dotfiles/vmix.nix
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

refactor names for customs and templates for more clarity. templates are self contained instead of depending on others

Browse source
This commit is contained in:
Sagar Ch 2024-05-23 17:01:10 +00:00
parent ad2092531c
commit 82513c0714
4 changed files with 101 additions and 88 deletions
Download patch file Download diff file Expand all files Collapse all files

2
flake.nix
View file

@ -17,7 +17,7 @@
name = "playfulness"; name = "playfulness";
}; };
nixmox = customizeImage images.debian.v12.proxmox (images.debian.customs.rooted // { nixmox = customizeImage images.debian.v12.proxmox (images.debian.templates.rooted // {
name = "nixmox"; name = "nixmox";
}); });

76
lib/images/debian/customs.nix
View file

@ -1,63 +1,27 @@
# ready to use customizations to apply on images # create additional useful customized images from templates and upstream images
{ pkgs, lib, system, commons, ... }: { pkgs, lib, system, commons, upstreamImages, templates, ... }:
with commons; with commons;
with scriptsNFiles; with scriptsNFiles;
let
upstreamImageName = "v12";
in
{ {
# essential functionalities like ssh, networking etc ${upstreamImageName} = rec {
essentials = { # default image with essential functionalities like ssh, networking etc
install = [ "htop" "openssh-server" "inetutils-ping" "dnsutils" "cloud-guest-utils" "qemu-guest-agent" ]; default = customizeImage upstreamImages.${upstreamImageName} (templates.essentials // {
commands = '' name = "default";
upload ${grub-ifnames-0}:/etc/default/grub.d/90-ifnames-0.cfg hostname = "debian";
upload ${grub-disable-microcode}:/etc/default/grub.d/00-disable-microcode.cfg });
run-command mount /boot/efi && update-grub
upload ${eth0-dhcp-network}:/etc/systemd/network/00-eth0-dhcp.network
run ${ssh-service-override-conf-create}
upload ${grow-root-sh}:/usr/local/sbin/grow-root.sh
upload ${grow-root-service}:/etc/systemd/system/grow-root.service
run-command systemctl enable grow-root.service
'';
};
# set easy root access # playground with easy root access
rooted = { play = customizeImage default (templates.rooted // {
run = '' name = "play";
# set root password and ssh access nameToHostname = false;
echo "root:root" | chpasswd });
sed -i '/PasswordAuthentication no/d' "/etc/ssh/sshd_config"
echo "PasswordAuthentication yes\nPermitRootLogin yes" >> "/etc/ssh/sshd_config"
'';
};
# install proxmox # proxmox
proxmoxOnDebian12 = { proxmox = customizeImage default (templates.proxmoxOnDebian12 // {
diskSize = "+2G"; name = "proxmox";
smp = 4; });
memSize = 4096;
run = ''
# script originally taken from https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm
# exit if error
set -e
# grow root partition - script installed in "base" image
/usr/local/sbin/grow-root.sh
# mount efi for grub changes
mount /boot/efi
# add proxmox repo
echo "deb [arch=amd64] http://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list
wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
apt-get update && apt full-upgrade -y --no-install-recommends;
# necessary precursors
echo "0.0.0.0\t\t`cat /etc/hostname`" >> /etc/hosts; # necessary for SSL certificate creation
mkdir -p /run/network; # bug https://github.com/CumulusNetworks/ifupdown2/issues/276
# install
apt install -y proxmox-default-kernel proxmox-ve postfix open-iscsi chrony --no-install-recommends;
# remove previous kernels
apt remove -y os-prober linux-image-amd64 'linux-image-6.*';
'';
}; };
} }

16
lib/images/debian/default.nix
View file

@ -3,14 +3,14 @@ let
# upstream distro images # upstream distro images
upstreamImagesJSON = lib.importJSON ./upstream.json; upstreamImagesJSON = lib.importJSON ./upstream.json;
upstreamImages = lib.mapAttrs (name: src: pkgs.fetchurl src) upstreamImagesJSON.${system}; upstreamImages = lib.mapAttrs (name: src: pkgs.fetchurl src) upstreamImagesJSON.${system};
customs = (import ./customs.nix) { inherit pkgs lib system commons; }; templates = (import ./templates.nix) { inherit pkgs lib system commons; };
templates = (import ./templates.nix) { inherit pkgs lib system commons upstreamImages customs; }; customs = (import ./customs.nix) { inherit pkgs lib system commons upstreamImages templates; };
mergeUpstreamImageAndTemplates = mergeUpstreamAndCustomImages =
name: image: name: upstreamImage:
let let
imageTemplates = lib.optionalAttrs (lib.hasAttr "${name}" templates) templates.${name}; customImages = lib.optionalAttrs (lib.hasAttr "${name}" customs) customs.${name};
in in
imageTemplates // { upstream = image; }; customImages // { upstream = upstreamImage; };
images = lib.mapAttrs mergeUpstreamImageAndTemplates upstreamImages; images = lib.mapAttrs mergeUpstreamAndCustomImages upstreamImages;
in images // { inherit customs; } in images // { inherit templates; }

83
lib/images/debian/templates.nix
View file

@ -1,24 +1,73 @@
# create additional useful template images from upstream images # ready to use customization templates to apply on images
{ pkgs, lib, system, commons, upstreamImages, customs, ... }: { pkgs, lib, system, commons, ... }:
with commons; with commons;
with scriptsNFiles; with scriptsNFiles;
{ {
v12 = rec { # essential functionalities like ssh, networking etc
# default image with essential functionalities like ssh, networking etc essentials = {
default = customizeImage upstreamImages.v12 (customs.essentials // { install = [ "htop" "openssh-server" "inetutils-ping" "dnsutils" "cloud-guest-utils" "qemu-guest-agent" ];
name = "default"; commands = ''
hostname = "debian"; upload ${grub-ifnames-0}:/etc/default/grub.d/90-ifnames-0.cfg
}); upload ${grub-disable-microcode}:/etc/default/grub.d/00-disable-microcode.cfg
run-command mount /boot/efi && update-grub
upload ${eth0-dhcp-network}:/etc/systemd/network/00-eth0-dhcp.network
run ${ssh-service-override-conf-create}
upload ${grow-root-sh}:/usr/local/sbin/grow-root.sh
upload ${grow-root-service}:/etc/systemd/system/grow-root.service
run-command systemctl enable grow-root.service
'';
};
# playground with easy root access # set easy root access
play = customizeImage default (customs.rooted // { rooted = {
name = "play"; install = [ "openssh-server" ];
nameToHostname = false; commands = ''
}); run ${ssh-service-override-conf-create}
'';
run = ''
# set root password and ssh access
echo "root:root" | chpasswd
sed -i '/PasswordAuthentication no/d' "/etc/ssh/sshd_config"
echo "PasswordAuthentication yes\nPermitRootLogin yes" >> "/etc/ssh/sshd_config"
'';
};
# proxmox # install proxmox
proxmox = customizeImage default (customs.proxmoxOnDebian12 // { proxmoxOnDebian12 = {
name = "proxmox"; diskSize = "+2G";
}); smp = 4;
memSize = 4096;
install = [ "cloud-guest-utils" ];
commands = ''
upload ${grow-root-sh}:/usr/local/sbin/grow-root.sh
upload ${grow-root-service}:/etc/systemd/system/grow-root.service
run-command systemctl enable grow-root.service
'';
run = ''
# script originally taken from https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm
# exit if error
set -e
# grow root partition
/usr/local/sbin/grow-root.sh
# mount efi for grub changes
mount /boot/efi
# add proxmox repo
echo "deb [arch=amd64] http://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list
wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg
apt-get update && apt full-upgrade -y --no-install-recommends;
# necessary precursors
echo "0.0.0.0\t\t`cat /etc/hostname`" >> /etc/hosts; # necessary for SSL certificate creation
mkdir -p /run/network; # bug https://github.com/CumulusNetworks/ifupdown2/issues/276
# install
apt install -y proxmox-default-kernel proxmox-ve postfix open-iscsi chrony --no-install-recommends;
# remove previous kernels
apt remove -y os-prober linux-image-amd64 'linux-image-6.*';
'';
}; };
} }