102 lines
3.2 KiB
Nix
102 lines
3.2 KiB
Nix
{
|
|
description = "The simple provisioning service";
|
|
|
|
inputs = {
|
|
nixpkgs.url = "nixpkgs/nixos-unstable";
|
|
nixos-generators = {
|
|
url = "github:nix-community/nixos-generators";
|
|
inputs.nixpkgs.follows = "nixpkgs";
|
|
};
|
|
};
|
|
|
|
outputs = { self, nixpkgs, nixos-generators, ... }:
|
|
let
|
|
lastModifiedDate = self.lastModifiedDate or self.lastModified or "19700101";
|
|
version = builtins.substring 0 8 lastModifiedDate;
|
|
supportedSystems = [ "x86_64-linux" "aarch64-linux" ];
|
|
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
|
nixpkgsFor = forAllSystems (system: import nixpkgs { inherit system; });
|
|
in
|
|
{
|
|
packages = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgsFor.${system};
|
|
clientPackage = pkgs.buildGoModule {
|
|
pname = "client";
|
|
inherit version;
|
|
src = ./client;
|
|
vendorHash = null;
|
|
};
|
|
in
|
|
{
|
|
default = clientPackage;
|
|
boot-env-iso = nixos-generators.nixosGenerate {
|
|
inherit system;
|
|
format = "iso";
|
|
modules = [
|
|
({modulesPath, ...}: {
|
|
imports = [
|
|
(modulesPath + "/profiles/minimal.nix")
|
|
(modulesPath + "/profiles/base.nix")
|
|
];
|
|
|
|
system.stateVersion = "25.05";
|
|
|
|
boot.initrd.kernelModules = ["hv_vmbus" "hv_storvsc"]; # Hyper-V Support
|
|
|
|
# Disable unneeded features
|
|
##boot.loader.grub.enable = true; # Not needed as iso-image.nix in modulesPath defines these and cause conflict
|
|
##boot.loader.grub.device = "nodev";
|
|
documentation.enable = false;
|
|
fonts.fontconfig.enable = false;
|
|
services.udisks2.enable = false;
|
|
|
|
networking.firewall.enable = false; # Technically we COULD use the firewall, but given that this is a network-dependent, one-time-use service, it would cause more issues
|
|
|
|
services.getty.autologinUser = "root";
|
|
|
|
environment.systemPackages = [ clientPackage ];
|
|
environment.etc."profile.local".text = ''
|
|
client
|
|
'';
|
|
|
|
isoImage.squashfsCompression = "gzip -Xcompression-level 1";
|
|
})
|
|
];
|
|
};
|
|
});
|
|
|
|
apps = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgsFor.x86_64-linux;
|
|
iso = self.packages.x86_64-linux.boot-env-iso;
|
|
in
|
|
{
|
|
test-iso-x86_64 = {
|
|
type = "app";
|
|
program = "${pkgs.writeScriptBin "test-iso" ''
|
|
#!/bin/sh
|
|
${pkgs.qemu}/bin/qemu-system-x86_64 -cdrom ${iso}/iso/*.iso -m 1G \
|
|
-net nic,model=rtl8139 -net user,hostfwd=tcp::8080-:8080
|
|
''}/bin/test-iso";
|
|
};
|
|
});
|
|
|
|
devShells = forAllSystems (system:
|
|
let
|
|
pkgs = nixpkgsFor.${system};
|
|
in
|
|
{
|
|
default = pkgs.mkShell {
|
|
hardeningDisable = [ "fortify" ];
|
|
buildInputs = [
|
|
pkgs.bashInteractive
|
|
pkgs.go
|
|
pkgs.delve
|
|
pkgs.qemu_kvm
|
|
];
|
|
};
|
|
});
|
|
};
|
|
}
|