added iso image

transferred proxmox image from nixos-generate to normal nixpkgs build
2024-06-06 14:38:39 -05:00 · 2024-06-06 14:38:39 -05:00 · 80e8884ba1
parent 7642191e98
commit 80e8884ba1
9 changed files with 168 additions and 56 deletions
--- a/configs/nixos/common.nix
+++ b/configs/nixos/common.nix
@ -14,6 +14,7 @@
    optimise.automatic = true;
    settings = {
      auto-optimise-store = true;
+      trusted-users = ["root" "gabe"];
    };
    gc = {
      automatic = true;
--- a/configs/nixos/wireless.nix
+++ b/configs/nixos/wireless.nix
@ -1,7 +0,0 @@
-{
-  config,
-  pkgs,
-  ...
-}: {
-  networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
-}
--- a/flake.lock
+++ b/flake.lock
@ -254,42 +254,6 @@
        "url": "ssh://git@git.venberg.xyz:7920/Gabe/nix-secrets.git"
      }
    },
-    "nixlib": {
-      "locked": {
-        "lastModified": 1712450863,
-        "narHash": "sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw=",
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "rev": "3c62b6a12571c9a7f65ab037173ee153d539905f",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixpkgs.lib",
-        "type": "github"
-      }
-    },
-    "nixos-generators": {
-      "inputs": {
-        "nixlib": "nixlib",
-        "nixpkgs": [
-          "nixpkgs"
-        ]
-      },
-      "locked": {
-        "lastModified": 1716210724,
-        "narHash": "sha256-iqQa3omRcHGpWb1ds75jS9ruA5R39FTmAkeR3J+ve1w=",
-        "owner": "nix-community",
-        "repo": "nixos-generators",
-        "rev": "d14b286322c7f4f897ca4b1726ce38cb68596c94",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nix-community",
-        "repo": "nixos-generators",
-        "type": "github"
-      }
-    },
    "nixos-wsl": {
      "inputs": {
        "flake-compat": [
@ -415,7 +379,6 @@
        "flake-utils": "flake-utils",
        "home-manager": "home-manager",
        "nix-secrets": "nix-secrets",
-        "nixos-generators": "nixos-generators",
        "nixos-wsl": "nixos-wsl",
        "nixpkgs": "nixpkgs",
        "nixvim": "nixvim",
--- a/flake.nix
+++ b/flake.nix
@ -36,11 +36,6 @@
      inputs.flake-compat.follows = "flake-compat";
    };

-    nixos-generators = {
-      url = "github:nix-community/nixos-generators";
-      inputs.nixpkgs.follows = "nixpkgs";
-    };
-
    #https://unmovedcentre.com/technology/2024/03/22/secrets-management.html
    sops-nix = {
      url = "github:mic92/sops-nix";
@ -110,7 +105,7 @@

    packages.x86_64-linux = {
      proxmox = import ./packages/proxmox.nix {inherit inputs outputs configLib;};
-      vm = import ./packages/vm.nix {inherit inputs outputs configLib;};
+      iso = import ./packages/iso.nix {inherit inputs outputs configLib;};
    };

    templates = import ./templates {inherit inputs outputs;};
--- a/hosts/workstation-vm/default.nix
+++ b/hosts/workstation-vm/default.nix
@ -22,7 +22,6 @@ inputs.nixpkgs.lib.nixosSystem {
    ../../configs/nixos/i3
    ../../configs/nixos/common.nix
    ../../configs/nixos/sshd.nix
-    ../../configs/nixos/secrets.nix
    ({
      config,
      pkgs,
--- a/packages/iso.nix
+++ b/packages/iso.nix
@ -0,0 +1,154 @@
+# Edit this configuration file to define what should be installed on
+# your system.  Help is available in the configuration.nix(5) man page
+# and in the NixOS manual (accessible by running ‘nixos-help’).
+{
+  inputs,
+  outputs,
+  configLib,
+  ...
+}:
+(inputs.nixpkgs.lib.nixosSystem {
+  system = "x86_64-linux";
+  specialArgs = {inherit inputs outputs configLib;};
+  # > Our main nixos configuration file <
+  modules = [
+    inputs.home-manager.nixosModules.home-manager
+    ../configs/nixos/printing.nix
+    ../configs/nixos/sound.nix
+    ../configs/nixos/interactive-networking.nix
+    ../configs/nixos/i3
+    ../configs/nixos/common.nix
+    ../configs/nixos/sshd.nix
+    ../roles/nixos/power-saving.nix
+    ({
+      config,
+      pkgs,
+      lib,
+      inputs,
+      configLib,
+      modulesPath,
+      options,
+      ...
+    }: {
+      imports = [
+        "${modulesPath}/installer/cd-dvd/iso-image.nix"
+        "${modulesPath}/profiles/base.nix"
+        "${modulesPath}/profiles/clone-config.nix"
+        "${modulesPath}/profiles/qemu-guest.nix"
+        "${modulesPath}/profiles/all-hardware.nix"
+        "${modulesPath}/installer/scan/detected.nix"
+        "${modulesPath}/installer/scan/not-detected.nix"
+      ];
+      host = {
+        user = "gabe";
+        fullName = "Gabe Venberg";
+        gui.enable = true;
+      };
+      networking.hostName = "nixos-installer"; # Define your hostname.
+
+      users.users.${config.host.user} = {
+        packages = with pkgs; [
+          gparted
+          firefox
+        ];
+      };
+
+      home-manager.users.${config.host.user} = {
+        inputs,
+        osConfig,
+        ...
+      }: {
+        host = osConfig.host;
+        user = {
+          git = {
+            profile = {
+              name = "Gabe Venberg";
+              email = "gabevenberg@gmail.com";
+            };
+            workProfile.enable = false;
+          };
+        };
+        imports = [
+          ../roles/home-manager/terminal.nix
+          ../configs/home-manager/common.nix
+          inputs.nixvim.homeManagerModules.nixvim
+        ];
+      };
+
+      # Adds terminus_font for people with HiDPI displays
+      console.packages = options.console.packages.default ++ [pkgs.terminus_font];
+
+      # ISO naming.
+      isoImage.isoName = "${config.isoImage.isoBaseName}-${pkgs.stdenv.hostPlatform.system}.iso";
+
+      # EFI booting
+      isoImage.makeEfiBootable = true;
+
+      # USB booting
+      isoImage.makeUsbBootable = true;
+
+      # Add Memtest86+ to the CD.
+      boot.loader.grub.memtest86.enable = true;
+
+      # services.libinput.enable = true; # for touchpad support on many laptops
+
+      # An installation media cannot tolerate a host config defined file
+      # system layout on a fresh machine, before it has been formatted.
+      swapDevices = lib.mkForce [];
+      fileSystems = lib.mkForce config.lib.isoFileSystems;
+
+      system.nixos.variant_id = lib.mkDefault "installer";
+
+      # Enable in installer, even if the minimal profile disables it.
+      documentation.enable = lib.mkForce true;
+
+      # Show the manual.
+      documentation.nixos.enable = lib.mkForce true;
+
+      # Tell the Nix evaluator to garbage collect more aggressively.
+      # This is desirable in memory-constrained environments that don't
+      # (yet) have swap set up.
+      environment.variables.GC_INITIAL_HEAP_SIZE = "1M";
+
+      # Make the installer more likely to succeed in low memory
+      # environments.  The kernel's overcommit heustistics bite us
+      # fairly often, preventing processes such as nix-worker or
+      # download-using-manifests.pl from forking even if there is
+      # plenty of free memory.
+      boot.kernel.sysctl."vm.overcommit_memory" = "1";
+
+      # To speed up installation a little bit, include the complete
+      # stdenv in the Nix store on the CD.
+      system.extraDependencies = with pkgs; [
+        stdenv
+        stdenvNoCC # for runCommand
+        busybox
+        jq # for closureInfo
+        # For boot.initrd.systemd
+        makeInitrdNGTool
+      ];
+
+      # Show all debug messages from the kernel but don't log refused packets
+      # because we have the firewall enabled. This makes installs from the
+      # console less cumbersome if the machine has a public IP.
+      networking.firewall.logRefusedConnections = lib.mkDefault false;
+
+      # Prevent installation media from evacuating persistent storage, as their
+      # var directory is not persistent and it would thus result in deletion of
+      # those entries.
+      environment.etc."systemd/pstore.conf".text = ''
+        [PStore]
+        Unlink=no
+      '';
+
+      # Much faster than xz
+      isoImage.squashfsCompression = lib.mkDefault "zstd";
+
+      system.stateVersion = lib.mkDefault lib.trivial.release;
+    })
+  ];
+})
+.config
+.system
+.build
+.isoImage
--- a/packages/proxmox.nix
+++ b/packages/proxmox.nix
@ -4,10 +4,9 @@
  configLib,
  ...
 }:
-inputs.nixos-generators.nixosGenerate {
+(inputs.nixpkgs.lib.nixosSystem {
  system = "x86_64-linux";
  specialArgs = {inherit inputs outputs configLib;};
-  format = "proxmox-lxc";
  modules = [
    inputs.home-manager.nixosModules.home-manager
    ../configs/nixos/sshd.nix
@ -17,10 +16,13 @@ inputs.nixos-generators.nixosGenerate {
      pkgs,
      configLib,
      modulesPath,
+      lib,
      ...
    }: {
-      imports = [(modulesPath + "/virtualisation/proxmox-lxc.nix")];
+      imports = ["${modulesPath}/virtualisation/proxmox-lxc.nix"];
      proxmoxLXC.manageHostName = false;
+      boot.loader.grub.enable = lib.mkForce false;
+      boot.loader.systemd-boot.enable = lib.mkForce false;
      host.user = "gabe";
      host.fullName = "Gabe Venberg";

@ -49,4 +51,8 @@ inputs.nixos-generators.nixosGenerate {
      system.stateVersion = "24.05";
    })
  ];
-}
+})
+.config
+.system
+.build
+.tarball
--- a/roles/home-manager/minimal-terminal.nix
+++ b/roles/home-manager/minimal-terminal.nix
@ -22,6 +22,7 @@
    fd
    sd
    curl
+    rsync
  ];

  home.sessionVariables = {
--- a/roles/nixos/power-saving.nix
+++ b/roles/nixos/power-saving.nix
@ -6,5 +6,5 @@
 }: {
  powerManagement.powertop.enable = true;
  powerManagement.enable = true;
-  powerManaagement.cpuFreqGovernor = "ondemand";
+  powerManagement.cpuFreqGovernor = "ondemand";
 }