summaryrefslogtreecommitdiffstats
path: root/krebs/4lib/infest/prepare.sh
diff options
context:
space:
mode:
Diffstat (limited to 'krebs/4lib/infest/prepare.sh')
-rw-r--r--krebs/4lib/infest/prepare.sh51
1 files changed, 49 insertions, 2 deletions
diff --git a/krebs/4lib/infest/prepare.sh b/krebs/4lib/infest/prepare.sh
index 0bfc49380..d9271da73 100644
--- a/krebs/4lib/infest/prepare.sh
+++ b/krebs/4lib/infest/prepare.sh
@@ -1,6 +1,9 @@
#! /bin/sh
set -efu
+nix_url=https://nixos.org/releases/nix/nix-1.10/nix-1.10-x86_64-linux.tar.bz2
+nix_sha256=504f7a3a85fceffb8766ae5e1005de9e02e489742f5a63cc3e7552120b138bf4
+
prepare() {(
if test -e /etc/os-release; then
. /etc/os-release
@@ -70,7 +73,7 @@ prepare_debian() {
prepare_common
}
-prepare_common() {
+prepare_common() {(
if ! getent group nixbld >/dev/null; then
groupadd -g 30000 -r nixbld
@@ -133,6 +136,50 @@ prepare_common() {
mkdir -p /mnt/nix
mount --bind /nix /mnt/nix
fi
-}
+
+ #
+ # install nix
+ #
+
+ # install nix on host (cf. https://nixos.org/nix/install)
+ if ! test -e /root/.nix-profile/etc/profile.d/nix.sh; then
+ (
+ verify() {
+ printf '%s %s\n' $nix_sha256 $(basename $nix_url) | sha256sum -c
+ }
+ if ! verify; then
+ curl -C - -O "$nix_url"
+ verify
+ fi
+ )
+ nix_src_dir=$(basename $nix_url .tar.bz2)
+ tar jxf $nix_src_dir.tar.bz2
+ $nix_src_dir/install
+ fi
+
+ . /root/.nix-profile/etc/profile.d/nix.sh
+
+ for i in \
+ bash \
+ coreutils \
+ # This line intentionally left blank.
+ do
+ if ! nix-env -q $i | grep -q .; then
+ nix-env -iA nixpkgs.pkgs.$i
+ fi
+ done
+
+ # install nixos-install
+ if ! type nixos-install 2>/dev/null; then
+ nixpkgs_expr='import <nixpkgs> { system = builtins.currentSystem; }'
+ nixpkgs_path=$(find /nix/store -mindepth 1 -maxdepth 1 -name *-nixpkgs-* -type d)
+ nix-env \
+ --arg config "{ nix.package = ($nixpkgs_expr).nix; }" \
+ --arg pkgs "$nixpkgs_expr" \
+ --arg modulesPath 'throw "no modulesPath"' \
+ -f $nixpkgs_path/nixpkgs/nixos/modules/installer/tools/tools.nix \
+ -iA config.system.build.nixos-install
+ fi
+)}
prepare "$@"