Simplify kexec and iso image generation

2026-01-14 18:54:50 -08:00
parent bab2df5d7e
commit 5f7335c2a0
7 changed files with 58 additions and 136 deletions
--- a/5
+++ b/5
@@ -36,6 +36,11 @@ update-input:
 iso:
 	nix build .#packages.x86_64-linux.iso

+# Build Custom kexec image
+.PHONY: kexec-img
+kexec-img:
+	nix build .#packages.x86_64-linux.kexec
+
 # Deploy a host by name (ex: 's0')
 .PHONY: deploy
 deploy:
--- a/flake.lock
+++ b/flake.lock
@@ -239,6 +239,42 @@
        "type": "github"
      }
    },
+    "nixlib": {
+      "locked": {
+        "lastModified": 1736643958,
+        "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixpkgs.lib",
+        "type": "github"
+      }
+    },
+    "nixos-generators": {
+      "inputs": {
+        "nixlib": "nixlib",
+        "nixpkgs": [
+          "nixpkgs"
+        ]
+      },
+      "locked": {
+        "lastModified": 1764234087,
+        "narHash": "sha256-NHF7QWa0ZPT8hsJrvijREW3+nifmF2rTXgS2v0tpcEA=",
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "rev": "032a1878682fafe829edfcf5fdfad635a2efe748",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-community",
+        "repo": "nixos-generators",
+        "type": "github"
+      }
+    },
    "nixos-hardware": {
      "locked": {
        "lastModified": 1767185284,
@@ -280,6 +316,7 @@
        "flake-utils": "flake-utils",
        "home-manager": "home-manager",
        "nix-index-database": "nix-index-database",
+        "nixos-generators": "nixos-generators",
        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs",
        "simple-nixos-mailserver": "simple-nixos-mailserver",
--- a/flake.nix
+++ b/flake.nix
@@ -3,6 +3,11 @@
    # nixpkgs
    nixpkgs.url = "github:NixOS/nixpkgs/master";

+    nixos-generators = {
+      url = "github:nix-community/nixos-generators";
+      inputs.nixpkgs.follows = "nixpkgs";
+    };
+
    # Common Utils Among flake inputs
    systems.url = "github:nix-systems/default";
    flake-utils = {
@@ -141,22 +146,17 @@

      packages =
        let
-          mkKexec = system:
-            (nixpkgs.lib.nixosSystem {
+          mkEphemeral = system: format: inputs.nixos-generators.nixosGenerate {
            inherit system;
-              modules = [ ./machines/ephemeral/kexec.nix ];
-            }).config.system.build.kexec_tarball;
-          mkIso = system:
-            (nixpkgs.lib.nixosSystem {
-              inherit system;
-              modules = [ ./machines/ephemeral/iso.nix ];
-            }).config.system.build.isoImage;
+            inherit format;
+            modules = [ ./machines/ephemeral/minimal.nix ];
+          };
        in
        {
-          "x86_64-linux"."kexec" = mkKexec "x86_64-linux";
-          "x86_64-linux"."iso" = mkIso "x86_64-linux";
-          "aarch64-linux"."kexec" = mkKexec "aarch64-linux";
-          "aarch64-linux"."iso" = mkIso "aarch64-linux";
+          "x86_64-linux".kexec = mkEphemeral "x86_64-linux" "kexec-bundle";
+          "x86_64-linux".iso = mkEphemeral "x86_64-linux" "iso";
+          "aarch64-linux".kexec = mkEphemeral "aarch64-linux" "kexec-bundle";
+          "aarch64-linux".iso = mkEphemeral "aarch64-linux" "iso";
        };

      overlays.default = import ./overlays { inherit inputs; };
--- a/machines/ephemeral/iso.nix
+++ b/machines/ephemeral/iso.nix
@@ -1,12 +0,0 @@
-{ modulesPath, ... }:
-
-{
-  imports = [
-    (modulesPath + "/installer/cd-dvd/iso-image.nix")
-    ./minimal.nix
-  ];
-
-  isoImage.makeUsbBootable = true;
-
-  networking.hostName = "iso";
-}
--- a/machines/ephemeral/kexec.nix
+++ b/machines/ephemeral/kexec.nix
@@ -1,48 +0,0 @@
-# From https://mdleom.com/blog/2021/03/09/nixos-oracle/#Build-a-kexec-tarball
-# Builds a kexec img
-
-{ config, pkgs, modulesPath, ... }:
-{
-  imports = [
-    (modulesPath + "/installer/netboot/netboot.nix")
-    (modulesPath + "/profiles/qemu-guest.nix")
-    ./minimal.nix
-  ];
-
-  networking.hostName = "kexec";
-
-  # stripped down version of https://github.com/cleverca22/nix-tests/tree/master/kexec
-  system.build = rec {
-    image = pkgs.runCommand "image" { buildInputs = [ pkgs.nukeReferences ]; } ''
-      mkdir $out
-      if [ -f ${config.system.build.kernel}/bzImage ]; then
-        cp ${config.system.build.kernel}/bzImage $out/kernel
-      else
-        cp ${config.system.build.kernel}/Image $out/kernel
-      fi
-      cp ${config.system.build.netbootRamdisk}/initrd $out/initrd
-      nuke-refs $out/kernel
-    '';
-    kexec_script = pkgs.writeTextFile {
-      executable = true;
-      name = "kexec-nixos";
-      text = ''
-        #!${pkgs.stdenv.shell}
-        set -e
-        ${pkgs.kexec-tools}/bin/kexec -l ${image}/kernel --initrd=${image}/initrd --append="init=${builtins.unsafeDiscardStringContext config.system.build.toplevel}/init ${toString config.boot.kernelParams}"
-        sync
-        echo "executing kernel, filesystems will be improperly umounted"
-        ${pkgs.kexec-tools}/bin/kexec -e
-      '';
-    };
-    kexec_tarball = pkgs.callPackage (modulesPath + "/../lib/make-system-tarball.nix") {
-      storeContents = [
-        {
-          object = config.system.build.kexec_script;
-          symlink = "/kexec_nixos";
-        }
-      ];
-      contents = [ ];
-    };
-  };
-}
--- a/machines/ephemeral/minimal.nix
+++ b/machines/ephemeral/minimal.nix
@@ -22,9 +22,7 @@
  boot.kernelParams = [
    "console=ttyS0,115200" # enable serial console
  ];
-  boot.kernel.sysctl."vm.overcommit_memory" = "1";
-
-  boot.kernelPackages = pkgs.linuxPackages_latest;
+  # boot.kernelPackages = pkgs.linuxPackages_latest;

  system.stateVersion = "21.11";

@@ -46,7 +44,7 @@

  environment.variables.GC_INITIAL_HEAP_SIZE = "1M";

-  networking.useDHCP = true;
+  # networking.useDHCP = true;

  services.openssh = {
    enable = true;
@@ -56,6 +54,5 @@
    };
  };

-  services.getty.autologinUser = "root";
  users.users.root.openssh.authorizedKeys.keys = config.machines.ssh.userKeys;
 }
--- a/machines/ephemeral/sdimg.nix
+++ b/machines/ephemeral/sdimg.nix
@@ -1,57 +0,0 @@
-{ config, modulesPath, pkgs, lib, ... }:
-
-let
-  pinecube-uboot = pkgs.buildUBoot {
-    defconfig = "pinecube_defconfig";
-    extraMeta.platforms = [ "armv7l-linux" ];
-    filesToInstall = [ "u-boot-sunxi-with-spl.bin" ];
-  };
-in
-{
-  imports = [
-    (modulesPath + "/installer/sd-card/sd-image.nix")
-    ./minimal.nix
-  ];
-
-  sdImage.populateFirmwareCommands = "";
-  sdImage.populateRootCommands = ''
-    mkdir -p ./files/boot
-    ${config.boot.loader.generic-extlinux-compatible.populateCmd} -c ${config.system.build.toplevel} -d ./files/boot
-  '';
-  sdImage.postBuildCommands = ''
-    dd if=${pinecube-uboot}/u-boot-sunxi-with-spl.bin of=$img bs=1024 seek=8 conv=notrunc
-  '';
-
-  ###
-
-  networking.hostName = "pinecube";
-
-  boot.loader.grub.enable = false;
-  boot.loader.generic-extlinux-compatible.enable = true;
-  boot.consoleLogLevel = 7;
-
-  # cma is 64M by default which is waay too much and we can't even unpack initrd
-  boot.kernelParams = [ "console=ttyS0,115200n8" "cma=32M" ];
-
-  boot.kernelModules = [ "spi-nor" ]; # Not sure why this doesn't autoload. Provides SPI NOR at /dev/mtd0
-  boot.extraModulePackages = [ config.boot.kernelPackages.rtl8189es ];
-
-  zramSwap.enable = true; # 128MB is not much to work with
-
-  sound.enable = true;
-
-  environment.systemPackages = with pkgs; [
-    ffmpeg
-    (v4l_utils.override { withGUI = false; })
-    usbutils
-  ];
-
-  services.getty.autologinUser = lib.mkForce "googlebot";
-  users.users.googlebot = {
-    isNormalUser = true;
-    extraGroups = [ "wheel" "networkmanager" "video" ];
-    openssh.authorizedKeys.keys = config.machines.ssh.userKeys;
-  };
-
-  networking.wireless.enable = true;
-}