9c722e474d
- Added a backdoor option to the interactive run-vms script. This allows me to intergrate the virtual network approach with Disnix - Small documentation fixes Some explanation: The nixos-build-vms command line tool can be used to build a virtual network of a network.nix specification. For example, a network configuration (network.nix) could look like this: { test1 = {pkgs, config, ...}: { services.openssh.enable = true; ... }; test2 = {pkgs, config, ...}: { services.openssh.enable = true; services.xserver.enable = true; } ; } By typing the following instruction: $ nixos-build-vms -n network.nix a virtual network is built, which can be started by typing: $ ./result/bin/run-vms It is also possible to enable a backdoor. In this case *.socket files are stored in the current directory which can be used by the end-user to invoke remote instruction on a VM in the network through a Unix domain socket. For example by building the network with the following instructions: $ nixos-build-vms -n network.nix --use-backdoor and launching the virtual network: $ ./result/bin/run-vms You can find two socket files in your current directory, namely: test1.socket and test2.socket. These Unix domain sockets can be used to remotely administer the test1 and test2 machine in the virtual network. For example by running: $ socat ./test1.socket stdio ls /root You can retrieve the contents of the /root directory of the virtual machine with identifier test1 svn path=/nixos/trunk/; revision=24410
159 lines
3.9 KiB
Nix
159 lines
3.9 KiB
Nix
# This module generates nixos-install, nixos-rebuild,
|
|
# nixos-hardware-scan, etc.
|
|
|
|
{config, pkgs, ...}:
|
|
|
|
let
|
|
### implementation
|
|
|
|
makeProg = args: pkgs.substituteAll (args // {
|
|
dir = "bin";
|
|
isExecutable = true;
|
|
});
|
|
|
|
nixosBuildVMS = makeProg {
|
|
name = "nixos-build-vms";
|
|
src = ./nixos-build-vms/nixos-build-vms.sh;
|
|
};
|
|
|
|
nixosDeployNetwork = makeProg {
|
|
name = "nixos-deploy-network";
|
|
src = ./nixos-deploy-network/nixos-deploy-network.sh;
|
|
};
|
|
|
|
nixosInstall = makeProg {
|
|
name = "nixos-install";
|
|
src = ./nixos-install.sh;
|
|
|
|
inherit (pkgs) perl pathsFromGraph;
|
|
nix = config.environment.nix;
|
|
nixpkgsURL = config.installer.nixpkgsURL;
|
|
|
|
nixClosure = pkgs.runCommand "closure"
|
|
{exportReferencesGraph = ["refs" config.environment.nix];}
|
|
"cp refs $out";
|
|
};
|
|
|
|
# rewrite of nixosInstall: each tool does exactly one job.
|
|
# So they get more useful.
|
|
installer2 =
|
|
let nixClosure = pkgs.runCommand "closure"
|
|
{exportReferencesGraph = ["refs" config.environment.nix];}
|
|
"cp refs $out";
|
|
|
|
nix = config.environment.nix;
|
|
in rec {
|
|
|
|
nixosPrepareInstall = makeProg {
|
|
name = "nixos-prepare-install";
|
|
src = ./installer2/nixos-prepare-install.sh;
|
|
|
|
inherit nix nixClosure nixosBootstrap;
|
|
};
|
|
|
|
runInChroot = makeProg {
|
|
name = "run-in-chroot";
|
|
src = ./installer2/run-in-chroot.sh;
|
|
};
|
|
|
|
nixosBootstrap = makeProg {
|
|
name = "nixos-bootstrap";
|
|
src = ./installer2/nixos-bootstrap.sh;
|
|
|
|
inherit (pkgs) coreutils;
|
|
inherit nixClosure nix;
|
|
|
|
# TODO shell ?
|
|
nixpkgsURL = config.installer.nixpkgsURL;
|
|
};
|
|
|
|
# see ./nixos-bootstrap-archive/README-BOOTSTRAP-NIXOS
|
|
# TODO refactor: It should *not* depend on configuration.nix
|
|
# maybe even move this in nixpkgs?
|
|
minimalInstallArchive = import ./nixos-bootstrap-archive {
|
|
inherit (pkgs) stdenv runCommand perl pathsFromGraph gnutar coreutils bzip2;
|
|
inherit nixosPrepareInstall runInChroot nixosBootstrap nixClosure;
|
|
};
|
|
};
|
|
|
|
nixosRebuild = makeProg {
|
|
name = "nixos-rebuild";
|
|
src = ./nixos-rebuild.sh;
|
|
};
|
|
|
|
nixosGenSeccureKeys = makeProg {
|
|
name = "nixos-gen-seccure-keys";
|
|
src = ./nixos-gen-seccure-keys.sh;
|
|
};
|
|
|
|
nixosHardwareScan = makeProg {
|
|
name = "nixos-hardware-scan";
|
|
src = ./nixos-hardware-scan.pl;
|
|
inherit (pkgs) perl;
|
|
profile = config.installer.installProfile;
|
|
};
|
|
|
|
nixosOption = makeProg {
|
|
name = "nixos-option";
|
|
src = ./nixos-option.sh;
|
|
};
|
|
|
|
in
|
|
|
|
{
|
|
options = {
|
|
|
|
installer.nixpkgsURL = pkgs.lib.mkOption {
|
|
default = "";
|
|
example = http://nixos.org/releases/nix/nixpkgs-0.11pre7577;
|
|
description = ''
|
|
URL of the Nixpkgs distribution to use when building the
|
|
installation CD.
|
|
'';
|
|
};
|
|
|
|
installer.manifests = pkgs.lib.mkOption {
|
|
default = [http://nixos.org/releases/nixpkgs/channels/nixpkgs-unstable/MANIFEST];
|
|
example =
|
|
[ http://nixos.org/releases/nixpkgs/channels/nixpkgs-unstable/MANIFEST
|
|
http://nixos.org/releases/nixpkgs/channels/nixpkgs-stable/MANIFEST
|
|
];
|
|
description = ''
|
|
URLs of manifests to be downloaded when you run
|
|
<command>nixos-rebuild</command> to speed up builds.
|
|
'';
|
|
};
|
|
|
|
installer.installProfile = pkgs.lib.mkOption {
|
|
default = "base";
|
|
example = "graphical";
|
|
description = ''
|
|
Name of the profile used when generating the hardware-scan.
|
|
'';
|
|
};
|
|
|
|
};
|
|
|
|
config = {
|
|
environment.systemPackages =
|
|
[ nixosBuildVMS
|
|
nixosDeployNetwork
|
|
nixosInstall
|
|
nixosRebuild
|
|
nixosHardwareScan
|
|
nixosGenSeccureKeys
|
|
nixosOption
|
|
|
|
installer2.runInChroot
|
|
installer2.nixosPrepareInstall
|
|
];
|
|
|
|
system.build = {
|
|
inherit nixosInstall nixosHardwareScan nixosOption;
|
|
|
|
# expose scripts
|
|
inherit (installer2) nixosPrepareInstall runInChroot nixosBootstrap minimalInstallArchive;
|
|
};
|
|
};
|
|
}
|