Compare commits

..

No commits in common. "0d60e648ef697c76d1b512bb3e2fff3031f9738b" and "5ef3f953d32ab92405b280615718e0b80da2ebe6" have entirely different histories.

View file

@ -4,10 +4,22 @@
set -e -o pipefail set -e -o pipefail
autodetectProvider() {
if [ -e /etc/hetzner-build ]; then
PROVIDER="hetznercloud"
fi
}
makeConf() { makeConf() {
# Skip everything if main config already present # Skip everything if main config already present
[[ -e /etc/nixos/configuration.nix ]] && return 0 [[ -e /etc/nixos/configuration.nix ]] && return 0
# Lightsail config is not like the others
if [ "$PROVIDER" = "lightsail" ]; then
makeLightsailConf
return 0
fi
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not # NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
mkdir -p /etc/nixos mkdir -p /etc/nixos
# Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep # Prevent grep for sending error code 1 (and halting execution) when no lines are selected : https://www.unix.com/man-page/posix/1P/grep
@ -20,37 +32,26 @@ makeConf() {
done done
local network_import="" local network_import=""
network_import="./networking.nix # generated at runtime by nixos-infect" [[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect"
cat > /etc/nixos/configuration.nix << EOF cat > /etc/nixos/configuration.nix << EOF
{ ... }: { ... }: {
let
keys = [$(while read -r line; do
line=$(echo -n "$line" | sed 's/\r//g')
trimmed_line=$(echo -n "$line" | xargs)
echo -n "''$trimmed_line'' "
done <<< "$keys")];
in
{
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
$network_import $network_import
$NIXOS_IMPORT $NIXOS_IMPORT
]; ];
boot.tmp.cleanOnBoot = true; boot.tmp.cleanOnBoot = true;
zramSwap.enable = ${zramswap}; zramSwap.enable = ${zramswap};
networking.hostName = "$(hostname -s)"; networking.hostName = "$(hostname -s)";
networking.domain = "$(hostname -d)"; networking.domain = "$(hostname -d)";
services.openssh.enable = true; services.openssh.enable = true;
security.sudo.wheelNeedsPassword = false; users.users.root.openssh.authorizedKeys.keys = [$(while read -r line; do
system.stateVersion = "24.05"; line=$(echo -n "$line" | sed 's/\r//g')
users.users.root.openssh.authorizedKeys.keys = keys; trimmed_line=$(echo -n "$line" | xargs)
users.users.sammy = { echo -n "''$trimmed_line'' "
isNormalUser = true; done <<< "$keys")];
extraGroups = [ "wheel" ]; system.stateVersion = "23.11";
openssh.authorizedKeys.keys = keys;
};
} }
EOF EOF
@ -89,9 +90,19 @@ $bootcfg
} }
EOF EOF
makeNetworkingConf || true [[ -n "$doNetConf" ]] && makeNetworkingConf || true
} }
makeLightsailConf() {
mkdir -p /etc/nixos
cat > /etc/nixos/configuration.nix << EOF
{ config, pkgs, modulesPath, lib, ... }:
{
imports = [ "\${modulesPath}/virtualisation/amazon-image.nix" ];
boot.loader.grub.device = lib.mkForce "/dev/nvme0n1";
}
EOF
}
makeNetworkingConf() { makeNetworkingConf() {
# XXX It'd be better if we used procfs for all this... # XXX It'd be better if we used procfs for all this...
@ -371,6 +382,15 @@ infect() {
/nix/var/nix/profiles/system/bin/switch-to-configuration boot /nix/var/nix/profiles/system/bin/switch-to-configuration boot
} }
if [ ! -v PROVIDER ]; then
autodetectProvider
fi
[ "$PROVIDER" = "digitalocean" ] && doNetConf=y # digitalocean requires detailed network config to be generated
[ "$PROVIDER" = "lightsail" ] && newrootfslabel="nixos"
if [[ "$PROVIDER" = "digitalocean" ]] || [[ "$PROVIDER" = "servarica" ]] || [[ "$PROVIDER" = "hetznercloud" ]]; then
doNetConf=y # some providers require detailed network config to be generated
fi
checkEnv checkEnv
prepareEnv prepareEnv