Update from master 2023-10-21T01:03+00:00

2023-10-21 03:03:02 +02:00 · 2023-10-21 03:03:02 +02:00 · da10fd9bd3
parent 65999c4dfd d300f2cbe8
commit da10fd9bd3
9 changed files with 147 additions and 80 deletions
--- a/flake.nix
+++ b/flake.nix
@ -102,7 +102,9 @@
        flask-excel
        iot-data
        nixfiles-add-secret
+        nixfiles-auto-install
        nixfiles-generate-backup-secrets
+        nixfiles-generate-config
        nixfiles-updated-inputs
        nixfiles-update-ssh-host-keys
        pyexcel-xlsx
--- a/hosts/_iso/configuration.nix
+++ b/hosts/_iso/configuration.nix
@ -1,72 +1,6 @@
 { pkgs, lib, modulesPath, ... }:

-let
-  nixfiles-auto-install = pkgs.writeScriptBin "nixfiles-auto-install" ''
-    #!${pkgs.bash}/bin/bash
-    set -euo pipefail
-
-    hostname=host''${RANDOM}
-
-    echo "[I] Deploying with hostname ''${hostname}"
-
-    device=""
-    for dev in "/dev/vda" "/dev/sda"; do
-      if [[ -b $dev ]]; then
-        device=$dev
-        break
-      fi
-    done
-
-    while [[ $# -gt 0 ]]; do
-      case $1 in
-        --hostname)
-          hostname=$2
-          shift
-          shift
-          ;;
-        *)
-          echo "unknown option: $1"
-          exit 1
-          ;;
-      esac
-    done
-
-    echo "[I] Formatting disk"
-
-    if [[ -z $device ]]; then
-      echo "[E] No device to install to"
-      exit 1
-    fi
-
-    echo "[I] Using ''${device}"
-
-    parted --script $device mklabel gpt
-    parted --script $device disk_set pmbr_boot on
-
-    parted --script $device mkpart boot 0% 512M
-    parted --script $device set 1 bios_grub on
-
-    parted --script $device mkpart root 512M 100%
-
-    echo "[I] Creating file system"
-
-    mkfs.ext4 -F ''${device}2
-
-    echo "[I] Mount file system"
-
-    mount ''${device}2 /mnt
-
-    echo "[I] Generate NixOS configuration"
-
-    nixfiles-generate-config --root /mnt --hostname ''${hostname}
-
-    sed -i "s~# boot\.loader\.grub\.device = \"/dev/sda\";~boot\.loader\.grub\.device = \"''${device}\";~g" /mnt/etc/nixos/hosts/''${hostname}/configuration.nix
-
-    echo "[I] Install NixOS"
-
-    nixos-install --flake /mnt/etc/nixos#''${hostname} --root /mnt --no-root-password
-  '';
-in {
+{
  imports = [
    (modulesPath + "/installer/cd-dvd/installation-cd-base.nix")
  ];
@ -74,7 +8,7 @@ in {
  networking.hostName = "isowo";
  isoImage.isoBaseName = "nixos-isowo";

-  environment.systemPackages = [
+  environment.systemPackages = with pkgs; [
    nixfiles-auto-install
  ];
 }
--- a/modules/nixfiles/default.nix
+++ b/modules/nixfiles/default.nix
@ -2,16 +2,7 @@

 with lib;

-let
-  nixfiles-generate-config = pkgs.writeShellApplication {
-    name = "nixfiles-generate-config";
-    text = builtins.readFile ./nixfiles-generate-config.sh;
-    runtimeInputs = [
-      pkgs.git
-    ];
-    checkPhase = "";
-  };
-in {
+{
  options.clerie.nixfiles.enable = mkEnableOption "clerie nixfiles tools";
  config = mkIf config.clerie.nixfiles.enable {
    system.nixos-generate-config.configuration = ''
@ -37,7 +28,7 @@ in {
      }
    '';

-    environment.systemPackages = [
+    environment.systemPackages = with pkgs; [
      nixfiles-generate-config
    ];
  };
--- a/pkgs/nixfiles/nixfiles-auto-install.nix
+++ b/pkgs/nixfiles/nixfiles-auto-install.nix
@ -0,0 +1,11 @@
+{ pkgs, ... }:
+
+pkgs.writeShellApplication {
+  name = "nixfiles-auto-install";
+  text = builtins.readFile ./nixfiles-auto-install.sh;
+  runtimeInputs = with pkgs; [
+    git
+    nixfiles-generate-config
+    nixos-install-tools
+  ];
+}
--- a/pkgs/nixfiles/nixfiles-auto-install.sh
+++ b/pkgs/nixfiles/nixfiles-auto-install.sh
@ -0,0 +1,113 @@
+#!/usr/bin/env bash
+
+set -euo pipefail
+
+hostname=""
+device=""
+no_confirm=""
+
+while [[ $# -gt 0 ]]; do
+  case $1 in
+  --hostname)
+    hostname=$2
+    shift
+    shift
+    ;;
+  --device)
+    device=$2
+    shift
+    shift
+    ;;
+  --no-confirm)
+    no_confirm=1
+    shift
+    ;;
+  *)
+    echo "unknown option: $1"
+    exit 1
+    ;;
+  esac
+done
+
+echo ""
+echo "  This is clerie's nixfiles auto install for new hosts"
+echo "  It will do dangerous things like format your disk"
+echo "  So be careful when using it"
+echo ""
+
+if [[ -z $no_confirm ]]; then
+  read -e -r -p "Continue?" confirm
+  echo "$confirm" > /dev/null
+fi
+
+if [[ -z $hostname ]]; then
+  fallback_hostname="host${RANDOM}"
+  read -e -r -p "Hostname [$fallback_hostname]: " hostname
+  if [[ -z $hostname ]]; then
+    hostname=$fallback_hostname
+  fi
+fi
+
+echo "[I] Deploying with hostname ${hostname}"
+
+if [[ -z $device ]]; then
+  device="/dev/sda"
+  while true; do
+    read -e -r -p "Disk [$device]: " dev
+    if [[ -z $dev ]]; then
+      dev=$device
+    fi
+
+    if [[ -b $dev ]]; then
+      device=$dev
+      break
+    else
+      echo "[E] Disk $dev does not exist"
+    fi
+  done
+fi
+
+echo "[I] Deploying on disk ${device}"
+
+if [[ -z $no_confirm ]]; then
+  read -e -r -p "Deploy host?" deploy
+  echo "$deploy" > /dev/null
+fi
+
+echo "[I] Formatting disk"
+
+if [[ ! -b $device ]]; then
+  echo "Disk $device does not exist"
+  exit 1
+fi
+
+echo "[I] Using ${device}"
+
+parted --script "$device" mklabel gpt
+parted --script "$device" disk_set pmbr_boot on
+
+parted --script "$device" mkpart boot 0% 512M
+parted --script "$device" set 1 bios_grub on
+
+parted --script "$device" mkpart root 512M 100%
+
+echo "[I] Creating file system"
+
+mkfs.ext4 -F "${device}2"
+
+echo "[I] Mount file system"
+
+mount "${device}2" /mnt
+
+echo "[I] Generate NixOS configuration"
+
+nixfiles-generate-config --root /mnt --hostname "${hostname}"
+
+sed -i "s~# boot\.loader\.grub\.device = \"/dev/sda\";~boot\.loader\.grub\.device = \"${device}\";~g" "/mnt/etc/nixos/hosts/${hostname}/configuration.nix"
+
+echo "[I] Install NixOS"
+
+export NIX_CONFIG=<(echo "experimental-features = flakes nix-command\nsubstituters = https://nix-cache.clerie.de\ntrusted-public-keys = nix-cache.clerie.de:bAt1GJTS9BOTcXFWj3nURrSlcjqikCev9yDvqArMP5g=\n" )
+
+nixos-install --flake "/mnt/etc/nixos#${hostname}" --root /mnt --no-root-password
+
--- a/pkgs/nixfiles/nixfiles-generate-config.nix
+++ b/pkgs/nixfiles/nixfiles-generate-config.nix
@ -0,0 +1,10 @@
+{ pkgs, ... }:
+
+pkgs.writeShellApplication {
+  name = "nixfiles-generate-config";
+  text = builtins.readFile ./nixfiles-generate-config.sh;
+  runtimeInputs = with pkgs; [
+    git
+  ];
+  checkPhase = "";
+}
--- a/modules/nixfiles/nixfiles-generate-config.sh
+++ b/modules/nixfiles/nixfiles-generate-config.sh
--- a/pkgs/nixfiles/nixfiles-update-ssh-host-keys.sh
+++ b/pkgs/nixfiles/nixfiles-update-ssh-host-keys.sh
@ -4,5 +4,9 @@ cd "$(git rev-parse --show-toplevel)"

 for host in $(nix eval --apply 'attrs: builtins.concatStringsSep "\n" (builtins.filter (name: (builtins.substring 0 1 name) != "_") (builtins.attrNames attrs))' --raw .#clerie.hosts); do
 	echo "$host"
-	ssh-keyscan -t ed25519 "${host}.net.clerie.de" 2>/dev/null | sed -E 's/(\S+) (.+)/\2/g' > "hosts/${host}/ssh.pub"
+	ssh_key=$(ssh-keyscan -t ed25519 "${host}.net.clerie.de" 2>/dev/null | sed -E 's/(\S+) (.+)/\2/g' || true)
+	if [[ -n "$ssh_key" ]]; then
+		echo "$ssh_key"
+		echo "$ssh_key" > "hosts/${host}/ssh.pub"
+	fi
 done
--- a/pkgs/overlay.nix
+++ b/pkgs/overlay.nix
@ -3,7 +3,9 @@ self: super: {
  flask-excel = self.python3.pkgs.callPackage ./flask-excel {};
  iot-data = self.python3.pkgs.callPackage ./iot-data {};
  nixfiles-add-secret = self.callPackage ./nixfiles/nixfiles-add-secret.nix {};
+  nixfiles-auto-install = self.callPackage ./nixfiles/nixfiles-auto-install.nix {};
  nixfiles-generate-backup-secrets = self.callPackage ./nixfiles/nixfiles-generate-backup-secrets.nix {};
+  nixfiles-generate-config = self.callPackage ./nixfiles/nixfiles-generate-config.nix {};
  nixfiles-updated-inputs = self.callPackage ./nixfiles/nixfiles-updated-inputs.nix {};
  nixfiles-update-ssh-host-keys = self.callPackage ./nixfiles/nixfiles-update-ssh-host-keys.nix {};
  pyexcel-xlsx = self.python3.pkgs.callPackage ./pyexcel-xlsx {};