Add standalone installer

Signed-off-by: Valentin Kharin <[email protected]>
brianmcgillion · Feb 16, 2024 · 4e9b79a · 4e9b79a
1 parent 0911ef7
commit 4e9b79a
Show file tree

Hide file tree

Showing 10 changed files with 163 additions and 15 deletions.
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -123,6 +123,11 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
 
+    disko = {
+      url = "github:nix-community/disko/master";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
     #
     # Security
     #

diff --git a/lib/default.nix b/lib/default.nix
@@ -5,12 +5,10 @@
   lib,
   inputs,
 }: let
-  inherit (inputs) nixpkgs;
-  inherit (inputs) nixos-generators;
+  inherit (inputs) nixpkgs nixos-generators disko;
 in {
   installer = {
     system,
-    sshKeys,
     modules ? [],
   }: let
     installerImgCfg = lib.nixosSystem {
@@ -28,7 +26,10 @@ in {
           }: {
             imports = [(modulesPath + "/profiles/all-hardware.nix")];
 
-            environment.systemPackages = [(pkgs.callPackage ../packages/wifi-connector {useNmcli = true;})];
+            environment.systemPackages = [
+              (pkgs.callPackage ../packages/wifi-connector {useNmcli = true;})
+              disko.packages.${system}.disko
+            ];
 
             nixpkgs.hostPlatform.system = system;
             nixpkgs.config.allowUnfree = true;
@@ -48,7 +49,6 @@ in {
               };
               development.ssh.daemon = {
                 enable = true;
-                authorizedKeys = sshKeys;
               };
             };
           })

diff --git a/modules/installer/default.nix b/modules/installer/default.nix
@@ -25,6 +25,12 @@ in {
 
   config.system.build.installer = lib.ghaf.installer {
     inherit (config.nixpkgs.hostPlatform) system;
-    inherit (cfg) modules sshKeys;
+    modules =
+      cfg.modules
+      ++ [
+        {
+          ghaf.development.ssh.daemon.authorizedKeys = cfg.sshKeys;
+        }
+      ];
   };
 }
diff --git a/modules/installer/standalone-installer/default.nix b/modules/installer/standalone-installer/default.nix
@@ -0,0 +1,19 @@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+{
+  pkgs,
+  toplevelDrv,
+  disko,
+  diskoConfig,
+}:
+pkgs.substituteAll {
+  dir = "bin";
+  isExecutable = true;
+
+  buildInputs = with pkgs; [nix nixos-install-tools disko];
+
+  pname = "ghaf-installer";
+  src = ./installer.sh;
+  inherit (pkgs) runtimeShell;
+  inherit toplevelDrv diskoConfig;
+}
diff --git a/modules/installer/standalone-installer/installer.sh b/modules/installer/standalone-installer/installer.sh
@@ -0,0 +1,47 @@
+#! @runtimeShell@
+# Copyright 2022-2024 TII (SSRC) and the Ghaf contributors
+# SPDX-License-Identifier: Apache-2.0
+clear
+cat <<"EOF"
+  ,----..     ,---,
+ /   /   \  ,--.' |                 .--.,
+|   :     : |  |  :               ,--.'  \
+.   |  ;. / :  :  :               |  | /\/
+.   ; /--`  :  |  |,--.  ,--.--.  :  : :
+;   | ;  __ |  :  '   | /       \ :  | |-,
+|   : |.' .'|  |   /' :.--.  .-. ||  : :/|
+.   | '_.' :'  :  | | | \__\/: . .|  |  .'
+'   ; : \  ||  |  ' | : ," .--.; |'  : '
+'   | '/  .'|  :  :_:,'/  /  ,.  ||  | |
+|   :    /  |  | ,'   ;  :   .'   \  : \
+ \   \ .'   `--''     |  ,     .-./  |,'
+  `---`                `--`---'   `--'
+EOF
+
+echo "Welcome to Ghaf installer!"
+
+echo "To install image choose path to the device on which image will be installed."
+
+lsblk
+read -p "Device name [e.g. sda]: " DEVICE_NAME
+
+export DISKO_CONFIG_FILE_WITH_DRIVE="$HOME/disk-config.nix"
+
+sed "s/DRIVE_PATH/\/dev\/$DEVICE_NAME/g" '@diskoConfig@' > $DISKO_CONFIG_FILE_WITH_DRIVE
+cat $DISKO_CONFIG_FILE_WITH_DRIVE
+echo $DISKO_CONFIG_FILE_WITH_DRIVE
+
+read -p 'WARNING: Next commmand will destory all previous data from your device, press Enter to proceed. '
+echo "Partitioning..."
+disko --no-deps --debug --mode disko $DISKO_CONFIG_FILE_WITH_DRIVE
+
+read -p "Press Enter to install system"
+
+echo "Installing..."
+nixos-install --option binary-caches “” --no-root-passwd --system "@toplevelDrv@"
+
+read -p "Press Enter to reboot"
+
+echo "Rebooting..."
+sleep 1
+reboot
diff --git a/targets/default.nix b/targets/default.nix
@@ -7,13 +7,13 @@
   inputs,
   ...
 }: let
-  inherit (inputs) jetpack-nixos lanzaboote microvm nixos-generators nixos-hardware nixpkgs;
+  inherit (inputs) jetpack-nixos lanzaboote microvm nixos-generators nixos-hardware nixpkgs disko;
 in
   lib.foldr lib.recursiveUpdate {} [
     (import ./nvidia-jetson-orin {inherit lib nixpkgs nixos-generators microvm jetpack-nixos;})
     (import ./vm.nix {inherit lib nixos-generators microvm;})
     (import ./generic-x86_64.nix {inherit lib nixos-generators microvm;})
-    (import ./lenovo-x1-carbon.nix {inherit lib nixos-generators microvm lanzaboote;})
+    (import ./lenovo-x1-carbon.nix {inherit lib nixos-generators microvm lanzaboote nixpkgs disko;})
     (import ./imx8qm-mek.nix {inherit lib nixos-generators nixos-hardware microvm;})
     (import ./microchip-icicle-kit.nix {inherit lib nixpkgs nixos-hardware;})
   ]
diff --git a/targets/lenovo-x1-carbon.nix b/targets/lenovo-x1-carbon.nix
@@ -7,6 +7,8 @@
   nixos-generators,
   microvm,
   lanzaboote,
+  nixpkgs,
+  disko,
   ...
 }: let
   name = "lenovo-x1-carbon-gen11";
@@ -503,10 +505,54 @@
         ++ (import ../modules/module-list.nix)
         ++ extraModules;
     };
+    package = let inherit ((hostConfiguration.extendModules {modules = [formatModule];})) config; in config.system.build.${config.formatAttr};
   in {
-    inherit hostConfiguration;
+    inherit hostConfiguration package;
     name = "${name}-${variant}";
-    package = let inherit ((hostConfiguration.extendModules {modules = [formatModule];})) config; in config.system.build.${config.formatAttr};
+    installer = let
+      pkgs = import nixpkgs {inherit system;};
+      inherit ((hostConfiguration.extendModules {modules = [disko.nixosModules.disko (import ../templates/targets/x86_64/generic/disk-config.nix)];}).config.system.build) toplevel;
+      installerScript = import ../modules/installer/standalone-installer {
+        inherit pkgs;
+        toplevelDrv = toplevel;
+        inherit (disko.packages.${system}) disko;
+        diskoConfig = pkgs.writeText "disko-config.nix" (builtins.readFile ../templates/targets/x86_64/generic/disk-config.nix);
+      };
+    in
+      lib.ghaf.installer {
+        inherit system;
+        modules = [
+          ({pkgs, ...}: {
+            # Stop nixos complains about "warning: mdadm: Neither MAILADDR nor PROGRAM has been set. This will cause the `mdmon` service to crash."
+            # NOTE: Why this not working though? https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix#L112
+            boot.swraid.mdadmConf = "PROGRAM ${pkgs.coreutils}/bin/true";
+
+            environment.systemPackages = with pkgs; [
+              installerScript
+              # Installing this toplevel derivation should include all required
+              # packages to installer image /nix/store thus enabling offline
+              # installation.
+              # hostConfiguration.config.system.build.toplevel
+
+              # Copied from https://github.com/nix-community/disko/blob/f67ba6552845ea5d7f596a24d57c33a8a9dc8de9/lib/default.nix#L396-L402
+              # To make disko cli happy without internet.
+              util-linux
+              e2fsprogs
+              mdadm
+              zfs
+              lvm2
+              bash
+              jq
+            ];
+            environment.loginShellInit = ''
+              if [[ "$(tty)" == "/dev/tty1" ]] then
+                sudo installer.sh
+              fi
+            '';
+            isoImage.storeContents = [toplevel];
+          })
+        ];
+      };
   };
   debugModules = [
     ../modules/development/usb-serial.nix
@@ -537,6 +583,7 @@ in {
     builtins.listToAttrs (map (t: lib.nameValuePair t.name t.hostConfiguration) targets);
   flake.packages = {
     x86_64-linux =
-      builtins.listToAttrs (map (t: lib.nameValuePair t.name t.package) targets);
+      builtins.listToAttrs (map (t: lib.nameValuePair t.name t.package) targets)
+      // builtins.listToAttrs (map (t: lib.nameValuePair "${t.name}-installer" t.installer) targets);
   };
 }
diff --git a/templates/targets/x86_64/generic/disk-config.nix b/templates/targets/x86_64/generic/disk-config.nix
@@ -4,7 +4,7 @@
 _: {
   disko.devices = {
     disk.disk1 = {
-      # device = lib.mkDefault "/dev/nvme0n1";
+      device = "DRIVE_PATH";
       type = "disk";
       content = {
         type = "gpt";
@@ -22,6 +22,7 @@ _: {
               type = "filesystem";
               format = "vfat";
               mountpoint = "/boot";
+              mountOptions = ["umask=0077"];
             };
           };
           root = {

diff --git a/templates/targets/x86_64/generic/flake.nix b/templates/targets/x86_64/generic/flake.nix
@@ -71,7 +71,8 @@
           modules = [
             disko.nixosModules.disko
             ./disk-config.nix
-            {
+            # deadnix: skip
+            ({lib, ...}: {
               #insert your additional modules here e.g.
               # virtualisation.docker.enable = true;
               # users.users."ghaf".extraGroups = ["docker"];
@@ -88,8 +89,8 @@
               ];
 
               # Insert block device on which system will be installed (this will destory all content on it).
-              disko.devices.disk.disk1.device = "DRIVE_PATH";
-            }
+              # disko.devices.disk.disk1.device = lib.mkDefault "DRIVE_PATH";
+            })
           ];
         };
         packages.x86_64-linux.PROJ_NAME-ghaf-debug = let