home

My NixOS systems configurations.
Log | Files | Refs | LICENSE

iso.nix (1335B)


      1 # To build the installer for your system's architecture:
      2 #
      3 #   nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix
      4 #
      5 # To build a 32-bit installer, overrride the value of the `system` parameter:
      6 #
      7 #   nix-build <SAME AS BEFORE> --argStr system i686-linux
      8 #
      9 
     10 { config, lib, pkgs, system ? builtins.currentSystem, ... }:
     11 
     12 with lib;
     13 let
     14   secretPath = ../../secrets/machines.nix;
     15   secretCondition = (builtins.pathExists secretPath);
     16 
     17   isAuthorized = p: builtins.isAttrs p && p.authorized or false;
     18   authorizedKeys = lists.optionals secretCondition (
     19     attrsets.mapAttrsToList
     20       (name: value: value.key)
     21       (attrsets.filterAttrs (name: value: isAuthorized value) (import secretPath).ssh)
     22   );
     23 in
     24 {
     25   imports = [
     26     # https://nixos.wiki/wiki/Creating_a_NixOS_live_CD
     27     <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
     28     <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
     29   ];
     30 
     31   systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ];
     32   users = {
     33     mutableUsers = false;
     34     users.root.openssh.authorizedKeys.keys = authorizedKeys;
     35   };
     36 
     37   environment.etc = {
     38     "install.sh" = {
     39       source = ./install.sh;
     40       mode = "0700";
     41     };
     42 
     43     "configuration.nix" = {
     44       source = ./installer_configuration.nix;
     45       mode = "0600";
     46     };
     47   };
     48 }