From 2c733de3b3c57ba7636fb320b8afd3438da8a888 Mon Sep 17 00:00:00 2001 From: LavaDesu Date: Mon, 8 Aug 2022 18:18:18 +0700 Subject: [PATCH] flake: create generator for aarch64 sdcard image --- flake.lock | 37 +++++++++++++++++++++++++++++++++ flake.nix | 40 +++++++++++++++++++++++++++++------- hosts/caramel/default.nix | 10 +++++---- hosts/caramel/filesystem.nix | 25 +++++++++++++++++----- hosts/caramel/image.nix | 29 ++++++++++++++++++++++++++ hosts/caramel/kernel.nix | 12 +++++++---- 6 files changed, 133 insertions(+), 20 deletions(-) create mode 100644 hosts/caramel/image.nix diff --git a/flake.lock b/flake.lock index 5f6e968..3b67c44 100644 --- a/flake.lock +++ b/flake.lock @@ -351,6 +351,42 @@ "type": "github" } }, + "nixlib": { + "locked": { + "lastModified": 1636849918, + "narHash": "sha256-nzUK6dPcTmNVrgTAC1EOybSMsrcx+QrVPyqRdyKLkjA=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "28a5b0557f14124608db68d3ee1f77e9329e9dd5", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixos-generators": { + "inputs": { + "nixlib": "nixlib", + "nixpkgs": [ + "nixpkgs-porcupine" + ] + }, + "locked": { + "lastModified": 1657748715, + "narHash": "sha256-WecDwDY/hEcDQYzFnccCNa+5Umht0lfjx/d1qGDy/rQ=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "3323b944d99b026aebfd8de439e001409dde067d", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1654057797, @@ -610,6 +646,7 @@ "multitask": "multitask", "neovim-nightly": "neovim-nightly", "nix-gaming": "nix-gaming", + "nixos-generators": "nixos-generators", "nixos-hardware": "nixos-hardware", "nixpkgs": "nixpkgs_2", "nixpkgs-porcupine": "nixpkgs-porcupine", diff --git a/flake.nix b/flake.nix index 7a0dbdb..2824430 100644 --- a/flake.nix +++ b/flake.nix @@ -7,11 +7,13 @@ neovim-nightly.url = "github:nix-community/neovim-nightly-overlay"; nixos-hardware.url = "github:NixOS/nixos-hardware"; agenix.url = "github:ryantm/agenix"; + nixos-generators.url = "github:nix-community/nixos-generators"; agenix.inputs.nixpkgs.follows = "nixpkgs"; home-manager.inputs.nixpkgs.follows = "nixpkgs"; home-manager-porcupine.inputs.nixpkgs.follows = "nixpkgs-porcupine"; neovim-nightly.inputs.nixpkgs.follows = "nixpkgs"; + nixos-generators.inputs.nixpkgs.follows = "nixpkgs-porcupine"; nix-gaming.url = "github:fufexan/nix-gaming"; powercord-overlay.url = "github:LavaDesu/powercord-overlay"; @@ -61,7 +63,7 @@ zelk = { url = "github:schnensch0/zelk"; flake = false; }; }; - outputs = { self, agenix, nixpkgs, nixpkgs-porcupine, ... } @ inputs: + outputs = { self, agenix, nixos-generators, nixpkgs, nixpkgs-porcupine, ... } @ inputs: let overlays = (import ./overlays) ++ [inputs.powercord-overlay.overlay] @@ -71,13 +73,13 @@ mkSystem = if !(self ? rev) then throw "Dirty git tree detected." else - nixpkgs: name: arch: enableGUI: nixpkgs.lib.nixosSystem { + nixpkgs: name: arch: enableGUI: extraModules: nixpkgs.lib.nixosSystem { system = arch; modules = [ { nixpkgs.overlays = overlays; } agenix.nixosModules.age (./hosts + "/${name}") - ]; + ] ++ extraModules; specialArgs = { inherit inputs enableGUI; modules = import ./modules { lib = nixpkgs.lib; }; @@ -85,10 +87,10 @@ }; in { - nixosConfigurations."blossom" = mkSystem nixpkgs "blossom" "x86_64-linux" true; + nixosConfigurations."blossom" = mkSystem nixpkgs "blossom" "x86_64-linux" true []; - nixosConfigurations."caramel" = mkSystem nixpkgs-porcupine "caramel" "aarch64-linux" false; - nixosConfigurations."sugarcane" = mkSystem nixpkgs-porcupine "sugarcane" "x86_64-linux" false; + nixosConfigurations."caramel" = mkSystem nixpkgs-porcupine "caramel" "aarch64-linux" false []; + nixosConfigurations."sugarcane" = mkSystem nixpkgs-porcupine "sugarcane" "x86_64-linux" false []; packages."x86_64-linux" = let @@ -104,12 +106,36 @@ packages."aarch64-linux" = let pkgs = import nixpkgs-porcupine { - inherit overlays; + overlays = overlays ++ [ + # See https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243 + ]; system = "aarch64-linux"; }; + + caramel-sys = mkSystem nixpkgs-porcupine "caramel" "aarch64-linux" false [{ + nixpkgs.overlays = [ + (self: super: { + makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; }); + }) + ]; + }]; in { inherit (pkgs) nixUnstable; + + caramel-iso2 = caramel-sys.config.system.build.sdImage; + caramel-iso = nixos-generators.nixosGenerate { + inherit pkgs; + format = "sd-aarch64"; + modules = [ + agenix.nixosModules.age + ./hosts/caramel + ]; + specialArgs = { + inherit inputs; + modules = import ./modules { lib = nixpkgs-porcupine.lib; }; + }; + }; }; # TODO: currently broken diff --git a/hosts/caramel/default.nix b/hosts/caramel/default.nix index 1e3bd35..0dbc148 100644 --- a/hosts/caramel/default.nix +++ b/hosts/caramel/default.nix @@ -1,4 +1,4 @@ -{ config, inputs, modules, overlays, pkgs, ... }: { +{ config, inputs, modules, modulesPath, overlays, pkgs, ... }: { networking.hostName = "caramel"; system.stateVersion = "21.11"; time.timeZone = "Asia/Phnom_Penh"; @@ -12,6 +12,7 @@ }; imports = (with modules.system; [ + "${builtins.toString modulesPath}/installer/sd-card/sd-image-aarch64.nix" inputs.home-manager-porcupine.nixosModule base @@ -23,15 +24,16 @@ ./filesystem.nix ./kernel.nix + ./image.nix ./networking.nix ./packages.nix ../../users/hana ]) ++ (with modules.services; [ - nginx - postgres - synapse +# nginx +# postgres +# synapse tmptsync unbound vaultwarden diff --git a/hosts/caramel/filesystem.nix b/hosts/caramel/filesystem.nix index c03acda..da67f38 100644 --- a/hosts/caramel/filesystem.nix +++ b/hosts/caramel/filesystem.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ config, lib, ... }: let bind = src: { depends = [ "/persist" ]; @@ -9,16 +9,31 @@ let }; in { fileSystems = { - "/" = { + "/" = lib.mkForce { device = "rootfs"; fsType = "tmpfs"; - options = [ "defaults" "size=2G" "mode=755" ]; + options = [ "defaults" "size=1G" "mode=755" ]; }; - "/nix" = { + # "/nix" = { + # device = "overlayfs"; + # fsType = "overlay"; + # options = [ + # "lowerdir=/mnt/image/nix" + # "upperdir=/persist/nix-overlay" + # "workdir=/persist/.overlaytmp" + # ]; + # noCheck = true; + # depends = [ "/mnt/image" "/persist" ]; + # }; + + "/nix" = (bind "/mnt/image/nix") // { depends = [ "/mnt/image" ]; }; + + "/mnt/image" = { device = "/dev/disk/by-label/NIXOS_SD"; fsType = "ext4"; options = [ "defaults" "noatime" ]; + neededForBoot = true; }; "/persist" = { @@ -31,6 +46,6 @@ in { "/var/persist" = bind "/persist"; "/var/lib/acme" = bind "/persist/acme"; "/var/log/journal" = bind "/persist/journal"; - "/boot" = (bind "/nix/persist/boot") // { depends = [ "/nix" ]; }; + "/boot" = (bind "/mnt/image/boot") // { depends = [ "/mnt/image" ]; }; }; } diff --git a/hosts/caramel/image.nix b/hosts/caramel/image.nix new file mode 100644 index 0000000..a7e9975 --- /dev/null +++ b/hosts/caramel/image.nix @@ -0,0 +1,29 @@ +{ config, lib, pkgs, ... }: { + sdImage.expandOnBoot = false; + boot.postBootCommands = '' + # On the first boot do some maintenance tasks + if [ -f /mnt/image/nix-path-registration ]; then + set -euo pipefail + set -x + # Figure out device names for the boot device and root filesystem. + rootPart=$(${pkgs.util-linux}/bin/findmnt -n -o SOURCE /mnt/image) + bootDevice=$(lsblk -npo PKNAME $rootPart) + partNum=$(lsblk -npo MAJ:MIN $rootPart | ${pkgs.gawk}/bin/awk -F: '{print $2}') + + # Resize the root partition and the filesystem to fit the disk + echo ",+," | sfdisk -N$partNum --no-reread $bootDevice + ${pkgs.parted}/bin/partprobe + ${pkgs.e2fsprogs}/bin/resize2fs $rootPart + + # Register the contents of the initial Nix store + ${config.nix.package.out}/bin/nix-store --load-db < /mnt/image/nix-path-registration + + # nixos-rebuild also requires a "system" profile and an /etc/NIXOS tag. + touch /etc/NIXOS + ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system + + # Prevents this from running on later boots. + rm -f /mnt/image/nix-path-registration + fi + ''; +} diff --git a/hosts/caramel/kernel.nix b/hosts/caramel/kernel.nix index e621ed3..8c8e9a8 100644 --- a/hosts/caramel/kernel.nix +++ b/hosts/caramel/kernel.nix @@ -1,11 +1,15 @@ -{ config, inputs, pkgs, ... }: { +{ config, inputs, lib, pkgs, ... }: { imports = [ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ]; hardware.raspberry-pi."4".fkms-3d.enable = true; - boot.kernel.sysctl = { - "kernel.core_pattern" = "|/bin/false"; - "kernel.sysrq" = 1; + boot = { + initrd.kernelModules = [ "overlay" ]; + supportedFilesystems = lib.mkForce [ "btrfs" "vfat" ]; + kernel.sysctl = { + "kernel.core_pattern" = "|/bin/false"; + "kernel.sysrq" = 1; + }; }; }