboot/netboot-minimal.nix" - - ../shared/users.nix - ../shared/network.nix - ../shared/cache.nix - ]; - - _module.args = { - name = "installer"; - }; - - networking.useDHCP = mkForce true; - - services.getty.autologinUser = lib.mkForce "root"; - - systemd.services."auto-install" = { - description = "Automated NixOS installer"; - - wants = [ "network-online.target" ]; - after = [ "network-online.target" ]; - - conflicts = [ "getty@tty1.service" ]; - - wantedBy = [ "multi-user.target" ]; - - path = with pkgs; [ bash nix ]; - - unitConfig = { - FailureAction = "force-reboot"; - }; - - serviceConfig = { - Type = "oneshot"; - - ExecStart = auto-installer; - - StandardInput = "none"; - StandardOutput = "journal+console"; - StandardError = "journal+console"; - }; - }; - - # Expose the installer script - system.build.installer = installer; - - system.stateVersion = config.system.nixos.release; -} - diff --git a/installer/installer.nix b/installer/installer.nix deleted file mode 100644 index c4fea4c..0000000 --- a/installer/installer.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ writers, target, ... }: - -writers.writeBash "installer" '' - set -o errexit - set -o nounset - set -o pipefail - - set -x - - "${target.config.system.build.diskoScript}" - - "${target.config.system.build.nixos-install}/bin/nixos-install" \ - --root /mnt \ - --system "${target.config.system.build.toplevel}" \ - --no-channel-copy \ - --no-root-password \ - --verbose -'' - diff --git a/machines/nfs/dhcp.nix b/machines/nfs/dhcp.nix index 98e83ce..40496cd 100644 --- a/machines/nfs/dhcp.nix +++ b/machines/nfs/dhcp.nix @@ -63,28 +63,6 @@ pool = "10.32.44.100 - 10.32.44.200"; } ]; - - option-data = [ - { - name = "routers"; - data = "10.32.44.1"; - } - - { - name = "domain-name-servers"; - data = "10.0.0.53"; - } - - { - name = "domain-name"; - data = config.networking.domain; - } - - { - name = "domain-search"; - data = config.networking.domain; - } - ]; } ]; diff --git a/machines/nfs/netinstaller.nix b/machines/nfs/netinstaller.nix index 6e9ddd4..239192f 100644 --- a/machines/nfs/netinstaller.nix +++ b/machines/nfs/netinstaller.nix @@ -4,15 +4,31 @@ with lib; let installer = pkgs.nixos [ - ../../installer - - { - _module.args = { - target = nodes."client"; - }; - } + ../../installer.nix ]; + installer-script = + let + target = nodes."client".config.system.build; + + in + pkgs.writers.writeBash "installer" '' + set -o errexit + set -o nounset + set -o pipefail + + set -x + + "${target.diskoScript}" + + "${target.nixos-install}/bin/nixos-install" \ + --root /mnt \ + --system "${target.toplevel}" \ + --no-channel-copy \ + --no-root-password \ + --verbose + ''; + ipxe-script = pkgs.writeText "boot-local.ipxe" '' #!ipxe @@ -26,7 +42,7 @@ let kernel --name kernel http://''${next-server:ipv4}/bzImage || goto err initrd --name initrd http://''${next-server:ipv4}/initrd || goto err - boot kernel initrd=initrd init=${installer.config.system.build.toplevel}/init loglevel=4 || goto err + boot kernel initrd=initrd init=${installer.config.system.build.toplevel}/init nixos.install=${installer-script} loglevel=4 || goto err :err shell @@ -68,12 +84,6 @@ in openFirewall = true; }; - # Ensure the intaller script and therefore the client system is part of the - # store so it can be fetched by the installer. - boot.postBootCommands = '' - ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/installer --set "${installer.installer}" - ''; - networking.extraHosts = '' 127.0.0.1 boot.${config.networking.domain} '';