forked from pub-solar/os
Merge branch 'main' into feature/ci-runner-onecommit
This commit is contained in:
commit
63435d6e59
|
@ -106,7 +106,6 @@ steps:
|
|||
- nix $$NIX_FLAGS flake check
|
||||
- nix $$NIX_FLAGS build ".#nixosConfigurations.PubSolarOS.config.system.build.toplevel"
|
||||
- nix $$NIX_FLAGS develop --command echo OK
|
||||
- nix $$NIX_FLAGS develop --command bud --help
|
||||
|
||||
---
|
||||
kind: pipeline
|
||||
|
@ -122,8 +121,8 @@ steps:
|
|||
commands:
|
||||
- |
|
||||
nix --print-build-logs --verbose \
|
||||
develop --command \
|
||||
bud build bootstrap bootstrapIso
|
||||
build \
|
||||
'.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'
|
||||
- cp $(readlink -f result)/iso/*.iso /var/nix/iso-cache/
|
||||
|
||||
- name: "Publish ISO"
|
||||
|
@ -158,6 +157,6 @@ volumes:
|
|||
|
||||
---
|
||||
kind: signature
|
||||
hmac: bdbefb07b97dc8efc44d8eb36ee4d1bb89eec3b7255b49929e126e86a4b4a788
|
||||
hmac: da951ba8ede88996728acfb47846e01880eb0e3b91f66e47848d6c1cc727c5d9
|
||||
|
||||
...
|
||||
|
|
|
@ -1,18 +1,13 @@
|
|||
# Pull Requests
|
||||
|
||||
## TL;DR;
|
||||
# TL;DR;
|
||||
- **Target Branch**: `main`
|
||||
- **Merge Policy**: [`bors`][bors] is always right (→ `bors try`)
|
||||
- **Docs**: every changeset is expected to contain doc updates
|
||||
- **Merge Policy**: green check: merge away. yellow circle: have patience. red x: try again.
|
||||
- **Docs**: every change set is expected to contain doc updates
|
||||
- **Commit Msg**: be a poet! Comprehensive and explanatory commit messages
|
||||
should cover the motivation and use case in an easily understandable manner
|
||||
even when read after a few months.
|
||||
- **Test Driven Development**: please default to test driven development where possible.
|
||||
- **Test Driven Development**: please default to test driven development you can
|
||||
make use of the `./examples` & `./e2e` and wire test up in the devshell.
|
||||
|
||||
### Within the Devshell (`nix develop`)
|
||||
- **Hooks**: please `git commit` within the devshell
|
||||
- **Fail Early**: please run from within the devshell on your local machine:
|
||||
- `nix flake check`
|
||||
|
||||
[bors]: https://bors.tech
|
||||
|
||||
- **Fail Early**: please run `check-all` from within the devshell on your local machine
|
||||
|
|
|
@ -3,8 +3,6 @@
|
|||
- [Introduction](../README.md)
|
||||
- [Quick Start](./start/index.md)
|
||||
- [ISO](./start/iso.md)
|
||||
- [Bootstrapping](./start/bootstrapping.md)
|
||||
- [From NixOS](./start/from-nixos.md)
|
||||
- [Key Concepts](./concepts/index.md)
|
||||
- [Hosts](./concepts/hosts.md)
|
||||
- [Overrides](./concepts/overrides.md)
|
||||
|
@ -18,11 +16,16 @@
|
|||
- [Concerns]()
|
||||
- [Secrets](./secrets.md)
|
||||
- [Tests](./tests.md)
|
||||
- [Helper Script – `bud`](./bud/index.md)
|
||||
- [get](./bud/get.md)
|
||||
- [Integrations](./integrations/index.md)
|
||||
- [Cachix](./integrations/cachix.md)
|
||||
- [Deploy RS](./integrations/deploy.md)
|
||||
- [NvFetcher](./integrations/nvfetcher.md)
|
||||
- [Hercules CI](./integrations/hercules.md)
|
||||
- [API Reference](./api-reference.md)
|
||||
- [Channels](./api-reference-channels.md)
|
||||
- [Home](./api-reference-home.md)
|
||||
- [Devshell](./api-reference-devshell.md)
|
||||
- [NixOS](./api-reference-nixos.md)
|
||||
- [Library Reference]()
|
||||
- [Contributing](./CONTRIBUTING.md)
|
||||
|
||||
|
|
91
doc/api-reference-channels.md
Executable file
91
doc/api-reference-channels.md
Executable file
|
@ -0,0 +1,91 @@
|
|||
# Channels API Container
|
||||
Configure your channels that you can use throughout your configurations.
|
||||
|
||||
> #### ⚠ Gotcha ⚠
|
||||
> Devshell & (non-host-specific) Home-Manager `pkgs` instances are rendered off the
|
||||
> `nixos.hostDefaults.channelName` (default) channel.
|
||||
|
||||
|
||||
## channels
|
||||
nixpkgs channels to create
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set of submodules or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## channels.\<name\>.config
|
||||
nixpkgs config for this channel
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## channels.\<name\>.input
|
||||
nixpkgs flake input to use for this channel
|
||||
|
||||
|
||||
*_Type_*:
|
||||
nix flake
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
"self.inputs.<name>"
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## channels.\<name\>.overlays
|
||||
overlays to apply to this channel
|
||||
these will get exported under the 'overlays' flake output
|
||||
as \<channel\>/\<name\> and any overlay pulled from \<inputs\>
|
||||
will be filtered out
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid Nixpkgs overlay or path convertible to its or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## channels.\<name\>.patches
|
||||
patches to apply to this channel
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of paths
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
72
doc/api-reference-devshell.md
Executable file
72
doc/api-reference-devshell.md
Executable file
|
@ -0,0 +1,72 @@
|
|||
# Devshell API Container
|
||||
Configure your devshell module collections of your environment.
|
||||
|
||||
|
||||
## devshell
|
||||
Modules to include in your DevOS shell. the `modules` argument
|
||||
will be exported under the `devshellModules` output
|
||||
|
||||
|
||||
*_Type_*:
|
||||
submodule or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## devshell.exportedModules
|
||||
modules to include in all hosts and export to devshellModules output
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid module or path convertible to its or anything convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## devshell.externalModules
|
||||
The `externalModules` option has been removed.
|
||||
Any modules that should be exported should be defined with the `exportedModules`
|
||||
option and all other modules should just go into the `modules` option.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## devshell.modules
|
||||
modules to include that won't be exported
|
||||
meant importing modules from external flakes
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
119
doc/api-reference-home.md
Executable file
119
doc/api-reference-home.md
Executable file
|
@ -0,0 +1,119 @@
|
|||
# Home-Manager API Container
|
||||
Configure your home manager modules, profiles & suites.
|
||||
|
||||
|
||||
## home
|
||||
hosts, modules, suites, and profiles for home-manager
|
||||
|
||||
|
||||
*_Type_*:
|
||||
submodule or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.exportedModules
|
||||
modules to include in all hosts and export to homeModules output
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.externalModules
|
||||
The `externalModules` option has been removed.
|
||||
Any modules that should be exported should be defined with the `exportedModules`
|
||||
option and all other modules should just go into the `modules` option.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.importables
|
||||
Packages of paths to be passed to modules as `specialArgs`.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.importables.suites
|
||||
collections of profiles
|
||||
|
||||
|
||||
*_Type_*:
|
||||
null or attribute set of list of paths or anything convertible to its or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
null
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.modules
|
||||
modules to include that won't be exported
|
||||
meant importing modules from external flakes
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## home.users
|
||||
HM users that can be deployed portably without a host.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set of HM user configs
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
234
doc/api-reference-nixos.md
Executable file
234
doc/api-reference-nixos.md
Executable file
|
@ -0,0 +1,234 @@
|
|||
# NixOS API Container
|
||||
Configure your nixos modules, profiles & suites.
|
||||
|
||||
|
||||
## nixos
|
||||
hosts, modules, suites, and profiles for NixOS
|
||||
|
||||
|
||||
*_Type_*:
|
||||
submodule or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults
|
||||
Defaults for all hosts.
|
||||
the modules passed under hostDefaults will be exported
|
||||
to the 'nixosModules' flake output.
|
||||
They will also be added to all hosts.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
submodule
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults.channelName
|
||||
Channel this host should follow
|
||||
|
||||
|
||||
*_Type_*:
|
||||
channel defined in `channels`
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults.exportedModules
|
||||
modules to include in all hosts and export to nixosModules output
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults.externalModules
|
||||
The `externalModules` option has been removed.
|
||||
Any modules that should be exported should be defined with the `exportedModules`
|
||||
option and all other modules should just go into the `modules` option.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults.modules
|
||||
modules to include that won't be exported
|
||||
meant importing modules from external flakes
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hostDefaults.system
|
||||
system for this host
|
||||
|
||||
|
||||
*_Type_*:
|
||||
null or system defined in `supportedSystems`
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
null
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hosts
|
||||
configurations to include in the nixosConfigurations output
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set of submodules
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hosts.\<name\>.channelName
|
||||
Channel this host should follow
|
||||
|
||||
|
||||
*_Type_*:
|
||||
null or channel defined in `channels`
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
null
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hosts.\<name\>.modules
|
||||
modules to include
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid modules or anything convertible to it or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hosts.\<name\>.system
|
||||
system for this host
|
||||
|
||||
|
||||
*_Type_*:
|
||||
null or system defined in `supportedSystems`
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
null
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.hosts.\<name\>.tests
|
||||
tests to run
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of valid NixOS test or path convertible to its or anything convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
[]
|
||||
```
|
||||
|
||||
|
||||
*_Example_*
|
||||
```
|
||||
{"_type":"literalExpression","text":"[\n {\n name = \"testname1\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n }\n ({ corutils, writers, ... }: {\n name = \"testname2\";\n machine = { ... };\n testScript = ''\n # ...\n '';\n })\n ./path/to/test.nix\n];\n"}
|
||||
```
|
||||
|
||||
|
||||
## nixos.importables
|
||||
Packages of paths to be passed to modules as `specialArgs`.
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## nixos.importables.suites
|
||||
collections of profiles
|
||||
|
||||
|
||||
*_Type_*:
|
||||
null or attribute set of list of paths or anything convertible to its or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
null
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
80
doc/api-reference.md
Executable file
80
doc/api-reference.md
Executable file
|
@ -0,0 +1,80 @@
|
|||
# Top Level API
|
||||
`digga`'s top level API. API Containers are documented in their respective sub-chapter:
|
||||
|
||||
- [Channels](./api-reference-channels.md)
|
||||
- [Home](./api-reference-home.md)
|
||||
- [Devshell](./api-reference-devshell.md)
|
||||
- [NixOS](./api-reference-nixos.md)
|
||||
- [Darwin](./api-reference-darwin.md)
|
||||
|
||||
## channelsConfig
|
||||
nixpkgs config for all channels
|
||||
|
||||
|
||||
*_Type_*:
|
||||
attribute set or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
{}
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## inputs
|
||||
The flake's inputs
|
||||
|
||||
*_Type_*:
|
||||
attribute set of nix flakes
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## outputsBuilder
|
||||
builder for flake system-spaced outputs
|
||||
The builder gets passed an attrset of all channels
|
||||
|
||||
|
||||
*_Type_*:
|
||||
function that evaluates to a(n) attribute set or path convertible to it
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
"channels: { }"
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
||||
## self
|
||||
The flake to create the DevOS outputs for
|
||||
|
||||
*_Type_*:
|
||||
nix flake
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
## supportedSystems
|
||||
The systems supported by this flake
|
||||
|
||||
|
||||
*_Type_*:
|
||||
list of strings
|
||||
|
||||
|
||||
*_Default_*
|
||||
```
|
||||
["aarch64-linux","aarch64-darwin","i686-linux","x86_64-darwin","x86_64-linux"]
|
||||
```
|
||||
|
||||
|
||||
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
# get
|
||||
The `get` subcommand is useful for getting a bare copy of devos without the
|
||||
git history.
|
||||
|
||||
## Usage
|
||||
```sh
|
||||
bud get DEST-DIR
|
||||
```
|
||||
|
||||
If DEST-DIR is ommitted, it defaults to _./devos_.
|
|
@ -1,24 +0,0 @@
|
|||
# [`bud`][bud] command
|
||||
The template incudes a convenient script for managing your system called [`bud`][bud].
|
||||
|
||||
It is a portable and highly composable system control tool that work anywhere on your host
|
||||
or in the flake's devshell.
|
||||
|
||||
Although it comes with some predefined standard helpers,
|
||||
it is very extensible and you are encouraged to write your own script snippets
|
||||
to ease your workflows. An example is the bud module for a `get` command that
|
||||
comes included with `devos`.
|
||||
|
||||
While writing scripts you can convenientely access smart environment variables
|
||||
that can tell the current architecture, user or host name, among others, regardless
|
||||
wether you invoke `bud` within the devshell or as the system-wide installed `bud`.
|
||||
|
||||
For details, please review the [bud repo][bud].
|
||||
|
||||
## Usage
|
||||
```sh
|
||||
bud help
|
||||
```
|
||||
|
||||
|
||||
[bud]: https://github.com/divnix/bud
|
|
@ -49,19 +49,18 @@ argument that gets passed to your home-manager users.
|
|||
|
||||
## External Usage
|
||||
You can easily use the defined home-manager configurations outside of NixOS
|
||||
using the `homeConfigurations` flake output. The [bud](../bud/index.md) helper
|
||||
script makes this even easier.
|
||||
using the `homeConfigurations` flake output.
|
||||
|
||||
This is great for keeping your environment consistent across Unix systems,
|
||||
including OSX.
|
||||
This is great for keeping your environment consistent across Unix-like systems,
|
||||
including macOS.
|
||||
|
||||
### From within the projects devshell:
|
||||
```sh
|
||||
# builds the nixos user defined in the NixOS host
|
||||
bud home NixOS nixos
|
||||
# builds the pub-solar user defined in the PubSolarOS host
|
||||
nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage'
|
||||
|
||||
# build and activate
|
||||
bud home NixOS nixos switch
|
||||
nix build '.#homeConfigurations."pub-solar@PubSolarOS".activationPackage' && ./result/activate && unlink result
|
||||
```
|
||||
|
||||
### Manually from outside the project:
|
||||
|
|
|
@ -1,102 +0,0 @@
|
|||
# Bootstrapping
|
||||
|
||||
This will help you boostrap a bare host with the help of the
|
||||
[bespoke iso](./iso.md) live installer.
|
||||
|
||||
_Note: nothing prevents you from remotely executing the boostrapping
|
||||
process. See below._
|
||||
|
||||
Once your target host has booted into the live iso, you need to partition
|
||||
and format your disk according to the [official manual][manual].
|
||||
|
||||
## Mount partitions
|
||||
|
||||
Then properly mount the formatted partitions at `/mnt`, so that you can
|
||||
install your system to those new partitions.
|
||||
|
||||
Mount `nixos` partition to `/mnt` and — for UEFI — `boot`
|
||||
partition to `/mnt/boot`:
|
||||
|
||||
```console
|
||||
$ mount /dev/disk/by-label/nixos /mnt
|
||||
$ mkdir -p /mnt/boot && mount /dev/disk/by-label/boot /mnt/boot # UEFI only
|
||||
$ swapon /dev/disk/by-label/swap
|
||||
```
|
||||
|
||||
Add some extra space to the store. In the iso, it's running on a tmpfs
|
||||
off your RAM:
|
||||
```console
|
||||
$ mkdir -p /mnt/tmpstore/{work,store}
|
||||
$ mount -t overlay overlay -olowerdir=/nix/store,upperdir=/mnt/tmpstore/store,workdir=/mnt/tmpstore/work /nix/store
|
||||
```
|
||||
|
||||
## Install
|
||||
|
||||
Install off of a copy of devos from the time the iso was built:
|
||||
|
||||
```console
|
||||
$ cd /iso/devos
|
||||
$ nixos-install --flake .#NixOS
|
||||
```
|
||||
|
||||
## Notes of interest
|
||||
|
||||
### Remote access to the live installer
|
||||
|
||||
The iso live installer comes preconfigured with a network configuration
|
||||
which announces it's hostname via [MulticastDNS][mDNS] as `hostname.local`,
|
||||
that is `bootstrap.local` in the [iso example](./iso).
|
||||
|
||||
In the rare case that [MulticastDNS][mDNS] is not availabe or turned off
|
||||
in your network, there is a static link-local IPv6 address configured to
|
||||
`fe80::47`(mnemonic from the letter's position in the english alphabet:
|
||||
`n=14 i=9 x=24; 47 = n+i+x`).
|
||||
|
||||
Provided that you have added your public key to the authorized keys of the
|
||||
`root` user _(hint: [`deploy-rs`](../integrations/deploy.md) needs passwordless
|
||||
sudo access)_:
|
||||
|
||||
```nix
|
||||
{ ... }:
|
||||
{
|
||||
users.users.root.openssh.authorizedKeys.keyFiles = [
|
||||
../secrets/path/to/key.pub
|
||||
];
|
||||
}
|
||||
```
|
||||
|
||||
You can then ssh into the live installer through one of the
|
||||
following options:
|
||||
|
||||
```console
|
||||
ssh root@bootstrap.local
|
||||
|
||||
ssh root@fe80::47%eno1 # where eno1 is your network interface on which you are linked to the target
|
||||
```
|
||||
|
||||
_Note: the [static link-local IPv6 address][staticLLA] and [MulticastDNS][mDNS] is only
|
||||
configured on the live installer. If you wish to enable [MulticastDNS][mDNS]
|
||||
for your environment, you ought to configure that in a regular [profile](../concepts/profiles.md)._
|
||||
|
||||
### EUI-64 LLA & Host Identity
|
||||
|
||||
The iso's IPv6 Link Local Address (LLA) is configured with a static 64-bit Extended
|
||||
Unique Identifiers (EUI-64) that is derived from the host interface's Message
|
||||
Authentication Code (MAC) address.
|
||||
|
||||
After a little while (a few seconds), you can remotely discover this unique and host
|
||||
specific address over [NDP][NDP] for example with:
|
||||
|
||||
```console
|
||||
ip -6 neigh show # also shows fe80::47
|
||||
```
|
||||
|
||||
***This LLA is stable for the host, unless you need to swap that particular network card.***
|
||||
Under this reservation, though, you may use this EUI-64 to wire up a specific
|
||||
(cryptographic) host identity.
|
||||
|
||||
|
||||
[manual]: https://nixos.org/manual/nixos/stable/index.html#sec-installation-partitioning
|
||||
[mDNS]: https://en.wikipedia.org/wiki/Multicast_DNS
|
||||
[NDP]: https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol
|
||||
[staticLLA]: https://tools.ietf.org/html/rfc7404
|
|
@ -1,51 +0,0 @@
|
|||
# From NixOS
|
||||
|
||||
## Generate Configuration
|
||||
Assuming you're happy with your existing partition layout, you can generate a
|
||||
basic NixOS configuration for your system using:
|
||||
```sh
|
||||
bud up
|
||||
```
|
||||
|
||||
This will make a new file `hosts/up-$(hostname).nix`, which you can edit to
|
||||
your liking.
|
||||
|
||||
You must then add a host to `nixos.hosts` in flake.nix:
|
||||
```nix
|
||||
{
|
||||
nixos.hosts = {
|
||||
modules = hosts/NixOS.nix;
|
||||
};
|
||||
}
|
||||
```
|
||||
|
||||
Make sure your `i18n.defaultLocale` and `time.timeZone` are set properly for
|
||||
your region. Keep in mind that `networking.hostName` will be automatically
|
||||
set to the name of your host;
|
||||
|
||||
Now might be a good time to read the docs on [suites](../concepts/suites.md) and
|
||||
[profiles](../concepts/profiles.md) and add or create any that you need.
|
||||
|
||||
> ##### _Note:_
|
||||
> While the `up` sub-command is provided as a convenience to quickly set up and
|
||||
> install a "fresh" NixOS system on current hardware, committing these files is
|
||||
> discouraged.
|
||||
>
|
||||
> They are placed in the git staging area automatically because they would be
|
||||
> invisible to the flake otherwise, but it is best to move what you need from
|
||||
> them directly into a host module of your own making, and commit that instead.
|
||||
# Installation
|
||||
|
||||
Once you're ready to deploy `hosts/my-host.nix`:
|
||||
```sh
|
||||
bud my-host switch
|
||||
```
|
||||
|
||||
|
||||
This calls `nixos-rebuild` with sudo to build and install your configuration.
|
||||
|
||||
> ##### _Notes:_
|
||||
> - Instead of `switch`, you can pass `build`, `test`, `boot`, etc just as with
|
||||
> `nixos-rebuild`.
|
||||
|
||||
|
|
@ -2,25 +2,35 @@
|
|||
The only dependency is nix, so make sure you have it [installed][install-nix].
|
||||
|
||||
## Get the Template
|
||||
Here is a snippet that will get you the template without the git history:
|
||||
If you currently don't have flakes setup, you can utilize the digga shell to pull the template:
|
||||
```sh
|
||||
nix-shell -p cachix --run "cachix use nrdxp"
|
||||
|
||||
nix-shell https://github.com/divnix/devos/archive/main.tar.gz -A shell \
|
||||
--run "bud get main"
|
||||
|
||||
cd devos
|
||||
|
||||
nix-shell
|
||||
nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \
|
||||
--run "nix flake init -t github:divnix/digga"
|
||||
```
|
||||
If you already have flakes support, you can directly pull the template:
|
||||
```sh
|
||||
nix flake init -t github:divnix/digga
|
||||
```
|
||||
|
||||
Then make sure to create the git repository:
|
||||
```sh
|
||||
git init
|
||||
git add .
|
||||
git commit -m init
|
||||
```
|
||||
|
||||
This will place you in a new folder named `devos` with git initialized, and a
|
||||
nix-shell that provides all the dependencies, including the unstable nix
|
||||
version required.
|
||||
To drop into a nix-shell, if you don't have flakes setup, use the digga shell to create a `flake.lock`:
|
||||
```sh
|
||||
nix-shell "https://github.com/divnix/digga/archive/main.tar.gz" \
|
||||
--run "nix flake lock"
|
||||
```
|
||||
Or if you do have flakes support, just run:
|
||||
```sh
|
||||
nix flake lock
|
||||
```
|
||||
|
||||
Finally, run `nix-shell` to get to an interactive shell with all the dependencies, including the unstable nix
|
||||
version required. You can run `menu` to confirm that you are using digga (expected output includes [docs], [general commands], [linter], etc.).
|
||||
|
||||
In addition, the [binary cache](../integrations/cachix.md) is added for faster deployment.
|
||||
|
||||
|
@ -33,9 +43,8 @@ In addition, the [binary cache](../integrations/cachix.md) is added for faster d
|
|||
> you can try with sudo: `sudo nix-shell -p cachix --run "cachix use nrdxp"`
|
||||
|
||||
## Next Steps:
|
||||
|
||||
- [Make installable ISO](./iso.md)
|
||||
- [Bootstrap Host](./bootstrapping.md)
|
||||
- [Already on NixOS](./from-nixos.md)
|
||||
|
||||
|
||||
[install-nix]: https://nixos.org/manual/nix/stable/#sect-multi-user-installation
|
||||
|
|
|
@ -1,22 +1,36 @@
|
|||
# ISO
|
||||
# Installation Media
|
||||
|
||||
This project leverages [nix-community/nixos-generators][nixos-generators] for
|
||||
building machine images. In most cases, you'll probably want to use the
|
||||
`install-iso` format.
|
||||
|
||||
Making an installable ISO for `hosts/bootstrap.nix` is as simple as:
|
||||
|
||||
Making and writing an installable iso for `hosts/bootstrap.nix` is as simple as:
|
||||
```sh
|
||||
bud build bootstrap bootstrapIso
|
||||
sudo -E $(which bud) burn
|
||||
nix run github:nix-community/nixos-generators -- \
|
||||
--format install-iso \
|
||||
--flake '.#bootstrap'
|
||||
```
|
||||
|
||||
This works for any host.
|
||||
Then "burn" the ISO to your USB stick (or CD-R if you like!) following the
|
||||
[instructions in the NixOS manual][burn] (or using your preferred USB burner).
|
||||
|
||||
## ISO image nix store & cache
|
||||
You can also swap out the `--format` for [any of the others][formats] supported
|
||||
by nixos-generators.
|
||||
|
||||
The iso image holds the store to the live environment and _also_ acts as a binary cache
|
||||
to the installer. To considerably speed up things, the image already includes all flake
|
||||
`inputs` as well as the `devshell` closures.
|
||||
Continue by following the usual installation instructions in the NixOS manual.
|
||||
|
||||
While you _could_ provision any machine with a single stick, a custom-made iso for
|
||||
the host you want to install DevOS to, maximises those local cache hits.
|
||||
## ISO Nix Store and Cache
|
||||
|
||||
For hosts that don't differ too much, a single usb stick might be ok, whereas when
|
||||
there are bigger differences, a custom-made usb stick will be considerably faster.
|
||||
The ISO image holds the Nix store for the live environment and _also_ acts as a
|
||||
binary cache to the installer. To considerably speed things up, the image
|
||||
already includes all flake `inputs` as well as the `devshell` closures.
|
||||
|
||||
While you _could_ provision any NixOS machine with the same USB stick, an ISO
|
||||
custom-made for your target host will maximise those local cache hits. For hosts
|
||||
that don't differ too much, a single USB stick might be ok, whereas when there
|
||||
are bigger differences, a custom-made USB stick will be considerably faster.
|
||||
|
||||
[nixos-generators]: https://github.com/nix-community/nixos-generators
|
||||
[burn]: https://nixos.org/manual/nixos/stable/index.html#sec-booting-from-usb
|
||||
[formats]: https://github.com/nix-community/nixos-generators/tree/master/formats
|
||||
|
|
128
flake.lock
128
flake.lock
|
@ -20,26 +20,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"beautysh": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"poetry2nix": "poetry2nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1641830469,
|
||||
"narHash": "sha256-uhDmgNP/biOWe4FtOa6c2xZnREH+NP9rdrMm0LccRUk=",
|
||||
"owner": "lovesegfault",
|
||||
"repo": "beautysh",
|
||||
"rev": "e85d9736927c0fcf2abb05cb3a2d8d9b4502a2eb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "lovesegfault",
|
||||
"repo": "beautysh",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"blank": {
|
||||
"locked": {
|
||||
"lastModified": 1625557891,
|
||||
|
@ -55,31 +35,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"bud": {
|
||||
"inputs": {
|
||||
"beautysh": "beautysh",
|
||||
"devshell": [
|
||||
"digga",
|
||||
"devshell"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1654190822,
|
||||
"narHash": "sha256-B8z3stYaULNDBBjzJHrFHGgiJHrLqhBkxH+9u5iBP7E=",
|
||||
"owner": "divnix",
|
||||
"repo": "bud",
|
||||
"rev": "0ff3e4e4b8791ea4d827bf5bfcac28cef060f209",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "divnix",
|
||||
"repo": "bud",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"darwin": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
|
@ -145,7 +100,7 @@
|
|||
},
|
||||
"devshell": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_2",
|
||||
"flake-utils": "flake-utils",
|
||||
"nixpkgs": [
|
||||
"digga",
|
||||
"nixpkgs"
|
||||
|
@ -251,11 +206,11 @@
|
|||
},
|
||||
"flake-utils": {
|
||||
"locked": {
|
||||
"lastModified": 1631561581,
|
||||
"narHash": "sha256-3VQMV5zvxaVLvqqUrNz3iJelLw30mIVSfZmAaauM3dA=",
|
||||
"lastModified": 1642700792,
|
||||
"narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "7e5bf3925f6fbdfaf50a2a7ca0be2879c4261d19",
|
||||
"rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -266,7 +221,7 @@
|
|||
},
|
||||
"flake-utils-plus": {
|
||||
"inputs": {
|
||||
"flake-utils": "flake-utils_3"
|
||||
"flake-utils": "flake-utils_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1654029967,
|
||||
|
@ -284,21 +239,6 @@
|
|||
}
|
||||
},
|
||||
"flake-utils_2": {
|
||||
"locked": {
|
||||
"lastModified": 1642700792,
|
||||
"narHash": "sha256-XqHrk7hFb+zBvRg6Ghl+AZDq03ov6OshJLiSWOoX5es=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "846b2ae0fc4cc943637d3d1def4454213e203cba",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_3": {
|
||||
"locked": {
|
||||
"lastModified": 1644229661,
|
||||
"narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=",
|
||||
|
@ -313,7 +253,7 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"flake-utils_4": {
|
||||
"flake-utils_3": {
|
||||
"locked": {
|
||||
"lastModified": 1649676176,
|
||||
"narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
|
||||
|
@ -435,7 +375,7 @@
|
|||
"nixos-generators": {
|
||||
"inputs": {
|
||||
"nixlib": "nixlib",
|
||||
"nixpkgs": "nixpkgs_2"
|
||||
"nixpkgs": "nixpkgs"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1657748715,
|
||||
|
@ -468,16 +408,16 @@
|
|||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1633971123,
|
||||
"narHash": "sha256-WmI4NbH1IPGFWVkuBkKoYgOnxgwSfWDgdZplJlQ93vA=",
|
||||
"lastModified": 1637186689,
|
||||
"narHash": "sha256-NU7BhgnwA/3ibmCeSzFK6xGi+Bari9mPfn+4cBmyEjw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "e4ef597edfd8a0ba5f12362932fc9b1dd01a0aef",
|
||||
"rev": "7fad01d9d5a3f82081c00fb57918d64145dc904c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable-small",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -498,22 +438,6 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1637186689,
|
||||
"narHash": "sha256-NU7BhgnwA/3ibmCeSzFK6xGi+Bari9mPfn+4cBmyEjw=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "7fad01d9d5a3f82081c00fb57918d64145dc904c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixpkgs-unstable",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 0,
|
||||
|
@ -529,7 +453,7 @@
|
|||
"nvfetcher": {
|
||||
"inputs": {
|
||||
"flake-compat": "flake-compat_3",
|
||||
"flake-utils": "flake-utils_4",
|
||||
"flake-utils": "flake-utils_3",
|
||||
"nixpkgs": [
|
||||
"nixos"
|
||||
]
|
||||
|
@ -548,37 +472,9 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"poetry2nix": {
|
||||
"inputs": {
|
||||
"flake-utils": [
|
||||
"bud",
|
||||
"beautysh",
|
||||
"flake-utils"
|
||||
],
|
||||
"nixpkgs": [
|
||||
"bud",
|
||||
"beautysh",
|
||||
"nixpkgs"
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1633382856,
|
||||
"narHash": "sha256-hYlet806M9xJj4yxf0g5fhDT2IEUVIMAl7sqIeZ8DUM=",
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"rev": "705cbfa10e3d9bfed2e59e0256844ae3704dbd7e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "poetry2nix",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"agenix": "agenix",
|
||||
"bud": "bud",
|
||||
"darwin": "darwin",
|
||||
"deploy": "deploy",
|
||||
"digga": "digga",
|
||||
|
|
|
@ -17,10 +17,6 @@
|
|||
digga.inputs.home-manager.follows = "home";
|
||||
digga.inputs.deploy.follows = "deploy";
|
||||
|
||||
bud.url = "github:divnix/bud";
|
||||
bud.inputs.nixpkgs.follows = "nixos";
|
||||
bud.inputs.devshell.follows = "digga/devshell";
|
||||
|
||||
home.url = "github:nix-community/home-manager/release-22.05";
|
||||
home.inputs.nixpkgs.follows = "nixos";
|
||||
|
||||
|
@ -47,7 +43,6 @@
|
|||
outputs =
|
||||
{ self
|
||||
, digga
|
||||
, bud
|
||||
, nixos
|
||||
, home
|
||||
, nixos-hardware
|
||||
|
@ -101,7 +96,6 @@
|
|||
digga.nixosModules.nixConfig
|
||||
home.nixosModules.home-manager
|
||||
agenix.nixosModules.age
|
||||
bud.nixosModules.bud
|
||||
];
|
||||
};
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
{ profiles, ... }:
|
||||
{
|
||||
# build with: `bud build bootstrap bootstrapIso`
|
||||
# build with: `nix build '.#nixosConfigurations.bootstrap.config.system.build.bootstrapIso'`
|
||||
# reachable on the local link via ssh root@fe80::47%eno1
|
||||
# where 'eno1' is replaced by your own machine's network
|
||||
# interface that has the local link to the target machine
|
||||
|
|
|
@ -28,10 +28,14 @@ in
|
|||
|
||||
config = {
|
||||
pub-solar = {
|
||||
terminal-life.enable = true;
|
||||
audio.enable = lib.mkIf (!cfg.lite) true;
|
||||
crypto.enable = lib.mkIf (!cfg.lite) true;
|
||||
devops.enable = lib.mkIf (!cfg.lite) true;
|
||||
|
||||
terminal-life = {
|
||||
enable = true;
|
||||
lite = cfg.lite;
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -7,6 +7,14 @@ in
|
|||
{
|
||||
options.pub-solar.terminal-life = {
|
||||
enable = mkEnableOption "Life in black and white";
|
||||
|
||||
lite = mkOption {
|
||||
description = ''
|
||||
Enable a lite edition of terminal-life with less modules and a reduced package set.
|
||||
'';
|
||||
default = false;
|
||||
type = types.bool;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
{ config, pkgs, ... }:
|
||||
let
|
||||
psCfg = config.pub-solar;
|
||||
cfg = config.pub-solar.terminal-life;
|
||||
xdg = config.home-manager.users."${psCfg.user.name}".xdg;
|
||||
|
||||
preview-file = pkgs.writeShellScriptBin "preview-file" (import ./preview-file.nix pkgs);
|
||||
|
@ -76,7 +77,7 @@ in
|
|||
withRuby = true;
|
||||
withPython3 = true;
|
||||
|
||||
extraPackages = with pkgs; [
|
||||
extraPackages = with pkgs; lib.mkIf (!cfg.lite) [
|
||||
ccls
|
||||
gopls
|
||||
nodejs
|
||||
|
|
|
@ -8,6 +8,7 @@ channels: final: prev: {
|
|||
discord
|
||||
element-desktop
|
||||
rage
|
||||
nix-index
|
||||
nixpkgs-fmt
|
||||
qutebrowser
|
||||
signal-desktop
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
{ self, inputs, ... }:
|
||||
{
|
||||
modules = with inputs; [
|
||||
bud.devshellModules.bud
|
||||
];
|
||||
exportedModules = [
|
||||
./devos.nix
|
||||
|
|
|
@ -1,12 +1,22 @@
|
|||
{ pkgs, extraModulesPath, inputs, ... }:
|
||||
{ pkgs, extraModulesPath, inputs, lib, ... }:
|
||||
let
|
||||
|
||||
inherit (pkgs)
|
||||
agenix
|
||||
cachix
|
||||
editorconfig-checker
|
||||
mdbook
|
||||
nixUnstable
|
||||
nixpkgs-fmt
|
||||
nvfetcher
|
||||
;
|
||||
|
||||
hooks = import ./hooks;
|
||||
|
||||
pkgWithCategory = category: package: { inherit package category; };
|
||||
devos = pkgWithCategory "devos";
|
||||
linter = pkgWithCategory "linter";
|
||||
docs = pkgWithCategory "docs";
|
||||
devos = pkgWithCategory "devos";
|
||||
|
||||
in
|
||||
{
|
||||
|
@ -44,15 +54,15 @@ in
|
|||
}
|
||||
(linter nixpkgs-fmt)
|
||||
(linter editorconfig-checker)
|
||||
# (docs python3Packages.grip) too many deps
|
||||
|
||||
(docs mdbook)
|
||||
]
|
||||
++ lib.optionals (!pkgs.stdenv.buildPlatform.isi686) [
|
||||
(devos cachix)
|
||||
]
|
||||
++ lib.optionals (pkgs.stdenv.hostPlatform.isLinux && !pkgs.stdenv.buildPlatform.isDarwin) [
|
||||
(devos inputs.nixos-generators.defaultPackage.${pkgs.system})
|
||||
(devos deploy-rs)
|
||||
]
|
||||
++ lib.optional
|
||||
(system != "i686-linux")
|
||||
(devos cachix)
|
||||
++ lib.optional
|
||||
(system != "aarch64-darwin")
|
||||
(devos inputs.nixos-generators.defaultPackage.${pkgs.system})
|
||||
;
|
||||
}
|
||||
|
|
|
@ -14,13 +14,16 @@ nix_files=($($diff -- '*.nix'))
|
|||
all_files=($($diff))
|
||||
|
||||
# Format staged nix files.
|
||||
if [[ -n "${nix_files[@]}" ]]; then
|
||||
if (( ${#nix_files[@]} != 0 )); then
|
||||
nixpkgs-fmt "${nix_files[@]}" \
|
||||
&& git add "${nix_files[@]}"
|
||||
fi
|
||||
|
||||
# check editorconfig
|
||||
editorconfig-checker -- "${all_files[@]}"
|
||||
if (( ${#all_files[@]} != 0 )); then
|
||||
editorconfig-checker -- "${all_files[@]}"
|
||||
fi
|
||||
|
||||
if [[ $? != '0' ]]; then
|
||||
printf "%b\n" \
|
||||
"\nCode is not aligned with .editorconfig" \
|
||||
|
|
Loading…
Reference in a new issue