nixfiles/nixos/modules/build.nix

{ lib, pkgs, extendModules, modulesPath, options, config, ... }:
let
  inherit (lib) recursiveUpdate mkOption mkDefault mkIf mkMerge mkForce flatten optional;
  inherit (lib.my) mkBoolOpt' dummyOption;

  cfg = config.my.build;

  allHardware = (optional config.my.build.allHardware { imports = [ "${modulesPath}/profiles/all-hardware.nix" ]; });

  asDevVM = extendModules {
    modules = [
      "${modulesPath}/virtualisation/qemu-vm.nix"
      { my.build.isDevVM = true; }
    ];
  };
  asISO = extendModules {
    modules = flatten [
      "${modulesPath}/installer/cd-dvd/iso-image.nix"
      allHardware
      {
        # Doesn't work right now... (missing /dev/root)
        boot.initrd.systemd.enable = false;

        isoImage = {
          makeEfiBootable = true;
          makeUsbBootable = true;
          # Not necessarily an installer
          appendToMenuLabel = mkDefault "";

          squashfsCompression = "zstd -Xcompression-level 8";
        };
      }
    ];
  };
  asContainer = extendModules {
    modules = [
      {
        boot.isContainer = true;
      }
    ];
  };
  asKexecTree = extendModules {
    modules = flatten [
      "${modulesPath}/installer/netboot/netboot.nix"
      allHardware
    ];
  };

  asNetboot = extendModules {
    modules = flatten [
      allHardware
      ({ pkgs, config, ... }: {
        boot = {
          loader.grub.enable = false;
          initrd = {
            kernelModules = [ "nbd" ];
            availableKernelModules = [ "igb" "igc" ];

            systemd = {
              storePaths = with pkgs; [
                gnused
                nbd
                netcat
              ];
              extraBin = with pkgs; {
                dmesg = "${util-linux}/bin/dmesg";
                ip = "${iproute2}/bin/ip";
                nbd-client = "${nbd}/bin/nbd-client";
              };
              extraConfig = ''
                DefaultTimeoutStartSec=20
                DefaultDeviceTimeoutSec=20
              '';

              network = {
                enable = true;
                wait-online.enable = true;

                networks."10-netboot" = {
                  matchConfig.Name = "et-boot";
                  DHCP = "yes";
                };
              };

              services = {
                nbd = {
                  description = "NBD Root FS";

                  script = ''
                    get_cmdline() {
                      ${pkgs.gnused}/bin/sed -rn "s/^.*$1=(\\S+).*\$/\\1/p" < /proc/cmdline
                    }

                    s="$(get_cmdline nbd_server)"
                    until ${pkgs.netcat}/bin/nc -zv "$s" 22; do
                      sleep 0.1
                    done

                    exec ${pkgs.nbd}/bin/nbd-client -systemd-mark -N "$(get_cmdline nbd_export)" "$s" /dev/nbd0
                  '';
                  unitConfig = {
                    IgnoreOnIsolate = "yes";
                    DefaultDependencies = "no";
                  };
                  serviceConfig = {
                    Type = "forking";
                    Restart = "on-failure";
                    RestartSec = 10;
                  };

                  wantedBy = [ "initrd-root-device.target" ];
                };
              };
            };
          };

          postBootCommands = ''
            # After booting, register the contents of the Nix store
            # in the Nix database in the COW root.
            ${config.nix.package}/bin/nix-store --load-db < /nix-path-registration

            # nixos-rebuild also requires a "system" profile and an
            # /etc/NIXOS tag.
            touch /etc/NIXOS
            ${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system
          '';
        };

        programs.nbd.enable = true;

        fileSystems = {
          "/" = {
            fsType = "ext4";
            device = "/dev/nbd0";
            noCheck = true;
            autoResize = true;
          };
        };

        networking.useNetworkd = mkForce true;

        systemd = {
          network.networks."10-boot" = {
            matchConfig.Name = "et-boot";
            DHCP = "yes";
            networkConfig.KeepConfiguration = "yes";
          };
        };

        system.build = {
          rootImage = pkgs.callPackage "${modulesPath}/../lib/make-ext4-fs.nix" {
            storePaths = [ config.system.build.toplevel ];
            volumeLabel = "netboot-root";
          };
          netbootScript = pkgs.writeText "boot.ipxe" ''
            #!ipxe
            kernel ${pkgs.stdenv.hostPlatform.linux-kernel.target} init=${config.system.build.toplevel}/init initrd=initrd ifname=et-boot:''${mac} nbd_server=''${next-server} ${toString config.boot.kernelParams} ''${cmdline}
            initrd initrd
            boot
          '';

          netbootTree = pkgs.linkFarm "netboot-${config.system.name}" [
            {
              name = config.system.boot.loader.kernelFile;
              path = "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}";
            }
            {
              name = "initrd";
              path = "${config.system.build.initialRamdisk}/initrd";
            }
            {
              name = "rootfs.ext4";
              path = config.system.build.rootImage;
            }
            {
              name = "boot.ipxe";
              path = config.system.build.netbootScript;
            }
          ];
          netbootArchive = pkgs.runCommand "netboot-${config.system.name}.tar.zst" { } ''
            export PATH=${pkgs.zstd}/bin:$PATH
            ${pkgs.gnutar}/bin/tar --dereference --zstd -cvC ${config.system.build.netbootTree} -f "$out" .
          '';
        };
      })
    ];
  };

  mkAsOpt = ext: desc: with lib.types; mkOption {
    type = unspecified;
    default = ext;
    visible = "shallow";
    description = "Configuration as ${desc}.";
  };
in
{
  options = {
    my = {
      build = {
        isDevVM = mkBoolOpt' false "Whether the system is a development VM.";
        allHardware = mkBoolOpt' false
          ("Whether to enable a lot of firmware and kernel modules for a wide range of hardware." +
          "Only applies to some build targets.");
      };

      asDevVM = mkAsOpt asDevVM "a development VM";
      asISO = mkAsOpt asISO "a bootable .iso image";
      asContainer = mkAsOpt asContainer "a container";
      asKexecTree = mkAsOpt asKexecTree "a kexec-able kernel and initrd";
      asNetboot = mkAsOpt asNetboot "a netboot-able kernel initrd, and iPXE script";

      buildAs = options.system.build;
    };

    # Forward declare options that won't exist until the VM module is actually imported
    virtualisation = {
      diskImage = dummyOption;
      forwardPorts = dummyOption;
      sharedDirectories = dummyOption;
      cores = dummyOption;
      memorySize = dummyOption;
      qemu.options = dummyOption;
    };
    isoImage = {
      isoBaseName = dummyOption;
      volumeID = dummyOption;
      edition = dummyOption;
      appendToMenuLabel = dummyOption;
    };
  };

  config = {
    virtualisation = {
      diskImage = mkDefault "./.vms/${config.system.name}.qcow2";
    };

    my = {
      buildAs = {
        # The meta.mainProgram should probably be set upstream but oh well...
        devVM = recursiveUpdate config.my.asDevVM.config.system.build.vm { meta.mainProgram = "run-${config.system.name}-vm"; };
        iso = config.my.asISO.config.system.build.isoImage;
        container = config.my.asContainer.config.system.build.toplevel;
        kexecTree = config.my.asKexecTree.config.system.build.kexecTree;
        netbootTree = config.my.asNetboot.config.system.build.netbootTree;
        netbootArchive = config.my.asNetboot.config.system.build.netbootArchive;
      };
    };
  };

  meta.buildDocsInSandbox = false;
}
Update nixosConfigurations to reference a preferred default config 2023-11-16 21:42:30 +00:00			`{ lib, pkgs, extendModules, modulesPath, options, config, ... }:`
Add initial installer 2022-02-17 15:47:24 +00:00			`let`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`inherit (lib) recursiveUpdate mkOption mkDefault mkIf mkMerge mkForce flatten optional;`
Add initial installer 2022-02-17 15:47:24 +00:00			`inherit (lib.my) mkBoolOpt' dummyOption;`

			`cfg = config.my.build;`

nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`allHardware = (optional config.my.build.allHardware { imports = [ "${modulesPath}/profiles/all-hardware.nix" ]; });`

Add initial installer 2022-02-17 15:47:24 +00:00			`asDevVM = extendModules {`
			`modules = [`
			`"${modulesPath}/virtualisation/qemu-vm.nix"`
			`{ my.build.isDevVM = true; }`
			`];`
			`};`
			`asISO = extendModules {`
nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`modules = flatten [`
Add initial installer 2022-02-17 15:47:24 +00:00			`"${modulesPath}/installer/cd-dvd/iso-image.nix"`
nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`allHardware`
Add initial installer 2022-02-17 15:47:24 +00:00			`{`
nixos/build: Disable systemd initrd in ISO 2023-12-05 23:26:51 +00:00			`# Doesn't work right now... (missing /dev/root)`
			`boot.initrd.systemd.enable = false;`

Add initial installer 2022-02-17 15:47:24 +00:00			`isoImage = {`
			`makeEfiBootable = true;`
			`makeUsbBootable = true;`
			`# Not necessarily an installer`
			`appendToMenuLabel = mkDefault "";`

			`squashfsCompression = "zstd -Xcompression-level 8";`
			`};`
			`}`
			`];`
			`};`
Implement initial containers module 2022-03-26 14:20:30 +00:00			`asContainer = extendModules {`
			`modules = [`
			`{`
			`boot.isContainer = true;`
			`}`
			`];`
			`};`
nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`asKexecTree = extendModules {`
			`modules = flatten [`
			`"${modulesPath}/installer/netboot/netboot.nix"`
			`allHardware`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`];`
			`};`

			`asNetboot = extendModules {`
			`modules = flatten [`
			`allHardware`
Add netboot archive (including to installer workflow) 2023-12-17 14:42:55 +00:00			`({ pkgs, config, ... }: {`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`boot = {`
			`loader.grub.enable = false;`
			`initrd = {`
			`kernelModules = [ "nbd" ];`
nixos/build: Add Intel NIC drivers and increased timeout 2024-06-30 03:38:48 +01:00			`availableKernelModules = [ "igb" "igc" ];`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00
			`systemd = {`
			`storePaths = with pkgs; [`
			`gnused`
			`nbd`
			`netcat`
			`];`
			`extraBin = with pkgs; {`
			`dmesg = "${util-linux}/bin/dmesg";`
			`ip = "${iproute2}/bin/ip";`
			`nbd-client = "${nbd}/bin/nbd-client";`
			`};`
			`extraConfig = ''`
nixos/build: Add Intel NIC drivers and increased timeout 2024-06-30 03:38:48 +01:00			`DefaultTimeoutStartSec=20`
			`DefaultDeviceTimeoutSec=20`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`'';`

			`network = {`
			`enable = true;`
			`wait-online.enable = true;`

			`networks."10-netboot" = {`
			`matchConfig.Name = "et-boot";`
			`DHCP = "yes";`
			`};`
			`};`

			`services = {`
			`nbd = {`
			`description = "NBD Root FS";`

			`script = ''`
			`get_cmdline() {`
			`${pkgs.gnused}/bin/sed -rn "s/^.$1=(\\S+).\$/\\1/p" < /proc/cmdline`
			`}`

			`s="$(get_cmdline nbd_server)"`
			`until ${pkgs.netcat}/bin/nc -zv "$s" 22; do`
			`sleep 0.1`
			`done`

			`exec ${pkgs.nbd}/bin/nbd-client -systemd-mark -N "$(get_cmdline nbd_export)" "$s" /dev/nbd0`
			`'';`
			`unitConfig = {`
			`IgnoreOnIsolate = "yes";`
			`DefaultDependencies = "no";`
			`};`
			`serviceConfig = {`
			`Type = "forking";`
			`Restart = "on-failure";`
			`RestartSec = 10;`
			`};`

			`wantedBy = [ "initrd-root-device.target" ];`
			`};`
			`};`
			`};`
			`};`

			`postBootCommands = ''`
			`# After booting, register the contents of the Nix store`
			`# in the Nix database in the COW root.`
			`${config.nix.package}/bin/nix-store --load-db < /nix-path-registration`

			`# nixos-rebuild also requires a "system" profile and an`
			`# /etc/NIXOS tag.`
			`touch /etc/NIXOS`
			`${config.nix.package.out}/bin/nix-env -p /nix/var/nix/profiles/system --set /run/current-system`
			`'';`
			`};`

			`programs.nbd.enable = true;`

			`fileSystems = {`
			`"/" = {`
			`fsType = "ext4";`
			`device = "/dev/nbd0";`
			`noCheck = true;`
			`autoResize = true;`
			`};`
			`};`

			`networking.useNetworkd = mkForce true;`

			`systemd = {`
			`network.networks."10-boot" = {`
			`matchConfig.Name = "et-boot";`
			`DHCP = "yes";`
			`networkConfig.KeepConfiguration = "yes";`
			`};`
			`};`

			`system.build = {`
			`rootImage = pkgs.callPackage "${modulesPath}/../lib/make-ext4-fs.nix" {`
			`storePaths = [ config.system.build.toplevel ];`
			`volumeLabel = "netboot-root";`
			`};`
			`netbootScript = pkgs.writeText "boot.ipxe" ''`
			`#!ipxe`
			`kernel ${pkgs.stdenv.hostPlatform.linux-kernel.target} init=${config.system.build.toplevel}/init initrd=initrd ifname=et-boot:''${mac} nbd_server=''${next-server} ${toString config.boot.kernelParams} ''${cmdline}`
			`initrd initrd`
			`boot`
			`'';`

			`netbootTree = pkgs.linkFarm "netboot-${config.system.name}" [`
			`{`
			`name = config.system.boot.loader.kernelFile;`
			`path = "${config.system.build.kernel}/${config.system.boot.loader.kernelFile}";`
			`}`
			`{`
			`name = "initrd";`
			`path = "${config.system.build.initialRamdisk}/initrd";`
			`}`
			`{`
			`name = "rootfs.ext4";`
			`path = config.system.build.rootImage;`
			`}`
			`{`
			`name = "boot.ipxe";`
			`path = config.system.build.netbootScript;`
			`}`
			`];`
			`netbootArchive = pkgs.runCommand "netboot-${config.system.name}.tar.zst" { } ''`
			`export PATH=${pkgs.zstd}/bin:$PATH`
			`${pkgs.gnutar}/bin/tar --dereference --zstd -cvC ${config.system.build.netbootTree} -f "$out" .`
			`'';`
			`};`
Add netboot archive (including to installer workflow) 2023-12-17 14:42:55 +00:00			`})`
nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`];`
			`};`

Update nixosConfigurations to reference a preferred default config 2023-11-16 21:42:30 +00:00			`mkAsOpt = ext: desc: with lib.types; mkOption {`
			`type = unspecified;`
			`default = ext;`
nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`visible = "shallow";`
			`description = "Configuration as ${desc}.";`
			`};`
Add initial installer 2022-02-17 15:47:24 +00:00			`in`
			`{`
Update nixosConfigurations to reference a preferred default config 2023-11-16 21:42:30 +00:00			`options = {`
Add initial installer 2022-02-17 15:47:24 +00:00			`my = {`
			`build = {`
			`isDevVM = mkBoolOpt' false "Whether the system is a development VM.";`
			`allHardware = mkBoolOpt' false`
			`("Whether to enable a lot of firmware and kernel modules for a wide range of hardware." +`
			`"Only applies to some build targets.");`
			`};`

nixos/build: Add kexec build 2022-06-16 19:40:47 +01:00			`asDevVM = mkAsOpt asDevVM "a development VM";`
			`asISO = mkAsOpt asISO "a bootable .iso image";`
			`asContainer = mkAsOpt asContainer "a container";`
			`asKexecTree = mkAsOpt asKexecTree "a kexec-able kernel and initrd";`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`asNetboot = mkAsOpt asNetboot "a netboot-able kernel initrd, and iPXE script";`
Add initial installer 2022-02-17 15:47:24 +00:00
			`buildAs = options.system.build;`
			`};`

			`# Forward declare options that won't exist until the VM module is actually imported`
			`virtualisation = {`
			`diskImage = dummyOption;`
Fix dev VM networking 2022-02-17 19:14:10 +00:00			`forwardPorts = dummyOption;`
Add secrets support to dev VMs 2022-02-22 01:30:27 +00:00			`sharedDirectories = dummyOption;`
nixos: Add initial QEMU-based VM module 2022-05-02 20:40:11 +01:00			`cores = dummyOption;`
			`memorySize = dummyOption;`
Initial networking VM Also general improvements around VMs 2022-05-16 00:05:02 +01:00			`qemu.options = dummyOption;`
Add initial installer 2022-02-17 15:47:24 +00:00			`};`
nixos/installer: Customise ISO a bit 2022-06-12 20:47:28 +01:00			`isoImage = {`
			`isoBaseName = dummyOption;`
Update inputs and add custom NixOS branding 2023-12-28 17:07:40 +00:00			`volumeID = dummyOption;`
nixos/installer: Customise ISO a bit 2022-06-12 20:47:28 +01:00			`edition = dummyOption;`
			`appendToMenuLabel = dummyOption;`
			`};`
Add initial installer 2022-02-17 15:47:24 +00:00			`};`

			`config = {`
			`virtualisation = {`
			`diskImage = mkDefault "./.vms/${config.system.name}.qcow2";`
			`};`

			`my = {`
			`buildAs = {`
			`# The meta.mainProgram should probably be set upstream but oh well...`
Update nixosConfigurations to reference a preferred default config 2023-11-16 21:42:30 +00:00			`devVM = recursiveUpdate config.my.asDevVM.config.system.build.vm { meta.mainProgram = "run-${config.system.name}-vm"; };`
			`iso = config.my.asISO.config.system.build.isoImage;`
			`container = config.my.asContainer.config.system.build.toplevel;`
			`kexecTree = config.my.asKexecTree.config.system.build.kexecTree;`
nixos: Initial netbooting installer 2024-06-24 00:08:55 +01:00			`netbootTree = config.my.asNetboot.config.system.build.netbootTree;`
			`netbootArchive = config.my.asNetboot.config.system.build.netbootArchive;`
Add initial installer 2022-02-17 15:47:24 +00:00			`};`
			`};`
			`};`

			`meta.buildDocsInSandbox = false;`
			`}`