iso.nix (1335B)
1 # To build the installer for your system's architecture: 2 # 3 # nix-build '<nixpkgs/nixos>' -A config.system.build.isoImage -I nixos-config=iso.nix 4 # 5 # To build a 32-bit installer, overrride the value of the `system` parameter: 6 # 7 # nix-build <SAME AS BEFORE> --argStr system i686-linux 8 # 9 10 { config, lib, pkgs, system ? builtins.currentSystem, ... }: 11 12 with lib; 13 let 14 secretPath = ../../secrets/machines.nix; 15 secretCondition = (builtins.pathExists secretPath); 16 17 isAuthorized = p: builtins.isAttrs p && p.authorized or false; 18 authorizedKeys = lists.optionals secretCondition ( 19 attrsets.mapAttrsToList 20 (name: value: value.key) 21 (attrsets.filterAttrs (name: value: isAuthorized value) (import secretPath).ssh) 22 ); 23 in 24 { 25 imports = [ 26 # https://nixos.wiki/wiki/Creating_a_NixOS_live_CD 27 <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix> 28 <nixpkgs/nixos/modules/installer/cd-dvd/channel.nix> 29 ]; 30 31 systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; 32 users = { 33 mutableUsers = false; 34 users.root.openssh.authorizedKeys.keys = authorizedKeys; 35 }; 36 37 environment.etc = { 38 "install.sh" = { 39 source = ./install.sh; 40 mode = "0700"; 41 }; 42 43 "configuration.nix" = { 44 source = ./installer_configuration.nix; 45 mode = "0600"; 46 }; 47 }; 48 }