From 001acc5a523db45414ebfdca808e308f027e39b5 Mon Sep 17 00:00:00 2001 From: makefu Date: Fri, 29 Nov 2019 13:43:27 +0100 Subject: ma iso: add justdoit,target-config.nix --- makefu/1systems/iso/config.nix | 30 +++++-- makefu/1systems/iso/justdoit.nix | 128 +++++++++++++++++++++++++++ makefu/1systems/iso/target-config.nix | 40 +++++++++ makefu/2configs/nginx/dl.euer.krebsco.de.nix | 17 ++++ makefu/2configs/nginx/share-download.nix | 17 ---- 5 files changed, 206 insertions(+), 26 deletions(-) create mode 100644 makefu/1systems/iso/justdoit.nix create mode 100644 makefu/1systems/iso/target-config.nix create mode 100644 makefu/2configs/nginx/dl.euer.krebsco.de.nix delete mode 100644 makefu/2configs/nginx/share-download.nix diff --git a/makefu/1systems/iso/config.nix b/makefu/1systems/iso/config.nix index fdf203d5b..6c4f62310 100644 --- a/makefu/1systems/iso/config.nix +++ b/makefu/1systems/iso/config.nix @@ -3,20 +3,32 @@ with import ; { imports = [ - + # - + # + ./justdoit.nix + { + kexec.justdoit = { + # bootSize = 512; + rootDevice = "/dev/sdb"; + swapSize = 1024; + bootType = "vfat"; + luksEncrypt = true; + uefi = true; + }; + } ]; + boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; # TODO: NIX_PATH and nix.nixPath are being set by default.nix right now - # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos - krebs.build.host = { cores = 0; }; + # cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso/config.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos + #krebs.build.host = { cores = 0; }; isoImage.isoBaseName = lib.mkForce "stockholm"; - krebs.hidden-ssh.enable = true; - environment.systemPackages = with pkgs; [ - aria2 - ddrescue - ]; + #krebs.hidden-ssh.enable = true; + # environment.systemPackages = with pkgs; [ + # aria2 + # ddrescue + # ]; environment.extraInit = '' EDITOR=vim ''; diff --git a/makefu/1systems/iso/justdoit.nix b/makefu/1systems/iso/justdoit.nix new file mode 100644 index 000000000..7947953f9 --- /dev/null +++ b/makefu/1systems/iso/justdoit.nix @@ -0,0 +1,128 @@ +{ config, pkgs, lib, ... }: + +with lib; +let + cfg = config.kexec.justdoit; + x = if cfg.nvme then "p" else ""; +in { + options = { + kexec.justdoit = { + rootDevice = mkOption { + type = types.str; + default = "/dev/sda"; + description = "the root block device that justdoit will nuke from orbit and force nixos onto"; + }; + bootSize = mkOption { + type = types.int; + default = 256; + description = "size of /boot in mb"; + }; + bootType = mkOption { + type = types.enum [ "ext4" "vfat" "zfs" ]; + default = "ext4"; + }; + swapSize = mkOption { + type = types.int; + default = 1024; + description = "size of swap in mb"; + }; + poolName = mkOption { + type = types.str; + default = "tank"; + description = "zfs pool name"; + }; + luksEncrypt = mkOption { + type = types.bool; + default = false; + description = "encrypt all of zfs and swap"; + }; + uefi = mkOption { + type = types.bool; + default = false; + description = "create a uefi install"; + }; + nvme = mkOption { + type = types.bool; + default = false; + description = "rootDevice is nvme"; + }; + }; + }; + config = let + mkBootTable = { + ext4 = "mkfs.ext4 $NIXOS_BOOT -L NIXOS_BOOT"; + vfat = "mkfs.vfat $NIXOS_BOOT -n NIXOS_BOOT"; + zfs = ""; + }; + in lib.mkIf true { + system.build.justdoit = pkgs.writeScriptBin "justdoit" '' + #!${pkgs.stdenv.shell} + set -e + vgchange -a n + wipefs -a ${cfg.rootDevice} + dd if=/dev/zero of=${cfg.rootDevice} bs=512 count=10000 + sfdisk ${cfg.rootDevice} < /mnt/etc/nixos/generated.nix <; +{ + services.nginx = { + enable = mkDefault true; + recommendedGzipSettings = true; + recommendedOptimisation = true; + virtualHosts."dl.euer.krebsco.de" = { + root = config.makefu.dl-dir; + extraConfig = "autoindex on;"; + forceSSL = true; + enableACME = true; + basicAuth = import ; + }; + }; +} diff --git a/makefu/2configs/nginx/share-download.nix b/makefu/2configs/nginx/share-download.nix deleted file mode 100644 index 828a66a74..000000000 --- a/makefu/2configs/nginx/share-download.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ config, lib, pkgs, ... }: - -with import ; -{ - services.nginx = { - enable = mkDefault true; - recommendedGzipSettings = true; - recommendedOptimisation = true; - virtualHosts."dl.euer.krebsco.de" = { - root = config.makefu.dl-dir; - extraConfig = "autoindex on;"; - forceSSL = true; - enableACME = true; - basicAuth = import ; - }; - }; -} -- cgit v1.2.3