home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

commit 469161e86723a107aaf55d516f14926aabd0fdd3
parent fcff8bae14677a25157b5db28ef54b42b410a212
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Mon, 13 Jul 2020 11:50:15 +0200

hack: add a iso build 🙃

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:
Ahack/installer_configuration.nix | 18++++++++++++++++++
Ahack/iso.nix | 48++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 66 insertions(+), 0 deletions(-)

diff --git a/hack/installer_configuration.nix b/hack/installer_configuration.nix @@ -0,0 +1,18 @@ +{ config, pkgs, ... }: + +{ + imports = + [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keyFiles = [ /etc/ssh/authorized_keys.d/root ]; + + networking.hostName = "nixos"; # Define your hostname. +} diff --git a/hack/iso.nix b/hack/iso.nix @@ -0,0 +1,48 @@ +# To build the installer for your system's architecture: +# +# nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix +# +# To build a 32-bit installer, overrride the value of the `system` parameter: +# +# nix-build <SAME AS BEFORE> --argStr system i686-linux +# + +{ config, lib, pkgs, system ? builtins.currentSystem, ... }: + +with lib; +let + secretPath = ../../secrets/machines.nix; + secretCondition = (builtins.pathExists secretPath); + + isAuthorized = p: builtins.isAttrs p && p.authorized or false; + authorizedKeys = lists.optionals secretCondition ( + attrsets.mapAttrsToList + (name: value: value.key) + (attrsets.filterAttrs (name: value: isAuthorized value) (import secretPath).ssh) + ); +in +{ + imports = [ + # https://nixos.wiki/wiki/Creating_a_NixOS_live_CD + <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix> + <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> + ]; + + systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; + users = { + mutableUsers = false; + users.root.openssh.authorizedKeys.keys = authorizedKeys; + }; + + environment.etc = { + "install.sh" = { + source = ./install.sh; + mode = "0700"; + }; + + "configuration.nix" = { + source = ./installer_configuration.nix; + mode = "0600"; + }; + }; +}