fist commit - images lib in a working condition for debian

2024-05-23 16:33:38 +00:00 · 2024-05-23 16:33:38 +00:00 · ad2092531c
commit ad2092531c
12 changed files with 308 additions and 0 deletions
--- a/lib/images/debian/customs.nix
+++ b/lib/images/debian/customs.nix
@ -0,0 +1,63 @@
+# ready to use customizations to apply on images
+{ pkgs, lib, system, commons, ... }:
+with commons;
+with scriptsNFiles;
+{
+  # essential functionalities like ssh, networking etc
+  essentials = {
+    install = [ "htop" "openssh-server" "inetutils-ping" "dnsutils" "cloud-guest-utils" "qemu-guest-agent" ];
+    commands = ''
+      upload ${grub-ifnames-0}:/etc/default/grub.d/90-ifnames-0.cfg
+      upload ${grub-disable-microcode}:/etc/default/grub.d/00-disable-microcode.cfg
+      run-command mount /boot/efi && update-grub
+      upload ${eth0-dhcp-network}:/etc/systemd/network/00-eth0-dhcp.network
+      run ${ssh-service-override-conf-create}
+      upload ${grow-root-sh}:/usr/local/sbin/grow-root.sh
+      upload ${grow-root-service}:/etc/systemd/system/grow-root.service
+      run-command systemctl enable grow-root.service
+    '';
+  };
+
+  # set easy root access
+  rooted = {
+    run = ''
+      # set root password and ssh access
+      echo "root:root" | chpasswd
+      sed -i '/PasswordAuthentication no/d' "/etc/ssh/sshd_config"
+      echo "PasswordAuthentication yes\nPermitRootLogin yes" >> "/etc/ssh/sshd_config"
+    '';
+  };
+
+  # install proxmox
+  proxmoxOnDebian12 = {
+    diskSize = "+2G";
+    smp = 4;
+    memSize = 4096;
+    run = ''
+      # script originally taken from https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm
+      # exit if error
+      set -e
+
+      # grow root partition - script installed in "base" image 
+      /usr/local/sbin/grow-root.sh
+
+      # mount efi for grub changes
+      mount /boot/efi
+
+      # add proxmox repo
+      echo "deb [arch=amd64] http://download.proxmox.com/debian/pve bookworm pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list
+      wget https://enterprise.proxmox.com/debian/proxmox-release-bookworm.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bookworm.gpg 
+      apt-get update && apt full-upgrade -y --no-install-recommends;
+
+      # necessary precursors
+      echo "0.0.0.0\t\t`cat /etc/hostname`" >> /etc/hosts; # necessary for SSL certificate creation
+      mkdir -p /run/network; # bug https://github.com/CumulusNetworks/ifupdown2/issues/276
+
+      # install
+      apt install -y proxmox-default-kernel proxmox-ve postfix open-iscsi chrony --no-install-recommends;
+
+      # remove previous kernels
+      apt remove -y os-prober linux-image-amd64 'linux-image-6.*';
+    '';
+  };
+}
--- a/lib/images/debian/default.nix
+++ b/lib/images/debian/default.nix
@ -0,0 +1,16 @@
+{ pkgs, lib, system, commons, ... }:
+let
+  # upstream distro images
+  upstreamImagesJSON = lib.importJSON ./upstream.json;
+  upstreamImages = lib.mapAttrs (name: src: pkgs.fetchurl src) upstreamImagesJSON.${system};
+  customs = (import ./customs.nix) { inherit pkgs lib system commons; };
+  templates = (import ./templates.nix) { inherit pkgs lib system commons upstreamImages customs; };
+  mergeUpstreamImageAndTemplates = 
+    name: image:
+      let
+        imageTemplates = lib.optionalAttrs (lib.hasAttr "${name}" templates) templates.${name};
+      in
+      imageTemplates // { upstream = image; };
+
+  images = lib.mapAttrs mergeUpstreamImageAndTemplates upstreamImages;
+in images // { inherit customs; }
--- a/lib/images/debian/templates.nix
+++ b/lib/images/debian/templates.nix
@ -0,0 +1,24 @@
+# create additional useful template images from upstream images
+{ pkgs, lib, system, commons, upstreamImages, customs, ... }:
+with commons;
+with scriptsNFiles;
+{
+  v12 = rec {
+    # default image with essential functionalities like ssh, networking etc
+    default = customizeImage upstreamImages.v12 (customs.essentials // {
+      name = "default";
+      hostname = "debian";
+    });
+
+    # playground with easy root access
+    play = customizeImage default (customs.rooted // {
+      name = "play";
+      nameToHostname = false;
+    });
+
+    # proxmox
+    proxmox = customizeImage default (customs.proxmoxOnDebian12 // {
+      name = "proxmox";
+    });
+  };
+}
--- a/lib/images/debian/upstream.json
+++ b/lib/images/debian/upstream.json
@ -0,0 +1,22 @@
+{
+  "aarch64-linux": {
+    "v12": {
+      "sha256": "00gzq6pvpw2idvb4nl4chw6x7j9qjqj7d1j4hsngm241bks6b8h1",
+      "url": "https://cloud.debian.org/images/cloud/bookworm/20240507-1740/debian-12-generic-arm64-20240507-1740.qcow2"
+    },
+    "v13": {
+      "sha256": "01liz34ikbqp7ij9ajginizxcrk1fiw3flqchq01knl8mar3givk",
+      "url": "https://cloud.debian.org/images/cloud/trixie/daily/20240512-1745/debian-13-generic-arm64-daily-20240512-1745.qcow2"
+    }
+  },
+  "x86_64-linux": {
+    "v12": {
+      "sha256": "0inga3c772wr9b296w86n8prlqvw47wd6b5z8347pygiw810y5yq",
+      "url": "https://cloud.debian.org/images/cloud/bookworm/20240507-1740/debian-12-generic-amd64-20240507-1740.qcow2"
+    },
+    "v13": {
+      "sha256": "1bixl6gnzigwryac1arc3n81nv4hwdi6wxpwmvrgigzni64b3x6w",
+      "url": "https://cloud.debian.org/images/cloud/trixie/daily/20240512-1745/debian-13-generic-amd64-daily-20240512-1745.qcow2"
+    }
+  }
+}