SelfPrivacy/selfprivacy-nixos-infect
1
0
Fork 0
mirror of https://git.selfprivacy.org/SelfPrivacy/selfprivacy-nixos-infect.git synced 2024-11-22 20:11:28 +00:00
Code Issues Projects Releases Wiki Activity

generate deployment.nix with system.stateVersion

Browse source
This commit is contained in:
Alexander Tomokhov 2023-12-05 07:30:19 +04:00
parent 8de4c0908f
commit ba181fb162
1 changed files with 50 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

57
nixos-infect
View file

@ -96,6 +96,17 @@ EOF
) )
fi fi
local NIX="/root/.nix-profile/bin/nix"
local NIX_OPTS=(--extra-experimental-features nix-command)
local currentSystem
if ! currentSystem="$($NIX "${NIX_OPTS[@]}" eval --impure --raw --expr builtins.currentSystem)"
then
echo "cannot determine Nix currentSystem identifier"
return 1
fi
# TODO try nixos-generate-config first, resorting to the way below if failed
cat << EOF cat << EOF
{ modulesPath, ... }: { modulesPath, ... }:
{ {
@ -103,6 +114,28 @@ EOF
$bootcfg $bootcfg
boot.initrd.kernelModules = [ "nvme" ]; boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "$ROOTFSDEV"; fsType = "$ROOTFSTYPE"; }; fileSystems."/" = { device = "$ROOTFSDEV"; fsType = "$ROOTFSTYPE"; };
nixpkgs.hostPlatform = "${currentSystem}";
}
EOF
}
genDeploymentConfiguration() {
local NIX="/root/.nix-profile/bin/nix"
local NIX_OPTS=(--extra-experimental-features "nix-command flakes")
local release
if ! release="$($NIX "${NIX_OPTS[@]}" eval --impure --raw --expr "(builtins.getFlake (builtins.toString ${LOCAL_FLAKE_DIR})).inputs.selfprivacy-nixos-config.inputs.nixpkgs.lib.trivial.release")"
then
echo "cannot determine NixOS release version"
return 1
fi
cat << EOF
{
# The content below is static and belongs to this deployment only!
# Do not copy this configuration file to another NixOS installation!
system.stateVersion = "$release";
} }
EOF EOF
} }
@ -117,7 +150,18 @@ setupConf() {
fi fi
# generate and write hardware-configuration.nix # generate and write hardware-configuration.nix
genHardwareConfiguration > ${LOCAL_FLAKE_DIR}/hardware-configuration.nix if ! genHardwareConfiguration > ${LOCAL_FLAKE_DIR}/hardware-configuration.nix
then
echo "error generating ${LOCAL_FLAKE_DIR}/hardware-configuration.nix"
exit 1
fi
# generate and write deployment.nix
if ! genDeploymentConfiguration > ${LOCAL_FLAKE_DIR}/deployment.nix
then
echo "error generating ${LOCAL_FLAKE_DIR}/deployment.nix"
exit 1
fi
# generate infected userdata based on original # generate infected userdata based on original
local userdataInfected local userdataInfected
@ -237,7 +281,10 @@ checkEnv() {
} }
# Download and execute the nix installer script. # Download and execute the nix installer script.
installNix() { installNix() {
# install multiuser (system-wide with nix-daemon) Nix in the current system
local nixReleaseBase='https://releases.nixos.org' local nixReleaseBase='https://releases.nixos.org'
local installURL="${nixReleaseBase}/nix/nix-${NIX_VERSION}/install" local installURL="${nixReleaseBase}/nix/nix-${NIX_VERSION}/install"
local shaURL="${installURL}.sha256" local shaURL="${installURL}.sha256"
@ -279,12 +326,6 @@ installNix() {
} }
infect() { infect() {
# install multiuser (system-wide with nix-daemon) Nix in the current system
if ! installNix; then
echo "Nix installation failed!"
exit 1
fi
# this is needed solely for accepting the sp-module subflake # this is needed solely for accepting the sp-module subflake
# see https://github.com/NixOS/nix/issues/3978#issuecomment-952418478 # see https://github.com/NixOS/nix/issues/3978#issuecomment-952418478
/root/.nix-profile/bin/nix flake lock ${LOCAL_FLAKE_DIR} \ /root/.nix-profile/bin/nix flake lock ${LOCAL_FLAKE_DIR} \
@ -336,9 +377,11 @@ set -o errexit
apt update apt update
apt install -y git tar curl jq apt install -y git tar curl jq
checkEnv checkEnv
prepareEnv prepareEnv
makeSwap # smallest (512MB) droplet needs extra memory! makeSwap # smallest (512MB) droplet needs extra memory!
installNix
setupConf setupConf
infect infect
removeSwap removeSwap