forked from Mirrors/nixos-infect
Compare commits
No commits in common. "0d60e648ef697c76d1b512bb3e2fff3031f9738b" and "5ef3f953d32ab92405b280615718e0b80da2ebe6" have entirely different histories.
0d60e648ef
...
5ef3f953d3
1 changed files with 51 additions and 31 deletions
60
nixos-infect
60
nixos-infect
|
@ -4,10 +4,22 @@
|
||||||
|
|
||||||
set -e -o pipefail
|
set -e -o pipefail
|
||||||
|
|
||||||
|
autodetectProvider() {
|
||||||
|
if [ -e /etc/hetzner-build ]; then
|
||||||
|
PROVIDER="hetznercloud"
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
makeConf() {
|
makeConf() {
|
||||||
# Skip everything if main config already present
|
# Skip everything if main config already present
|
||||||
[[ -e /etc/nixos/configuration.nix ]] && return 0
|
[[ -e /etc/nixos/configuration.nix ]] && return 0
|
||||||
|
|
||||||
|
# Lightsail config is not like the others
|
||||||
|
if [ "$PROVIDER" = "lightsail" ]; then
|
||||||
|
makeLightsailConf
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
|
||||||
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
|
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
|
||||||
mkdir -p /etc/nixos
|
mkdir -p /etc/nixos
|
||||||
# Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep
|
# Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep
|
||||||
|
@ -20,37 +32,26 @@ makeConf() {
|
||||||
done
|
done
|
||||||
local network_import=""
|
local network_import=""
|
||||||
|
|
||||||
network_import="./networking.nix # generated at runtime by nixos-infect"
|
[[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect"
|
||||||
cat > /etc/nixos/configuration.nix << EOF
|
cat > /etc/nixos/configuration.nix << EOF
|
||||||
{ ... }:
|
{ ... }: {
|
||||||
let
|
|
||||||
keys = [$(while read -r line; do
|
|
||||||
line=$(echo -n "$line" | sed 's/\r//g')
|
|
||||||
trimmed_line=$(echo -n "$line" | xargs)
|
|
||||||
echo -n "''$trimmed_line'' "
|
|
||||||
done <<< "$keys")];
|
|
||||||
in
|
|
||||||
{
|
|
||||||
imports = [
|
imports = [
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
$network_import
|
$network_import
|
||||||
$NIXOS_IMPORT
|
$NIXOS_IMPORT
|
||||||
];
|
];
|
||||||
|
|
||||||
|
|
||||||
boot.tmp.cleanOnBoot = true;
|
boot.tmp.cleanOnBoot = true;
|
||||||
zramSwap.enable = ${zramswap};
|
zramSwap.enable = ${zramswap};
|
||||||
networking.hostName = "$(hostname -s)";
|
networking.hostName = "$(hostname -s)";
|
||||||
networking.domain = "$(hostname -d)";
|
networking.domain = "$(hostname -d)";
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
security.sudo.wheelNeedsPassword = false;
|
users.users.root.openssh.authorizedKeys.keys = [$(while read -r line; do
|
||||||
system.stateVersion = "24.05";
|
line=$(echo -n "$line" | sed 's/\r//g')
|
||||||
users.users.root.openssh.authorizedKeys.keys = keys;
|
trimmed_line=$(echo -n "$line" | xargs)
|
||||||
users.users.sammy = {
|
echo -n "''$trimmed_line'' "
|
||||||
isNormalUser = true;
|
done <<< "$keys")];
|
||||||
extraGroups = [ "wheel" ];
|
system.stateVersion = "23.11";
|
||||||
openssh.authorizedKeys.keys = keys;
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
@ -89,9 +90,19 @@ $bootcfg
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
makeNetworkingConf || true
|
[[ -n "$doNetConf" ]] && makeNetworkingConf || true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
makeLightsailConf() {
|
||||||
|
mkdir -p /etc/nixos
|
||||||
|
cat > /etc/nixos/configuration.nix << EOF
|
||||||
|
{ config, pkgs, modulesPath, lib, ... }:
|
||||||
|
{
|
||||||
|
imports = [ "\${modulesPath}/virtualisation/amazon-image.nix" ];
|
||||||
|
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
}
|
||||||
|
|
||||||
makeNetworkingConf() {
|
makeNetworkingConf() {
|
||||||
# XXX It'd be better if we used procfs for all this...
|
# XXX It'd be better if we used procfs for all this...
|
||||||
|
@ -371,6 +382,15 @@ infect() {
|
||||||
/nix/var/nix/profiles/system/bin/switch-to-configuration boot
|
/nix/var/nix/profiles/system/bin/switch-to-configuration boot
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if [ ! -v PROVIDER ]; then
|
||||||
|
autodetectProvider
|
||||||
|
fi
|
||||||
|
|
||||||
|
[ "$PROVIDER" = "digitalocean" ] && doNetConf=y # digitalocean requires detailed network config to be generated
|
||||||
|
[ "$PROVIDER" = "lightsail" ] && newrootfslabel="nixos"
|
||||||
|
if [[ "$PROVIDER" = "digitalocean" ]] || [[ "$PROVIDER" = "servarica" ]] || [[ "$PROVIDER" = "hetznercloud" ]]; then
|
||||||
|
doNetConf=y # some providers require detailed network config to be generated
|
||||||
|
fi
|
||||||
|
|
||||||
checkEnv
|
checkEnv
|
||||||
prepareEnv
|
prepareEnv
|
||||||
|
|
Loading…
Reference in a new issue