mirror of
https://github.com/divnix/digga.git
synced 2024-12-23 16:11:51 +03:00
18ea519f0d
prior to this commit the bootstrapping iso deactivated _all_ profiles
that were somehow contained in a suite.
that is an error, since it deactivates all profiles, even the most basic
and desired ones.
the impetus had been to prevent unwantes systemd services from launching
however, there seems no reliable approach to achieve that.
the now proposed alternative model is to add a bootsrap host akin to
the followint config:
```nix
# os/hosts/bootstrap.nix
{ profiles, ... }:
{
imports = [
profiles.networking
profiles.users.root
profiles.users.nixos
];
}
```
75 lines
2.4 KiB
Nix
75 lines
2.4 KiB
Nix
let
|
|
getFqdn = config:
|
|
let
|
|
net = config.networking;
|
|
fqdn =
|
|
if net.domain != null
|
|
then "${net.hostName}.${net.domain}"
|
|
else net.hostName;
|
|
in
|
|
fqdn;
|
|
|
|
protoModule = fullHostConfig: { config, lib, modulesPath, suites, self, inputs, ... }@args: {
|
|
|
|
imports = [ "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix" ];
|
|
|
|
isoImage.isoBaseName = "bootstrap-" + (getFqdn config);
|
|
isoImage.contents = [{
|
|
source = self;
|
|
target = "/devos/";
|
|
}];
|
|
isoImage.storeContents = [
|
|
self.devShell.${config.nixpkgs.system}
|
|
# include also closures that are "switched off" by the
|
|
# above profile filter on the local config attribute
|
|
fullHostConfig.system.build.toplevel
|
|
] ++ builtins.attrValues inputs;
|
|
# still pull in tools of deactivated profiles
|
|
environment.systemPackages = fullHostConfig.environment.systemPackages;
|
|
|
|
# confilcts with networking.wireless which might be slightly
|
|
# more useful on a stick
|
|
networking.networkmanager.enable = lib.mkForce false;
|
|
# confilcts with networking.wireless
|
|
networking.wireless.iwd.enable = lib.mkForce false;
|
|
|
|
# Set up a link-local boostrap network
|
|
# See also: https://github.com/NixOS/nixpkgs/issues/75515#issuecomment-571661659
|
|
networking.usePredictableInterfaceNames = lib.mkForce true; # so prefix matching works
|
|
networking.useNetworkd = lib.mkForce true;
|
|
networking.useDHCP = lib.mkForce false;
|
|
networking.dhcpcd.enable = lib.mkForce false;
|
|
systemd.network = {
|
|
# https://www.freedesktop.org/software/systemd/man/systemd.network.html
|
|
networks."boostrap-link-local" = {
|
|
matchConfig = {
|
|
Name = "en* wl* ww*";
|
|
};
|
|
networkConfig = {
|
|
Description = "Link-local host bootstrap network";
|
|
MulticastDNS = true;
|
|
LinkLocalAddressing = "ipv6";
|
|
DHCP = "yes";
|
|
};
|
|
address = [
|
|
# fall back well-known link-local for situations where MulticastDNS is not available
|
|
"fe80::47" # 47: n=14 i=9 x=24; n+i+x
|
|
];
|
|
extraConfig = ''
|
|
# Unique, yet stable. Based off the MAC address.
|
|
IPv6LinkLocalAddressGenerationMode = "eui64"
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
in
|
|
{ config, ... }:
|
|
{
|
|
system.build = {
|
|
bootstrapIso = (config.lib.digga.mkBuild
|
|
(protoModule config)
|
|
).config.system.build.isoImage;
|
|
};
|
|
}
|
|
|