From 2bff5a091b17d0367b20d41121b4b1ccf7dbc93b Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 16:42:53 -0500 Subject: [PATCH 01/11] convert tabs -> spaces --- nixos/22.05/packer.json | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/nixos/22.05/packer.json b/nixos/22.05/packer.json index f75fa52..85bee91 100644 --- a/nixos/22.05/packer.json +++ b/nixos/22.05/packer.json @@ -30,11 +30,11 @@ "inline": ["echo 'executing trigger-reboot...' && /tmp/trigger-reboot & exit 0"], "expect_disconnect": true }, - { - "type": "shell", - "inline": ["echo 'reconnected after rebooting'"], - "pause_before": "30s" - }, + { + "type": "shell", + "inline": ["echo 'reconnected after rebooting'"], + "pause_before": "30s" + }, { "type": "file", "source": "capsul-init", @@ -43,9 +43,9 @@ { "type": "shell", "inline": [ - "mv /tmp/capsul-init /root/capsul-init", - "chmod +x /root/capsul-init" - ] + "mv /tmp/capsul-init /root/capsul-init", + "chmod +x /root/capsul-init" + ] } ], "builders": [ -- 2.45.2 From e874ce9bea31f73c66d412da9c6e5be092940632 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 16:43:19 -0500 Subject: [PATCH 02/11] chown homedir recursively --- nixos/22.05/capsul-init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/22.05/capsul-init b/nixos/22.05/capsul-init index 2b29897..58195ae 100644 --- a/nixos/22.05/capsul-init +++ b/nixos/22.05/capsul-init @@ -5,7 +5,7 @@ homedir="/home/$user" mkdir -p "$homedir/.ssh" chmod 700 "$homedir/.ssh" -chown "$user" "$homedir/.ssh" +chown -R "$user:$user" "$homedir" mount -t iso9660 -o ro /dev/sr0 /mnt -- 2.45.2 From 35546c5a698cc8718e668f2bddf91046a8a8d721 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 16:44:53 -0500 Subject: [PATCH 03/11] Add group to chown --- nixos/22.05/capsul-init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/22.05/capsul-init b/nixos/22.05/capsul-init index 58195ae..8104bba 100644 --- a/nixos/22.05/capsul-init +++ b/nixos/22.05/capsul-init @@ -13,7 +13,7 @@ grep '\- ssh' /mnt/user-data | cut -d ' ' -f 8- > "$homedir/.ssh/authorized_key chmod 600 "$homedir/.ssh/authorized_keys" -chown "$user" "$homedir/.ssh/authorized_keys" +chown "$user:$user" "$homedir/.ssh/authorized_keys" /run/current-system/profile/sbin/resize2fs /dev/vda2 -- 2.45.2 From 47be961751dc40d667c243ecbbcd72204ab8f756 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 16:46:56 -0500 Subject: [PATCH 04/11] Remove sudo su since we are root --- nixos/22.05/post-install.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/22.05/post-install.sh b/nixos/22.05/post-install.sh index 7ff7fef..10c9843 100755 --- a/nixos/22.05/post-install.sh +++ b/nixos/22.05/post-install.sh @@ -1,6 +1,5 @@ #!/bin/sh -sudo su parted -s --align=none /dev/vda mktable gpt mkpart primary ext2 0 2MB mkpart primary ext2 2MB 100% set 1 bios_grub on mkfs.ext4 -L root /dev/vda2 mount LABEL=root /mnt -- 2.45.2 From 3cfed4c6a31208a398c1f3301c316f7f7b7a5696 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:17:26 -0500 Subject: [PATCH 05/11] Move 2nd-stage configuration to packer, not capsul-init --- nixos/22.05/capsul-init | 29 -------------------- nixos/22.05/configuration.nix | 14 +++------- nixos/22.05/final-configuration.nix | 41 +++++++++++++++++++++++++++++ nixos/22.05/packer.json | 11 ++++++++ 4 files changed, 55 insertions(+), 40 deletions(-) create mode 100644 nixos/22.05/final-configuration.nix diff --git a/nixos/22.05/capsul-init b/nixos/22.05/capsul-init index 8104bba..fdef65d 100644 --- a/nixos/22.05/capsul-init +++ b/nixos/22.05/capsul-init @@ -17,34 +17,5 @@ chown "$user:$user" "$homedir/.ssh/authorized_keys" /run/current-system/profile/sbin/resize2fs /dev/vda2 -cat < /etc/configuration.nix -{ config, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ]; - - # we always want git and vim - environment.systemPackages = with pkgs; [ - git - vim - ]; - - boot.loader.grub.enable = true; - boot.loader.grub.version = 2; - boot.loader.grub.device = "/dev/vda"; - system.stateVersion = "22.05"; - - users.users.cyberian = { - isNormalUser = true; - }; - - services.openssh = { - enable = true; - }; -EOF - umount /mnt rm /root/capsul-init -sudo nixos-rebuild switch diff --git a/nixos/22.05/configuration.nix b/nixos/22.05/configuration.nix index d5c9120..8406b58 100644 --- a/nixos/22.05/configuration.nix +++ b/nixos/22.05/configuration.nix @@ -1,3 +1,6 @@ +# this configuration is intended to give us ssh +# access to the build machine + { config, pkgs, ... }: { @@ -28,15 +31,4 @@ passwordAuthentication = true; }; - # Feel free to remove this after first boot - # /root/capsul-init gets deleted after first run - systemd.services.capsul-init = { - serviceConfig.Type = "oneshot"; - unitConfig = { - ConditionPathExists = "/root/capsul-init"; - }; - serviceConfig = { - ExecStart = "/root/capsul-init"; - }; - }; } diff --git a/nixos/22.05/final-configuration.nix b/nixos/22.05/final-configuration.nix new file mode 100644 index 0000000..2d1f6ff --- /dev/null +++ b/nixos/22.05/final-configuration.nix @@ -0,0 +1,41 @@ +# this configuration is meant to be the final +# handed over to the user + +{ config, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ]; + + # we always want git and vim + environment.systemPackages = with pkgs; [ + git + vim + ]; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/vda"; + system.stateVersion = "22.05"; + + users.users.cyberian = { + isNormalUser = true; + }; + + services.openssh = { + enable = true; + }; + + # Feel free to remove this after first boot + # /root/capsul-init gets deleted after first run + systemd.services.capsul-init = { + serviceConfig.Type = "oneshot"; + unitConfig = { + ConditionPathExists = "/root/capsul-init"; + }; + serviceConfig = { + ExecStart = "/root/capsul-init"; + }; + }; +} diff --git a/nixos/22.05/packer.json b/nixos/22.05/packer.json index 85bee91..d87abec 100644 --- a/nixos/22.05/packer.json +++ b/nixos/22.05/packer.json @@ -46,6 +46,17 @@ "mv /tmp/capsul-init /root/capsul-init", "chmod +x /root/capsul-init" ] + }, + { + "type": "file", + "source": "final-configuration.nix", + "destination": "/etc/nixos/configuration.nix" + }, + { + "type": "shell", + "inline": [ + "nixos-rebuild switch" + ] } ], "builders": [ -- 2.45.2 From be538698f3631ee7d20172a8449af5d40ead098a Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:17:44 -0500 Subject: [PATCH 06/11] Add aynish as an owner of this OS --- nixos/OWNERS | 1 + 1 file changed, 1 insertion(+) create mode 100644 nixos/OWNERS diff --git a/nixos/OWNERS b/nixos/OWNERS new file mode 100644 index 0000000..4f10b4f --- /dev/null +++ b/nixos/OWNERS @@ -0,0 +1 @@ +@aynish:sealight.xyz -- 2.45.2 From 3bf46d9ec7a7cf4561757a478b5348b5bcfce967 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:20:08 -0500 Subject: [PATCH 07/11] Remove default password for cyberian --- nixos/22.05/configuration.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/22.05/configuration.nix b/nixos/22.05/configuration.nix index 8406b58..bdc377a 100644 --- a/nixos/22.05/configuration.nix +++ b/nixos/22.05/configuration.nix @@ -21,7 +21,6 @@ users.users.cyberian = { isNormalUser = true; - password = "password"; }; users.users.root.password = "password"; -- 2.45.2 From 71c6fe10bd56da18f8a498c1542e89437fe871e5 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:26:23 -0500 Subject: [PATCH 08/11] Add cleanup tasks, add nano & vi to image, remove git --- nixos/22.05/configuration.nix | 7 +++---- nixos/22.05/final-configuration.nix | 4 ++-- nixos/22.05/packer.json | 4 +++- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/nixos/22.05/configuration.nix b/nixos/22.05/configuration.nix index bdc377a..257ba17 100644 --- a/nixos/22.05/configuration.nix +++ b/nixos/22.05/configuration.nix @@ -8,10 +8,10 @@ ./hardware-configuration.nix ]; - # we always want git and vim + # we always want nano & vi environment.systemPackages = with pkgs; [ - git - vim + vi + nano ]; boot.loader.grub.enable = true; @@ -29,5 +29,4 @@ permitRootLogin = "yes"; passwordAuthentication = true; }; - } diff --git a/nixos/22.05/final-configuration.nix b/nixos/22.05/final-configuration.nix index 2d1f6ff..b7383e3 100644 --- a/nixos/22.05/final-configuration.nix +++ b/nixos/22.05/final-configuration.nix @@ -10,8 +10,8 @@ # we always want git and vim environment.systemPackages = with pkgs; [ - git - vim + nano + vi ]; boot.loader.grub.enable = true; diff --git a/nixos/22.05/packer.json b/nixos/22.05/packer.json index d87abec..d48ac78 100644 --- a/nixos/22.05/packer.json +++ b/nixos/22.05/packer.json @@ -55,7 +55,9 @@ { "type": "shell", "inline": [ - "nixos-rebuild switch" + "nixos-rebuild switch", + "rm -f /etc/ssh/*key*", + "printf '' > /etc/machine-id" ] } ], -- 2.45.2 From 3e0196f7d88122c61c12d39b8638d73972b4526a Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:27:10 -0500 Subject: [PATCH 09/11] Clarify comment --- nixos/22.05/final-configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/22.05/final-configuration.nix b/nixos/22.05/final-configuration.nix index b7383e3..4563fe1 100644 --- a/nixos/22.05/final-configuration.nix +++ b/nixos/22.05/final-configuration.nix @@ -8,7 +8,7 @@ ./hardware-configuration.nix ]; - # we always want git and vim + # we always want nano & vi environment.systemPackages = with pkgs; [ nano vi -- 2.45.2 From da7a221ec31208c4360be6a0c6260951995fe225 Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:32:42 -0500 Subject: [PATCH 10/11] Correct systemd config --- nixos/22.05/final-configuration.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nixos/22.05/final-configuration.nix b/nixos/22.05/final-configuration.nix index 4563fe1..526eb18 100644 --- a/nixos/22.05/final-configuration.nix +++ b/nixos/22.05/final-configuration.nix @@ -30,12 +30,14 @@ # Feel free to remove this after first boot # /root/capsul-init gets deleted after first run systemd.services.capsul-init = { - serviceConfig.Type = "oneshot"; + enable = true; unitConfig = { + Type = "oneshot"; ConditionPathExists = "/root/capsul-init"; }; serviceConfig = { ExecStart = "/root/capsul-init"; }; + wantedBy = [ "multi-user.target" ]; }; } -- 2.45.2 From 963aaccd8ae1bfe585a94408c273298d30deab2e Mon Sep 17 00:00:00 2001 From: Jes Olson Date: Sun, 17 Jul 2022 17:39:03 -0500 Subject: [PATCH 11/11] move oneshot to correct location lmao --- nixos/22.05/final-configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/22.05/final-configuration.nix b/nixos/22.05/final-configuration.nix index 526eb18..ddb46ce 100644 --- a/nixos/22.05/final-configuration.nix +++ b/nixos/22.05/final-configuration.nix @@ -32,10 +32,10 @@ systemd.services.capsul-init = { enable = true; unitConfig = { - Type = "oneshot"; ConditionPathExists = "/root/capsul-init"; }; serviceConfig = { + Type = "oneshot"; ExecStart = "/root/capsul-init"; }; wantedBy = [ "multi-user.target" ]; -- 2.45.2