forked from M-Labs/defenestrate
Compare commits
3 Commits
c13047636f
...
9921e719ed
| Author | SHA1 | Date |
|---|---|---|
Phillip Klein
|
9921e719ed | |
|
Phillip Klein
|
be9ab28418 | |
|
Phillip Klein
|
10220fb515 |
10
README
10
README
|
|
@ -1,8 +1,16 @@
|
||||||
|
On build device:
|
||||||
|
* nix-build
|
||||||
|
* (for LAN builds) nix-build --arg mlabs true
|
||||||
|
|
||||||
|
On target device:
|
||||||
* Enter BIOS, disable secure boot, enable UEFI PXE network boot
|
* Enter BIOS, disable secure boot, enable UEFI PXE network boot
|
||||||
* sudo auto-install
|
* sudo auto-install
|
||||||
|
* sudo reboot
|
||||||
* Run memtest86
|
* Run memtest86
|
||||||
* Copy device database to ~/artiq
|
* Copy device database to ~/artiq
|
||||||
* Set timezone and kb layout
|
* Set timezone and kb layout
|
||||||
* Comment out openssh.authorizedKeys.keys
|
* Comment out openssh.authorizedKeys.keys
|
||||||
* sudo seal-off
|
|
||||||
* history clear
|
* history clear
|
||||||
|
|
||||||
|
On build device:
|
||||||
|
* cat sealoff.sh | ssh rabi@artiq "sudo sh"
|
||||||
|
|
|
||||||
13
default.nix
13
default.nix
|
|
@ -41,23 +41,28 @@ let
|
||||||
nixos-generate-config --root /mnt
|
nixos-generate-config --root /mnt
|
||||||
cp ${./final}/* /mnt/etc/nixos
|
cp ${./final}/* /mnt/etc/nixos
|
||||||
nixos-install --no-root-password --flake /mnt/etc/nixos#artiq
|
nixos-install --no-root-password --flake /mnt/etc/nixos#artiq
|
||||||
reboot
|
|
||||||
'';
|
'';
|
||||||
|
|
||||||
customModule = {
|
customModule = mlabs:
|
||||||
|
let storeUrl = "https://nixbld.m-labs.hk" + (if mlabs then "?priority=10" else "");
|
||||||
|
in
|
||||||
|
{
|
||||||
system.stateVersion = "24.05";
|
system.stateVersion = "24.05";
|
||||||
environment.systemPackages = [ autoInstall pkgs.git ];
|
environment.systemPackages = [ autoInstall pkgs.git ];
|
||||||
documentation.info.enable = false; # https://github.com/NixOS/nixpkgs/issues/124215
|
documentation.info.enable = false; # https://github.com/NixOS/nixpkgs/issues/124215
|
||||||
documentation.man.enable = false;
|
documentation.man.enable = false;
|
||||||
nix.settings.trusted-public-keys = ["nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc="];
|
nix.settings.trusted-public-keys = ["nixbld.m-labs.hk-1:5aSRVA5b320xbNvu30tqxVPXpld73bhtOeH6uAjRyHc="];
|
||||||
nix.settings.substituters = ["https://nixbld.m-labs.hk"];
|
nix.settings.substituters = [ storeUrl ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
in
|
||||||
|
{ mlabs ? false }:
|
||||||
|
let module = customModule mlabs;
|
||||||
in
|
in
|
||||||
makeNetboot {
|
makeNetboot {
|
||||||
modules = [
|
modules = [
|
||||||
<nixpkgs/nixos/modules/installer/netboot/netboot-minimal.nix>
|
<nixpkgs/nixos/modules/installer/netboot/netboot-minimal.nix>
|
||||||
customModule
|
module
|
||||||
];
|
];
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,6 @@
|
||||||
{ config, pkgs, artiq, ... }:
|
{ config, pkgs, artiq, ... }:
|
||||||
|
|
||||||
let
|
{
|
||||||
sealOff = pkgs.writeShellScriptBin "seal-off"
|
|
||||||
''
|
|
||||||
set -e
|
|
||||||
nixos-rebuild boot
|
|
||||||
nix-collect-garbage -d
|
|
||||||
'';
|
|
||||||
|
|
||||||
in {
|
|
||||||
imports =
|
imports =
|
||||||
[
|
[
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
|
@ -44,7 +36,6 @@ in {
|
||||||
|
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
sealOff
|
|
||||||
wget
|
wget
|
||||||
vim
|
vim
|
||||||
gitAndTools.gitFull
|
gitAndTools.gitFull
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1,5 @@
|
||||||
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -e
|
||||||
|
nixos-rebuild boot
|
||||||
|
nix-collect-garbage -d
|
||||||
Loading…
Reference in New Issue