JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

make-disk-image.nix: Use nixos-install again

Browse Source 
Since nixos-install doesn't require any special privileges anymore,
this Just Works. No more need for fakeroot / nixos-prepare-root.
This commit is contained in:
Eelco Dolstra 2018-02-07 19:35:43 +01:00
parent 5d8860b919
commit 9802da517f
No known key found for this signature in database
GPG Key ID: 8170B4726D7198DE
1 changed files with 25 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
nixos/lib/make-disk-image.nix
View File

@ -51,7 +51,7 @@ with lib;
let format' = format; in let let format' = format; in let
format = if (format' == "qcow2-compressed") then "qcow2" else format'; format = if format' == "qcow2-compressed" then "qcow2" else format';
compress = optionalString (format' == "qcow2-compressed") "-c"; compress = optionalString (format' == "qcow2-compressed") "-c";
@ -84,6 +84,7 @@ let format' = format; in let
nixpkgs = cleanSource pkgs.path; nixpkgs = cleanSource pkgs.path;
# FIXME: merge with channel.nix / make-channel.nix.
channelSources = pkgs.runCommand "nixos-${config.system.nixosVersion}" {} '' channelSources = pkgs.runCommand "nixos-${config.system.nixosVersion}" {} ''
mkdir -p $out mkdir -p $out
cp -prd ${nixpkgs} $out/nixos cp -prd ${nixpkgs} $out/nixos
@ -95,13 +96,16 @@ let format' = format; in let
echo -n ${config.system.nixosVersionSuffix} > $out/nixos/.version-suffix echo -n ${config.system.nixosVersionSuffix} > $out/nixos/.version-suffix
''; '';
metaClosure = pkgs.writeText "meta" '' binPath = with pkgs; makeBinPath (
${config.system.build.toplevel} [ rsync
${config.nix.package.out} utillinux
${channelSources} parted
''; e2fsprogs
lkl
prepareImageInputs = with pkgs; [ rsync utillinux parted e2fsprogs lkl fakeroot config.system.build.nixos-prepare-root ] ++ stdenv.initialPath; config.system.build.nixos-install
config.system.build.nixos-enter
nix
] ++ stdenv.initialPath);
# I'm preserving the line below because I'm going to search for it across nixpkgs to consolidate # I'm preserving the line below because I'm going to search for it across nixpkgs to consolidate
# image building logic. The comment right below this now appears in 4 different places in nixpkgs :) # image building logic. The comment right below this now appears in 4 different places in nixpkgs :)
@ -109,8 +113,10 @@ let format' = format; in let
sources = map (x: x.source) contents; sources = map (x: x.source) contents;
targets = map (x: x.target) contents; targets = map (x: x.target) contents;
closureInfo = pkgs.closureInfo { rootPaths = [ config.system.build.toplevel channelSources ]; };
prepareImage = '' prepareImage = ''
export PATH=${makeBinPath prepareImageInputs} export PATH=${binPath}
# Yes, mkfs.ext4 takes different units in different contexts. Fun. # Yes, mkfs.ext4 takes different units in different contexts. Fun.
sectorsToKilobytes() { sectorsToKilobytes() {
@ -168,11 +174,14 @@ let format' = format; in let
fi fi
done done
# TODO: Nix really likes to chown things it creates to its current user... export HOME=$TMPDIR
fakeroot nixos-prepare-root $root ${channelSources} ${config.system.build.toplevel} closure
# fakeroot seems to always give the owner write permissions, which we do not want # Provide a Nix database so that nixos-install can copy closures.
find $root/nix/store -mindepth 1 -maxdepth 1 -type f -o -type d | xargs chmod -R a-w export NIX_STATE_DIR=$TMPDIR/state
nix-store --load-db < ${closureInfo}/registration
echo "running nixos-install..."
nixos-install --root $root --no-bootloader --no-root-passwd --closure ${config.system.build.toplevel} --substituters ""
echo "copying staging root to image..." echo "copying staging root to image..."
cptofs -p ${optionalString (partitionTableType != "none") "-P ${rootPartition}"} -t ${fsType} -i $diskImage $root/* / cptofs -p ${optionalString (partitionTableType != "none") "-P ${rootPartition}"} -t ${fsType} -i $diskImage $root/* /
@ -181,7 +190,6 @@ in pkgs.vmTools.runInLinuxVM (
pkgs.runCommand name pkgs.runCommand name
{ preVM = prepareImage; { preVM = prepareImage;
buildInputs = with pkgs; [ utillinux e2fsprogs dosfstools ]; buildInputs = with pkgs; [ utillinux e2fsprogs dosfstools ];
exportReferencesGraph = [ "closure" metaClosure ];
postVM = '' postVM = ''
${if format == "raw" then '' ${if format == "raw" then ''
mv $diskImage $out/${filename} mv $diskImage $out/${filename}
@ -194,6 +202,8 @@ in pkgs.vmTools.runInLinuxVM (
memSize = 1024; memSize = 1024;
} }
'' ''
export PATH=${binPath}:$PATH
rootDisk=${if partitionTableType != "none" then "/dev/vda${rootPartition}" else "/dev/vda"} rootDisk=${if partitionTableType != "none" then "/dev/vda${rootPartition}" else "/dev/vda"}
# Some tools assume these exist # Some tools assume these exist
@ -218,15 +228,8 @@ in pkgs.vmTools.runInLinuxVM (
cp ${configFile} /mnt/etc/nixos/configuration.nix cp ${configFile} /mnt/etc/nixos/configuration.nix
''} ''}
mount --rbind /dev $mountPoint/dev
mount --rbind /proc $mountPoint/proc
mount --rbind /sys $mountPoint/sys
# Set up core system link, GRUB, etc. # Set up core system link, GRUB, etc.
NIXOS_INSTALL_BOOTLOADER=1 chroot $mountPoint /nix/var/nix/profiles/system/bin/switch-to-configuration boot NIXOS_INSTALL_BOOTLOADER=1 nixos-enter --root $mountPoint -- /nix/var/nix/profiles/system/bin/switch-to-configuration boot
# TODO: figure out if I should activate, but for now I won't
# chroot $mountPoint /nix/var/nix/profiles/system/activate
# The above scripts will generate a random machine-id and we don't want to bake a single ID into all our images # The above scripts will generate a random machine-id and we don't want to bake a single ID into all our images
rm -f $mountPoint/etc/machine-id rm -f $mountPoint/etc/machine-id