From db716d192192beb206a320a4c7e38e0596f7571c Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 18 Mar 2021 20:58:55 -0500 Subject: [PATCH 1/5] lib: ensure path type in mkProfileAttrs This is required so that filtering via lib.remove works against modules.core and similar which are of path type. It is also a prerequisite for disabledModules to match by module.key instead of path string relative to nixpkgs' modulePath. --- lib/devos/mkProfileAttrs.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/devos/mkProfileAttrs.nix b/lib/devos/mkProfileAttrs.nix index 214df261..b502629b 100644 --- a/lib/devos/mkProfileAttrs.nix +++ b/lib/devos/mkProfileAttrs.nix @@ -27,7 +27,7 @@ let mkProfileAttrs = f = n: _: lib.optionalAttrs (lib.pathExists "${dir}/${n}/default.nix") - { default = "${dir}/${n}"; } + { default = /. + "${dir}/${n}"; } // mkProfileAttrs "${dir}/${n}"; in lib.mapAttrs f imports; From 15cf15b3ed56c801d44d4b07a27907536cc01e72 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 18 Mar 2021 17:41:22 -0500 Subject: [PATCH 2/5] iso: filter out al profiles (except core) IN order to avoid random startup of systemd services, filter out all profiles, except for core and user profiles. This works becasue of a fundamental devos contract, that modules only define configuration, but don't implement them and profiles only implement confguration but don't define them. So only ever an activated profile is expected to effectively start up a systemd service. closes: #194 --- lib/devos/devosSystem.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/devos/devosSystem.nix b/lib/devos/devosSystem.nix index 05a6dcff..524a533d 100644 --- a/lib/devos/devosSystem.nix +++ b/lib/devos/devosSystem.nix @@ -12,7 +12,11 @@ lib.nixosSystem (args // { (args // { modules = moduleList ++ [ "${nixos}/${modpath}/${cd}" - ({ config, ... }: { + ({ config, suites, ... }: { + + # avoid unwanted systemd service startups + disabledModules = lib.remove modules.core suites.allProfiles; + isoImage.isoBaseName = "nixos-" + config.networking.hostName; isoImage.contents = [{ source = self; From 435847823fac76f0f2df067893bdc2443780244a Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 18 Mar 2021 17:42:17 -0500 Subject: [PATCH 3/5] style / organization --- lib/devos/devosSystem.nix | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/lib/devos/devosSystem.nix b/lib/devos/devosSystem.nix index 524a533d..be9de4f3 100644 --- a/lib/devos/devosSystem.nix +++ b/lib/devos/devosSystem.nix @@ -6,31 +6,35 @@ lib.nixosSystem (args // { let moduleList = builtins.attrValues modules; modpath = "nixos/modules"; - cd = "installer/cd-dvd/installation-cd-minimal-new-kernel.nix"; isoConfig = (lib.nixosSystem (args // { modules = moduleList ++ [ - "${nixos}/${modpath}/${cd}" + + "${nixos}/${modpath}/installer/cd-dvd/installation-cd-minimal-new-kernel.nix" + ({ config, suites, ... }: { # avoid unwanted systemd service startups disabledModules = lib.remove modules.core suites.allProfiles; + nix.registry = lib.mapAttrs (n: v: { flake = v; }) inputs; + isoImage.isoBaseName = "nixos-" + config.networking.hostName; isoImage.contents = [{ source = self; target = "/devos/"; }]; - nix.registry = lib.mapAttrs (n: v: { flake = v; }) inputs; isoImage.storeContents = [ self.devShell.${config.nixpkgs.system} ]; + # confilcts with networking.wireless which might be slightly # more useful on a stick networking.networkmanager.enable = lib.mkForce false; # confilcts with networking.wireless networking.wireless.iwd.enable = lib.mkForce false; + # Set up a link-local boostrap network # See also: https://github.com/NixOS/nixpkgs/issues/75515#issuecomment-571661659 networking.usePredictableInterfaceNames = lib.mkForce true; # so prefix matching works From 007447652b387fa32fad9129db58809d4f534c4d Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 18 Mar 2021 15:58:01 -0500 Subject: [PATCH 4/5] iso: add back complete host profile to the nix store This ensures that all builds of activated profiles are included into the iso cache and don't require rebuilding within the live installer environment. --- lib/devos/devosSystem.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/lib/devos/devosSystem.nix b/lib/devos/devosSystem.nix index be9de4f3..832cdb40 100644 --- a/lib/devos/devosSystem.nix +++ b/lib/devos/devosSystem.nix @@ -7,6 +7,8 @@ lib.nixosSystem (args // { moduleList = builtins.attrValues modules; modpath = "nixos/modules"; + fullHostConfig = (lib.nixosSystem (args // { modules = moduleList; })).config; + isoConfig = (lib.nixosSystem (args // { modules = moduleList ++ [ @@ -27,6 +29,9 @@ lib.nixosSystem (args // { }]; isoImage.storeContents = [ self.devShell.${config.nixpkgs.system} + # include also closures that are "switched off" by the + # above profile filter on the local config attribute + fullHostConfig.system.build.toplevel ]; # confilcts with networking.wireless which might be slightly From 49b1ad8227d0884a628e90468fe362a740c1bd95 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Thu, 18 Mar 2021 23:17:58 -0500 Subject: [PATCH 5/5] iso: ensure tools of deactivated profiles are still available This is just for convenience, since the closuers are already in the store. It might be helpful to be able to test out some things of those deactivated profiles een on the iso isntaller. --- lib/devos/devosSystem.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/devos/devosSystem.nix b/lib/devos/devosSystem.nix index 832cdb40..f8d08f97 100644 --- a/lib/devos/devosSystem.nix +++ b/lib/devos/devosSystem.nix @@ -33,6 +33,8 @@ lib.nixosSystem (args // { # above profile filter on the local config attribute fullHostConfig.system.build.toplevel ]; + # still pull in tools of deactivated profiles + environment.systemPackages = fullHostConfig.environment.systemPackages; # confilcts with networking.wireless which might be slightly # more useful on a stick