clerie/nixfiles
1
0
Fork 0
Code

pkgs/clerie-system-remote-install: Install NixOS system remotely without evaluating anything on remote

Browse Source
This commit is contained in:
clerie 2025-02-21 20:33:01 +01:00
parent 427820aa37
commit 99c82a2898
4 changed files with 39 additions and 0 deletions

1
flake.nix

@ -135,6 +135,7 @@
inherit (pkgs) inherit (pkgs)
clerie-backup clerie-backup
clerie-keys clerie-keys
clerie-system-remote-install
clerie-system-upgrade clerie-system-upgrade
clerie-merge-nixfiles-update clerie-merge-nixfiles-update
clerie-update-nixfiles clerie-update-nixfiles

31
pkgs/clerie-system-remote-install/clerie-system-remote-install.sh Executable file

@ -0,0 +1,31 @@
#!/usr/bin/env bash
set -xeuo pipefail
SYSTEM="$1"
REMOTE_HOST="$2"
REMOTE_ROOT="$3"
nix copy "${SYSTEM}" --to "ssh://${REMOTE_HOST}?remote-store=${REMOTE_ROOT}"
ssh "${REMOTE_HOST}" -- nix-env --store "${REMOTE_ROOT}" -p "${REMOTE_ROOT}/nix/var/nix/profiles/system" --set "${SYSTEM}"
ssh "${REMOTE_HOST}" -- mkdir -p "${REMOTE_ROOT}/tmp"
TMPSH="$(ssh "${REMOTE_HOST}" -- mktemp -p "${REMOTE_ROOT}/tmp")"
# shellcheck disable=SC2087
ssh "${REMOTE_HOST}" -- tee "${TMPSH}" <<EOF
#!/usr/bin/env bash
set -euo pipefail
nix-env --store "${REMOTE_ROOT}" -p "${REMOTE_ROOT}/nix/var/nix/profiles/system" --set "${SYSTEM}"
mkdir -m 0775 -p "${REMOTE_ROOT}/etc"
touch "${REMOTE_ROOT}/etc/NIXOS"
ln -sfn /proc/mounts "${REMOTE_ROOT}/etc/mtab"
NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root "${REMOTE_ROOT}" -c "/run/current-system/bin/switch-to-configuration boot"
EOF
ssh "${REMOTE_HOST}" -- bash "${TMPSH}"

6
pkgs/clerie-system-remote-install/default.nix Normal file

@ -0,0 +1,6 @@
{ pkgs, ... }:
pkgs.writeShellApplication {
name = "clerie-system-remote-install";
text = builtins.readFile ./clerie-system-remote-install.sh;
}

1
pkgs/overlay.nix

@ -1,6 +1,7 @@
final: prev: { final: prev: {
clerie-backup = final.callPackage ./clerie-backup {}; clerie-backup = final.callPackage ./clerie-backup {};
clerie-keys = final.callPackage ./clerie-keys {}; clerie-keys = final.callPackage ./clerie-keys {};
clerie-system-remote-install = final.callPackage ./clerie-system-remote-install {};
clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {}; clerie-system-upgrade = final.callPackage ./clerie-system-upgrade/clerie-system-upgrade.nix {};
clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {}; clerie-merge-nixfiles-update = final.callPackage ./clerie-update-nixfiles/clerie-merge-nixfiles-update.nix {};
clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {}; clerie-sops = final.callPackage ./clerie-sops/clerie-sops.nix {};