forked from M-Labs/nix-scripts
add wfvm
This commit is contained in:
parent
b6c186b632
commit
40e8cc8407
26
artiq-fast/wfvm/README.md
Normal file
26
artiq-fast/wfvm/README.md
Normal file
@ -0,0 +1,26 @@
|
||||
# Preparation steps
|
||||
|
||||
## Install a Windows image
|
||||
|
||||
1. Adjust build.nix accordingly
|
||||
2. Run:
|
||||
|
||||
If in impure mode
|
||||
```shell
|
||||
nix-build build.nix
|
||||
./result
|
||||
```
|
||||
Results in a file called c.img
|
||||
|
||||
If in pure mode
|
||||
```shell
|
||||
nix-build build.nix
|
||||
ls -la ./result
|
||||
```
|
||||
Results in a symlink to the image in the nix store
|
||||
|
||||
|
||||
# Impure/pure mode
|
||||
Sometimes it can be useful to build the image _outside_ of the Nix sandbox for debugging purposes.
|
||||
|
||||
For this purpose we have an attribute called `impureMode` which outputs the shell script used by Nix inside the sandbox to build the image.
|
318
artiq-fast/wfvm/autounattend.nix
Normal file
318
artiq-fast/wfvm/autounattend.nix
Normal file
@ -0,0 +1,318 @@
|
||||
{ pkgs
|
||||
, lib ? pkgs.lib
|
||||
, fullName
|
||||
, organization
|
||||
, administratorPassword
|
||||
, uiLanguage ? "en-US"
|
||||
, inputLocale ? "en-US"
|
||||
, userLocale ? "en-US"
|
||||
, systemLocale ? "en-US"
|
||||
, users ? {}
|
||||
, productKey ? null
|
||||
, defaultUser ? null
|
||||
, setupCommands ? []
|
||||
, timeZone ? "UTC"
|
||||
, services ? {}
|
||||
, impureShellCommands ? []
|
||||
, driveLetter ? "E:"
|
||||
, ...
|
||||
}:
|
||||
|
||||
let
|
||||
|
||||
serviceCommands = lib.mapAttrsToList (
|
||||
serviceName: attrs: "powershell Set-Service -Name ${serviceName} " + (
|
||||
lib.concatStringsSep " " (
|
||||
(
|
||||
lib.mapAttrsToList (
|
||||
n: v: if builtins.typeOf v != "bool" then "-${n} ${v}" else "-${n}"
|
||||
)
|
||||
) (
|
||||
# Always run without interaction
|
||||
{ Force = true; } // attrs
|
||||
)
|
||||
)
|
||||
)
|
||||
) services;
|
||||
|
||||
sshSetupCommands =
|
||||
# let
|
||||
# makeDirs = lib.mapAttrsToList (n: v: ''mkdir C:\Users\${n}\.ssh'') users;
|
||||
# writeKeys = lib.flatten (lib.mapAttrsToList (n: v: builtins.map (key: let
|
||||
# commands = [
|
||||
# ''powershell.exe Set-Content -Path C:\Users\${n}\.ssh\authorized_keys -Value '${key}' ''
|
||||
# ];
|
||||
# in lib.concatStringsSep "\n" commands) (v.sshKeys or [])) users);
|
||||
# mkDirsDesc = builtins.map (c: {Path = c; Description = "Make SSH key dir";}) makeDirs;
|
||||
# writeKeysDesc = builtins.map (c: {Path = c; Description = "Add SSH key";}) writeKeys;
|
||||
# in
|
||||
# mkDirsDesc ++ writeKeysDesc ++
|
||||
[
|
||||
{
|
||||
Path = ''powershell.exe Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 -Source ${driveLetter}\fod -LimitAccess'';
|
||||
Description = "Add OpenSSH service.";
|
||||
}
|
||||
{
|
||||
Path = ''powershell.exe Set-Service -Name sshd -StartupType Automatic'';
|
||||
Description = "Enable SSH by default.";
|
||||
}
|
||||
];
|
||||
|
||||
assertCommand = c: builtins.typeOf c == "string" || builtins.typeOf c == "set" && builtins.hasAttr "Path" c && builtins.hasAttr "Description" c;
|
||||
|
||||
commands = builtins.map (x: assert assertCommand x; if builtins.typeOf x == "string" then { Path = x; Description = x; } else x) (
|
||||
[
|
||||
{
|
||||
Path = "powershell.exe Set-ExecutionPolicy -Force Unrestricted";
|
||||
Description = "Allow unsigned powershell scripts.";
|
||||
}
|
||||
]
|
||||
++ [
|
||||
{
|
||||
Path = ''powershell.exe ${driveLetter}\win-bundle-installer.exe'';
|
||||
Description = "Install any declared packages.";
|
||||
}
|
||||
]
|
||||
++ setupCommands
|
||||
++ [
|
||||
{
|
||||
Path = ''powershell.exe ${driveLetter}\ssh-setup.ps1'';
|
||||
Description = "Setup SSH and keys";
|
||||
}
|
||||
]
|
||||
++ serviceCommands
|
||||
++ impureShellCommands
|
||||
);
|
||||
|
||||
mkCommand = attrs: ''
|
||||
<RunSynchronousCommand wcm:action="add">
|
||||
${lib.concatStringsSep "\n" (lib.attrsets.mapAttrsToList (n: v: "<${n}>${v}</${n}>") attrs)}
|
||||
</RunSynchronousCommand>
|
||||
'';
|
||||
mkCommands = commands: (
|
||||
builtins.foldl' (
|
||||
acc: v: rec {
|
||||
i = acc.i + 1;
|
||||
values = acc.values ++ [ (mkCommand (v // { Order = builtins.toString i; })) ];
|
||||
}
|
||||
) {
|
||||
i = 0;
|
||||
values = [];
|
||||
} commands
|
||||
).values;
|
||||
|
||||
mkUser =
|
||||
{ name
|
||||
, password
|
||||
, description ? ""
|
||||
, displayName ? ""
|
||||
, groups ? []
|
||||
# , sshKeys ? [] # Handled in scripts
|
||||
}: ''
|
||||
<LocalAccount wcm:action="add">
|
||||
<Password>
|
||||
<Value>${password}</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</Password>
|
||||
<Description>${description}</Description>
|
||||
<DisplayName>${displayName}</DisplayName>
|
||||
<Group>${builtins.concatStringsSep ";" (lib.unique ([ "Users" ] ++ groups))}</Group>
|
||||
<Name>${name}</Name>
|
||||
</LocalAccount>
|
||||
'';
|
||||
|
||||
# Windows expects a flat list of users while we want to manage them as a set
|
||||
flatUsers = builtins.attrValues (builtins.mapAttrs (name: s: s // { inherit name; }) users);
|
||||
|
||||
autounattendXML = pkgs.writeText "autounattend.xml" ''
|
||||
<?xml version="1.0" encoding="utf-8"?>
|
||||
<unattend xmlns="urn:schemas-microsoft-com:unattend">
|
||||
<settings pass="windowsPE">
|
||||
<component name="Microsoft-Windows-PnpCustomizationsWinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<DriverPaths>
|
||||
<PathAndCredentials wcm:action="add" wcm:keyValue="1">
|
||||
<Path>D:\</Path>
|
||||
</PathAndCredentials>
|
||||
<PathAndCredentials wcm:action="add" wcm:keyValue="2">
|
||||
<Path>E:\</Path>
|
||||
</PathAndCredentials>
|
||||
</DriverPaths>
|
||||
</component>
|
||||
<component name="Microsoft-Windows-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
|
||||
<DiskConfiguration>
|
||||
<Disk wcm:action="add">
|
||||
<CreatePartitions>
|
||||
<CreatePartition wcm:action="add">
|
||||
<Order>1</Order>
|
||||
<Type>EFI</Type>
|
||||
<Size>100</Size>
|
||||
</CreatePartition>
|
||||
<CreatePartition wcm:action="add">
|
||||
<Order>2</Order>
|
||||
<Type>MSR</Type>
|
||||
<Size>16</Size>
|
||||
</CreatePartition>
|
||||
<CreatePartition wcm:action="add">
|
||||
<Order>3</Order>
|
||||
<Type>Primary</Type>
|
||||
<Extend>true</Extend>
|
||||
</CreatePartition>
|
||||
</CreatePartitions>
|
||||
<ModifyPartitions>
|
||||
<ModifyPartition wcm:action="add">
|
||||
<Order>1</Order>
|
||||
<Format>FAT32</Format>
|
||||
<Label>System</Label>
|
||||
<PartitionID>1</PartitionID>
|
||||
</ModifyPartition>
|
||||
<ModifyPartition wcm:action="add">
|
||||
<Order>2</Order>
|
||||
<PartitionID>2</PartitionID>
|
||||
</ModifyPartition>
|
||||
<ModifyPartition wcm:action="add">
|
||||
<Order>3</Order>
|
||||
<Format>NTFS</Format>
|
||||
<Label>Windows</Label>
|
||||
<Letter>C</Letter>
|
||||
<PartitionID>3</PartitionID>
|
||||
</ModifyPartition>
|
||||
</ModifyPartitions>
|
||||
<DiskID>0</DiskID>
|
||||
<WillWipeDisk>true</WillWipeDisk>
|
||||
</Disk>
|
||||
</DiskConfiguration>
|
||||
|
||||
<ImageInstall>
|
||||
<OSImage>
|
||||
<InstallTo>
|
||||
<DiskID>0</DiskID>
|
||||
<PartitionID>3</PartitionID>
|
||||
</InstallTo>
|
||||
<InstallFrom>
|
||||
<MetaData wcm:action="add">
|
||||
<Key>/IMAGE/INDEX</Key>
|
||||
<Value>1</Value>
|
||||
</MetaData>
|
||||
</InstallFrom>
|
||||
</OSImage>
|
||||
</ImageInstall>
|
||||
|
||||
<UserData>
|
||||
<ProductKey>
|
||||
${if productKey != null then "<Key>${productKey}</Key>" else ""}
|
||||
<WillShowUI>OnError</WillShowUI>
|
||||
</ProductKey>
|
||||
<AcceptEula>true</AcceptEula>
|
||||
<FullName>${fullName}</FullName>
|
||||
<Organization>${organization}</Organization>
|
||||
</UserData>
|
||||
|
||||
</component>
|
||||
<component name="Microsoft-Windows-International-Core-WinPE" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<SetupUILanguage>
|
||||
<UILanguage>${uiLanguage}</UILanguage>
|
||||
</SetupUILanguage>
|
||||
<InputLocale>${inputLocale}</InputLocale>
|
||||
<SystemLocale>${systemLocale}</SystemLocale>
|
||||
<UILanguage>${uiLanguage}</UILanguage>
|
||||
<UILanguageFallback>en-US</UILanguageFallback>
|
||||
<UserLocale>${userLocale}</UserLocale>
|
||||
</component>
|
||||
</settings>
|
||||
|
||||
<settings pass="oobeSystem">
|
||||
<component name="Microsoft-Windows-International-Core" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<InputLocale>${inputLocale}</InputLocale>
|
||||
<SystemLocale>${systemLocale}</SystemLocale>
|
||||
<UILanguage>${uiLanguage}</UILanguage>
|
||||
<UILanguageFallback>en-US</UILanguageFallback>
|
||||
<UserLocale>${userLocale}</UserLocale>
|
||||
</component>
|
||||
<component name="Microsoft-Windows-Shell-Setup" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<OOBE>
|
||||
<HideEULAPage>true</HideEULAPage>
|
||||
<HideLocalAccountScreen>true</HideLocalAccountScreen>
|
||||
<HideOEMRegistrationScreen>true</HideOEMRegistrationScreen>
|
||||
<HideOnlineAccountScreens>true</HideOnlineAccountScreens>
|
||||
<HideWirelessSetupInOOBE>true</HideWirelessSetupInOOBE>
|
||||
<ProtectYourPC>1</ProtectYourPC>
|
||||
</OOBE>
|
||||
<TimeZone>${timeZone}</TimeZone>
|
||||
|
||||
<UserAccounts>
|
||||
${if administratorPassword != null then ''
|
||||
<AdministratorPassword>
|
||||
<Value>${administratorPassword}</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</AdministratorPassword>
|
||||
'' else ""}
|
||||
<LocalAccounts>
|
||||
${builtins.concatStringsSep "\n" (builtins.map mkUser flatUsers)}
|
||||
</LocalAccounts>
|
||||
</UserAccounts>
|
||||
|
||||
${if defaultUser == null then "" else ''
|
||||
<AutoLogon>
|
||||
<Password>
|
||||
<Value>${(builtins.getAttr defaultUser users).password}</Value>
|
||||
<PlainText>true</PlainText>
|
||||
</Password>
|
||||
<Enabled>true</Enabled>
|
||||
<Username>${defaultUser}</Username>
|
||||
</AutoLogon>
|
||||
''}
|
||||
|
||||
<FirstLogonCommands>
|
||||
<SynchronousCommand wcm:action="add">
|
||||
<Order>1</Order>
|
||||
<CommandLine>cmd /C shutdown /s /f /t 00</CommandLine>
|
||||
<Description>ChangeHideFiles</Description>
|
||||
</SynchronousCommand>
|
||||
</FirstLogonCommands>
|
||||
|
||||
</component>
|
||||
</settings>
|
||||
|
||||
<settings pass="specialize">
|
||||
<component name="Microsoft-Windows-Deployment" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<RunSynchronous>
|
||||
${lib.concatStringsSep "\n" (mkCommands commands)}
|
||||
</RunSynchronous>
|
||||
</component>
|
||||
<component name="Microsoft-Windows-SQMApi" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="NonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<CEIPEnabled>0</CEIPEnabled>
|
||||
</component>
|
||||
</settings>
|
||||
|
||||
<!-- Disable Windows UAC -->
|
||||
<settings pass="offlineServicing">
|
||||
<component name="Microsoft-Windows-LUA-Settings" processorArchitecture="amd64" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="http://schemas.microsoft.com/WMIConfig/2002/State" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
|
||||
<EnableLUA>false</EnableLUA>
|
||||
</component>
|
||||
</settings>
|
||||
|
||||
<cpi:offlineImage cpi:source="wim:c:/wim/windows-10/install.wim#Windows 10 Enterprise LTSC 2019 Evaluation" xmlns:cpi="urn:schemas-microsoft-com:cpi" />
|
||||
</unattend>
|
||||
'';
|
||||
|
||||
in {
|
||||
# Lint and format as a sanity check
|
||||
autounattendXML = pkgs.runCommandNoCC "autounattend.xml" {} ''
|
||||
${pkgs.libxml2}/bin/xmllint --format ${autounattendXML} > $out
|
||||
'';
|
||||
|
||||
# autounattend.xml is _super_ picky about quotes and other things
|
||||
setupScript = pkgs.writeText "ssh-setup.ps1" (
|
||||
''
|
||||
# Setup SSH and keys
|
||||
'' +
|
||||
lib.concatStrings (
|
||||
builtins.map (c: ''
|
||||
# ${c.Description}
|
||||
${c.Path}
|
||||
'') sshSetupCommands
|
||||
)
|
||||
);
|
||||
|
||||
}
|
100
artiq-fast/wfvm/build.nix
Normal file
100
artiq-fast/wfvm/build.nix
Normal file
@ -0,0 +1,100 @@
|
||||
{
|
||||
pkgs ? import <nixpkgs> {}
|
||||
, impureMode ? false
|
||||
}:
|
||||
|
||||
let
|
||||
win = (import ./default.nix { inherit pkgs; });
|
||||
|
||||
in
|
||||
win.makeWindowsImage {
|
||||
|
||||
# Custom base iso
|
||||
# windowsImage = pkgs.fetchurl {
|
||||
# url = "https://software-download.microsoft.com/download/sg/17763.107.101029-1455.rs5_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso";
|
||||
# sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
|
||||
# };
|
||||
|
||||
# User accounts
|
||||
users = {
|
||||
artiq = {
|
||||
password = "1234";
|
||||
# description = "Default user";
|
||||
# displayName = "Display name";
|
||||
groups = [
|
||||
"Administrators"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
# Build install script & skip building iso
|
||||
inherit impureMode;
|
||||
|
||||
# impureShellCommands = [
|
||||
# "powershell.exe echo Hello"
|
||||
# ];
|
||||
|
||||
fullName = "M-Labs";
|
||||
organization = "m-labs";
|
||||
|
||||
administratorPassword = "12345";
|
||||
|
||||
# Auto login
|
||||
defaultUser = "artiq";
|
||||
|
||||
# Imperative installation commands, to be installed incrementally
|
||||
installCommands = [
|
||||
|
||||
{
|
||||
name = "Anaconda3";
|
||||
script = let
|
||||
Anaconda3 = pkgs.fetchurl {
|
||||
name = "Anaconda3.exe";
|
||||
url = "https://repo.anaconda.com/archive/Anaconda3-2019.03-Windows-x86_64.exe";
|
||||
sha256 = "1f9icm5rwab6l1f23a70dw0qixzrl62wbglimip82h4zhxlh3jfj";
|
||||
};
|
||||
in ''
|
||||
cp ${Anaconda3} ./Anaconda3.exe
|
||||
win put Anaconda3.exe 'C:\Users\artiq'
|
||||
win exec 'start /wait "" .\Anaconda3.exe /S /D=%UserProfile%\Anaconda3'
|
||||
'';
|
||||
}
|
||||
|
||||
];
|
||||
|
||||
# services = {
|
||||
# # Enable remote management
|
||||
# WinRm = {
|
||||
# Status = "Running";
|
||||
# PassThru = true;
|
||||
# };
|
||||
# };
|
||||
|
||||
# License key
|
||||
# productKey = "iboughtthisone";
|
||||
|
||||
# Locales
|
||||
# uiLanguage = "en-US";
|
||||
# inputLocale = "en-US";
|
||||
# userLocale = "en-US";
|
||||
# systemLocale = "en-US";
|
||||
|
||||
# packages = [
|
||||
# (
|
||||
# win.pkgs.makeMSIPkg {
|
||||
# # Note: File not in repository, it's meant as an example to subsitute
|
||||
# name = "notepadplusplus";
|
||||
# msi = ./Notepad++7.7.msi;
|
||||
# # Custom cert
|
||||
# # cert = ./notepad++-cert.cer
|
||||
# }
|
||||
# )
|
||||
# (
|
||||
# win.pkgs.makeCrossPkg {
|
||||
# name = "hello";
|
||||
# pkg = pkgs.pkgsCross.mingwW64.hello;
|
||||
# }
|
||||
# )
|
||||
# ];
|
||||
|
||||
}
|
1
artiq-fast/wfvm/bundle/.envrc
Normal file
1
artiq-fast/wfvm/bundle/.envrc
Normal file
@ -0,0 +1 @@
|
||||
use nix
|
9
artiq-fast/wfvm/bundle/default.nix
Normal file
9
artiq-fast/wfvm/bundle/default.nix
Normal file
@ -0,0 +1,9 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, lib ? pkgs.lib
|
||||
}:
|
||||
|
||||
pkgs.runCommandNoCC "win-bundle-installer.exe" {} ''
|
||||
cp ${./main.go} main.go
|
||||
env HOME=$(mktemp -d) GOOS=windows GOARCH=amd64 ${pkgs.go}/bin/go build
|
||||
mv build.exe $out
|
||||
''
|
116
artiq-fast/wfvm/bundle/main.go
Normal file
116
artiq-fast/wfvm/bundle/main.go
Normal file
@ -0,0 +1,116 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"archive/tar"
|
||||
"fmt"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
)
|
||||
|
||||
func Untar(dst string, r io.Reader) error {
|
||||
|
||||
tr := tar.NewReader(r)
|
||||
|
||||
for {
|
||||
header, err := tr.Next()
|
||||
|
||||
switch {
|
||||
|
||||
case err == io.EOF:
|
||||
return nil
|
||||
case err != nil:
|
||||
return err
|
||||
|
||||
case header == nil:
|
||||
continue
|
||||
}
|
||||
|
||||
target := filepath.Join(dst, header.Name)
|
||||
|
||||
switch header.Typeflag {
|
||||
|
||||
case tar.TypeDir:
|
||||
if _, err := os.Stat(target); err != nil {
|
||||
if err := os.MkdirAll(target, 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
case tar.TypeReg:
|
||||
f, err := os.OpenFile(target, os.O_CREATE|os.O_RDWR, os.FileMode(header.Mode))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if _, err := io.Copy(f, tr); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
f.Close()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
func InstallBundle(bundlePath string) error {
|
||||
|
||||
reader, err := os.Open(bundlePath)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
workDir, err := ioutil.TempDir("", "bundle_install")
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer os.RemoveAll(workDir)
|
||||
|
||||
err = Untar(workDir, reader)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
installScript := filepath.Join(workDir, "install.ps1")
|
||||
|
||||
cmd := exec.Command("powershell", installScript)
|
||||
cmd.Stdout = os.Stdout
|
||||
cmd.Stderr = os.Stderr
|
||||
cmd.Dir = workDir
|
||||
err = cmd.Run()
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
func main() {
|
||||
// Get path relative to binary
|
||||
baseDir, err := filepath.Abs(filepath.Dir(os.Args[0]))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
var dirs = [2]string{"bootstrap", "user"}
|
||||
|
||||
for _, pkgDir := range dirs {
|
||||
|
||||
dir := filepath.Join(baseDir, pkgDir)
|
||||
|
||||
files, err := ioutil.ReadDir(dir)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
for _, file := range files {
|
||||
bundle := filepath.Join(dir, file.Name())
|
||||
fmt.Println(fmt.Sprintf("Installing: %s", bundle))
|
||||
err := InstallBundle(bundle)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
13
artiq-fast/wfvm/bundle/shell.nix
Normal file
13
artiq-fast/wfvm/bundle/shell.nix
Normal file
@ -0,0 +1,13 @@
|
||||
{ pkgs ? import <nixpkgs> {} }:
|
||||
|
||||
pkgs.mkShell {
|
||||
|
||||
buildInputs = [
|
||||
pkgs.go
|
||||
];
|
||||
|
||||
shellHook = ''
|
||||
unset GOPATH
|
||||
'';
|
||||
|
||||
}
|
7
artiq-fast/wfvm/default.nix
Normal file
7
artiq-fast/wfvm/default.nix
Normal file
@ -0,0 +1,7 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
}:
|
||||
|
||||
{
|
||||
makeWindowsImage = attrs: import ./win.nix ({ inherit pkgs; } // attrs);
|
||||
pkgs = import ./pkgs.nix { inherit pkgs; };
|
||||
}
|
99
artiq-fast/wfvm/install.nix
Normal file
99
artiq-fast/wfvm/install.nix
Normal file
@ -0,0 +1,99 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, diskImageSize ? "22G"
|
||||
, qemuMem ? "4G"
|
||||
,
|
||||
}:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
windowsIso = fetchurl {
|
||||
url = "https://software-download.microsoft.com/download/sg/17763.107.101029-1455.rs5_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso";
|
||||
sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
|
||||
};
|
||||
anaconda = fetchurl {
|
||||
url = "https://repo.anaconda.com/archive/Anaconda3-2019.03-Windows-x86_64.exe";
|
||||
sha256 = "1f9icm5rwab6l1f23a70dw0qixzrl62wbglimip82h4zhxlh3jfj";
|
||||
};
|
||||
|
||||
escape = builtins.replaceStrings [ "\\" ] [ "\\\\" ];
|
||||
qemu = import ./qemu.nix {
|
||||
inherit pkgs qemuMem;
|
||||
diskImage = "c.img";
|
||||
};
|
||||
# Double-escape because we produce a script from a shell heredoc
|
||||
ssh = cmd: qemu.ssh (escape cmd);
|
||||
scp = qemu.scp;
|
||||
|
||||
sshCondaEnv = cmd: ssh "anaconda\\scripts\\activate && ${cmd}";
|
||||
condaEnv = "artiq-env";
|
||||
condaDepSpecs =
|
||||
builtins.concatStringsSep " "
|
||||
(
|
||||
map (s: "\"${s}\"")
|
||||
(import ../conda-artiq-deps.nix)
|
||||
);
|
||||
|
||||
instructions =
|
||||
builtins.toFile "install.txt"
|
||||
(builtins.readFile ./install.txt);
|
||||
in
|
||||
stdenv.mkDerivation {
|
||||
name = "windows-installer";
|
||||
src = windowsIso;
|
||||
setSourceRoot = "sourceRoot=`pwd`";
|
||||
unpackCmd = ''
|
||||
ln -s $curSrc windows.iso
|
||||
'';
|
||||
propagatedBuildInputs = qemu.inputs;
|
||||
dontBuild = true;
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin $out/data
|
||||
ln -s $(readlink windows.iso) $out/data/windows.iso
|
||||
cat > $out/bin/windows-installer.sh << EOF
|
||||
#!/usr/bin/env bash
|
||||
set -e -m
|
||||
|
||||
${qemu.qemu-img} create -f qcow2 c.img ${diskImageSize}
|
||||
${qemu.runQemu false [] [
|
||||
"-boot"
|
||||
"order=d"
|
||||
"-drive"
|
||||
"file=c.img,index=0,media=disk,cache=unsafe"
|
||||
"-drive"
|
||||
"file=$out/data/windows.iso,index=1,media=cdrom,cache=unsafe"
|
||||
]} &
|
||||
cat ${instructions}
|
||||
wait
|
||||
EOF
|
||||
|
||||
cat > $out/bin/anaconda-installer.sh << EOF
|
||||
#!/usr/bin/env bash
|
||||
set -e -m
|
||||
|
||||
${qemu.runQemu false [] [
|
||||
"-boot"
|
||||
"order=c"
|
||||
"-drive"
|
||||
"file=c.img,index=0,media=disk"
|
||||
]} &
|
||||
sleep 10
|
||||
${ssh "ver"}
|
||||
|
||||
${scp anaconda "Anaconda.exe"}
|
||||
${ssh "start /wait \"\" Anaconda.exe /S /D=%cd%\\anaconda"}
|
||||
|
||||
${sshCondaEnv "conda config --add channels conda-forge"}
|
||||
${sshCondaEnv "conda config --add channels m-labs"}
|
||||
( ${sshCondaEnv "conda update -y conda"} ) || true
|
||||
${sshCondaEnv "conda update -y --all"}
|
||||
${sshCondaEnv "conda create -y -n ${condaEnv}"}
|
||||
${sshCondaEnv "conda install -y -n ${condaEnv} ${condaDepSpecs}"}
|
||||
${ssh "shutdown /p /f"}
|
||||
|
||||
echo "Waiting for qemu exit"
|
||||
wait
|
||||
EOF
|
||||
chmod a+x $out/bin/*.sh
|
||||
'';
|
||||
}
|
32
artiq-fast/wfvm/manual-test-run.nix
Normal file
32
artiq-fast/wfvm/manual-test-run.nix
Normal file
@ -0,0 +1,32 @@
|
||||
# This runs `run-test.nix` with `nix-build`
|
||||
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, artiqpkgs ? import ../. { inherit pkgs; }
|
||||
, diskImage ? (import ./build.nix { inherit pkgs; })
|
||||
, qemuMem ? "2G"
|
||||
, testTimeout ? 180
|
||||
}:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
windowsRunner = overrides:
|
||||
import ./run-test.nix (
|
||||
{
|
||||
inherit pkgs diskImage qemuMem testTimeout;
|
||||
sipycoPkg = artiqpkgs.conda-sipyco;
|
||||
artiqPkg = artiqpkgs.conda-artiq;
|
||||
} // overrides
|
||||
);
|
||||
in
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "windows-test";
|
||||
|
||||
phases = [ "installPhase" "checkPhase" ];
|
||||
installPhase = "touch $out";
|
||||
doCheck = true;
|
||||
checkPhase = ''
|
||||
${windowsRunner { testCommand = "set ARTIQ_ROOT=%cd%\\anaconda\\envs\\artiq-env\\Lib\\site-packages\\artiq\\examples\\kc705_nist_clock&&python -m unittest discover -v artiq.test"; }}/bin/run.sh
|
||||
'';
|
||||
}
|
1
artiq-fast/wfvm/openssh/README.md
Normal file
1
artiq-fast/wfvm/openssh/README.md
Normal file
@ -0,0 +1 @@
|
||||
This file is not publicaly acessible anywhere so had to be extracted from a connected instance
|
BIN
artiq-fast/wfvm/openssh/server-package.cab
Normal file
BIN
artiq-fast/wfvm/openssh/server-package.cab
Normal file
Binary file not shown.
110
artiq-fast/wfvm/pkgs.nix
Normal file
110
artiq-fast/wfvm/pkgs.nix
Normal file
@ -0,0 +1,110 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, lib ? pkgs.lib
|
||||
}:
|
||||
|
||||
/*
|
||||
|
||||
This file creates a simple custom simple bundle format containing
|
||||
a powershell script plus any required executables and assets.
|
||||
|
||||
These are assets that are only handled in the pure build steps.
|
||||
|
||||
Impure packages are installed in _another_ step that runs impurely outside of
|
||||
the Nix sandbox.
|
||||
|
||||
*/
|
||||
|
||||
let
|
||||
|
||||
makeBundle =
|
||||
{ name
|
||||
, bundle
|
||||
}: pkgs.runCommandNoCC "${name}-archive.tar" {} ''
|
||||
cp -r -L ${bundle} build
|
||||
tar -cpf $out -C build .
|
||||
'';
|
||||
|
||||
|
||||
in
|
||||
rec {
|
||||
|
||||
/*
|
||||
Make a custom install bundle
|
||||
*/
|
||||
makePkg =
|
||||
{ name
|
||||
, src
|
||||
, installScript
|
||||
}: let
|
||||
installScript_ = pkgs.writeText "${name}-install-script" installScript;
|
||||
|
||||
bundle = pkgs.runCommandNoCC "${name}-bundle" {} ''
|
||||
mkdir build
|
||||
ln -s ${src} build/"$(stripHash "${src}")"
|
||||
ln -s ${installScript_} build/install.ps1
|
||||
mv build $out
|
||||
'';
|
||||
in
|
||||
makeBundle {
|
||||
inherit name bundle;
|
||||
};
|
||||
|
||||
|
||||
/*
|
||||
Make an install bundle from a .msi
|
||||
*/
|
||||
makeMSIPkg =
|
||||
{ name
|
||||
, msi
|
||||
, cert ? null
|
||||
, ADDLOCAL ? []
|
||||
, preInstall ? ""
|
||||
, postInstall ? ""
|
||||
}: let
|
||||
installScript = pkgs.writeText "${name}-install-script" ''
|
||||
${preInstall}
|
||||
${if cert != null then "certutil.exe -f -addstore TrustedPublisher cert.cer" else ""}
|
||||
msiexec.exe /i .\${name}.msi ${if ADDLOCAL != [] then "ADDLOCAL=" else ""}${lib.concatStringsSep "," ADDLOCAL}
|
||||
${postInstall}
|
||||
'';
|
||||
|
||||
bundle = pkgs.runCommandNoCC "${name}-bundle" {} ''
|
||||
mkdir build
|
||||
ln -s ${msi} build/${name}.msi
|
||||
${if cert != null then "ln -s ${cert} build/cert.cer" else ""}
|
||||
ln -s ${installScript} build/install.ps1
|
||||
mv build $out
|
||||
'';
|
||||
in
|
||||
makeBundle {
|
||||
inherit name bundle;
|
||||
};
|
||||
|
||||
/*
|
||||
Nix cross-built packages
|
||||
*/
|
||||
makeCrossPkg =
|
||||
{ name
|
||||
, pkg
|
||||
, destination ? ''C:\Program Files\${name}\''
|
||||
, preInstall ? ""
|
||||
, postInstall ? ""
|
||||
}: let
|
||||
installScript = pkgs.writeText "${name}-install-script" ''
|
||||
${preInstall}
|
||||
Copy-Item pkg -Destination "${destination}"
|
||||
${postInstall}
|
||||
'';
|
||||
|
||||
bundle = pkgs.runCommandNoCC "${name}-bundle" {} ''
|
||||
mkdir -p build/pkg
|
||||
ln -s ${pkg} build/pkg
|
||||
ln -s ${installScript} build/install.ps1
|
||||
mv build $out
|
||||
'';
|
||||
in
|
||||
makeBundle {
|
||||
inherit name bundle;
|
||||
};
|
||||
|
||||
}
|
63
artiq-fast/wfvm/qemu.nix
Normal file
63
artiq-fast/wfvm/qemu.nix
Normal file
@ -0,0 +1,63 @@
|
||||
{ pkgs
|
||||
, qemuMem
|
||||
, sshUser ? "user"
|
||||
, sshPassword ? "user"
|
||||
,
|
||||
}:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
qemu-img = "${qemu_kvm}/bin/qemu-img";
|
||||
runQemu = isolateNetwork: forwardedPorts: extraArgs:
|
||||
let
|
||||
restrict =
|
||||
if isolateNetwork
|
||||
then "on"
|
||||
else "off";
|
||||
# use socat instead of `tcp:…` to allow multiple connections
|
||||
guestfwds =
|
||||
builtins.concatStringsSep ""
|
||||
(
|
||||
map (
|
||||
{ listenAddr, targetAddr, port }:
|
||||
",guestfwd=tcp:${listenAddr}:${toString port}-cmd:${socat}/bin/socat\\ -\\ tcp:${targetAddr}:${toString port}"
|
||||
) forwardedPorts
|
||||
);
|
||||
args = [
|
||||
"-enable-kvm"
|
||||
"-m"
|
||||
qemuMem
|
||||
"-bios"
|
||||
"${OVMF.fd}/FV/OVMF.fd"
|
||||
"-netdev"
|
||||
"user,id=n1,net=192.168.1.0/24,restrict=${restrict},hostfwd=tcp::2022-:22${guestfwds}"
|
||||
"-device"
|
||||
"e1000,netdev=n1"
|
||||
];
|
||||
argStr = builtins.concatStringsSep " " (args ++ extraArgs);
|
||||
in
|
||||
"${qemu_kvm}/bin/qemu-system-x86_64 ${argStr}";
|
||||
|
||||
# Pass empty config file to prevent ssh from failing to create ~/.ssh
|
||||
sshOpts = "-F /dev/null -o StrictHostKeyChecking=accept-new -o UserKnownHostsFile=\$TMP/known_hosts";
|
||||
sshWithQuotes = quotes: cmd: ''
|
||||
echo ssh windows ${quotes}${cmd}${quotes}
|
||||
${sshpass}/bin/sshpass -p${sshPassword} -- \
|
||||
${openssh}/bin/ssh -np 2022 ${sshOpts} \
|
||||
${sshUser}@localhost \
|
||||
${quotes}${cmd}${quotes}
|
||||
'';
|
||||
ssh = sshWithQuotes "'";
|
||||
scp = src: target: ''
|
||||
echo "Copy ${src} to ${target}"
|
||||
${sshpass}/bin/sshpass -p${sshPassword} -- \
|
||||
${openssh}/bin/scp -P 2022 ${sshOpts} \
|
||||
"${src}" "${sshUser}@localhost:${target}"
|
||||
'';
|
||||
|
||||
in
|
||||
{
|
||||
inherit qemu-img runQemu ssh sshWithQuotes scp;
|
||||
inputs = [ qemu_kvm openssh sshpass ];
|
||||
}
|
91
artiq-fast/wfvm/run-test.nix
Normal file
91
artiq-fast/wfvm/run-test.nix
Normal file
@ -0,0 +1,91 @@
|
||||
{ pkgs
|
||||
, sipycoPkg
|
||||
, artiqPkg
|
||||
, diskImage ? (import ./build.nix { inherit pkgs; })
|
||||
, qemuMem ? "2G"
|
||||
, testTimeout ? 600
|
||||
, testCommand ? "python -m unittest discover -v sipyco.test && python -m unittest discover -v artiq.test"
|
||||
,
|
||||
}:
|
||||
|
||||
with pkgs;
|
||||
|
||||
let
|
||||
escape = builtins.replaceStrings [ "\\" ] [ "\\\\" ];
|
||||
qemu = import ./qemu.nix {
|
||||
inherit pkgs qemuMem;
|
||||
};
|
||||
# Double-escape because we produce a script from a shell heredoc
|
||||
ssh = cmd: qemu.ssh (escape cmd);
|
||||
sshUnquoted = qemu.sshWithQuotes "\"";
|
||||
scp = qemu.scp;
|
||||
condaEnv = "artiq-env";
|
||||
tcpPorts = [ 1380 1381 1382 1383 ];
|
||||
forwardedPorts =
|
||||
map (
|
||||
port: {
|
||||
listenAddr = "192.168.1.50";
|
||||
targetAddr = "192.168.1.50";
|
||||
inherit port;
|
||||
}
|
||||
) tcpPorts;
|
||||
in
|
||||
|
||||
stdenv.mkDerivation {
|
||||
name = "windows-test-runner";
|
||||
|
||||
# Dummy sources
|
||||
src = pkgs.runCommandNoCC "dummy" {} "touch $out";
|
||||
dontUnpack = true;
|
||||
|
||||
propagatedBuildInputs = qemu.inputs;
|
||||
dontBuild = true;
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cat > $out/bin/run.sh << EOF
|
||||
#!/usr/bin/env bash
|
||||
set -e -m
|
||||
|
||||
cp ${diskImage} c.img
|
||||
|
||||
${qemu.runQemu true forwardedPorts [
|
||||
"-boot"
|
||||
"order=c"
|
||||
"-snapshot"
|
||||
"-drive"
|
||||
"file=c.img,index=0,media=disk,cache=unsafe"
|
||||
"-display"
|
||||
"none"
|
||||
]} &
|
||||
|
||||
echo "Wait for Windows to boot"
|
||||
sleep 30
|
||||
${ssh "ver"}
|
||||
i=0
|
||||
for pkg in ${sipycoPkg}/noarch/sipyco*.tar.bz2 ${artiqPkg}/noarch/artiq*.tar.bz2 ; do
|
||||
${scp "\\$pkg" "to_install\\$i.tar.bz2"}
|
||||
${sshUnquoted "anaconda\\scripts\\activate ${condaEnv} && conda install to_install\\$i.tar.bz2"}
|
||||
((i=i+1))
|
||||
done
|
||||
|
||||
# Schedule a timed shutdown against hanging test runs
|
||||
${ssh "shutdown -s -t ${toString testTimeout}"}
|
||||
|
||||
FAIL=n
|
||||
( ${ssh "anaconda\\scripts\\activate ${condaEnv} && ${testCommand}"} ) || FAIL=y
|
||||
|
||||
# Abort timeouted shutdown
|
||||
${ssh "shutdown -a"}
|
||||
# Power off immediately
|
||||
${ssh "shutdown -p -f"}
|
||||
wait
|
||||
|
||||
if [ "\$FAIL" = "y" ]; then
|
||||
exit 1
|
||||
else
|
||||
exit 0
|
||||
fi
|
||||
EOF
|
||||
chmod a+x $out/bin/run.sh
|
||||
'';
|
||||
}
|
264
artiq-fast/wfvm/win.nix
Normal file
264
artiq-fast/wfvm/win.nix
Normal file
@ -0,0 +1,264 @@
|
||||
{ pkgs ? import <nixpkgs> {}
|
||||
, lib ? pkgs.lib
|
||||
, diskImageSize ? "22G"
|
||||
, qemuMem ? "4G"
|
||||
, windowsImage ? null
|
||||
, autoUnattendParams ? {}
|
||||
, packages ? []
|
||||
, impureMode ? false
|
||||
, baseRtc ? "2020-04-20T14:21:42"
|
||||
, installCommands ? []
|
||||
, users ? {}
|
||||
, ...
|
||||
}@attrs:
|
||||
|
||||
let
|
||||
# qemu_test is a smaller closure only building for a single system arch
|
||||
qemu = pkgs.qemu_test;
|
||||
libguestfs = pkgs.libguestfs-with-appliance;
|
||||
|
||||
# p7zip on >20.03 has known vulns but we have no better option
|
||||
p7zip = pkgs.p7zip.overrideAttrs(old: {
|
||||
meta = old.meta // {
|
||||
knownVulnerabilities = [];
|
||||
};
|
||||
});
|
||||
|
||||
runQemuCommand = name: command: (
|
||||
pkgs.runCommandNoCC name { buildInputs = [ p7zip qemu libguestfs ]; }
|
||||
(
|
||||
''
|
||||
if ! test -f; then
|
||||
echo "KVM not available, bailing out" >> /dev/stderr
|
||||
exit 1
|
||||
fi
|
||||
'' + command
|
||||
)
|
||||
);
|
||||
|
||||
windowsIso = if windowsImage != null then windowsImage else pkgs.fetchurl {
|
||||
url = "https://software-download.microsoft.com/download/sg/17763.107.101029-1455.rs5_release_svc_refresh_CLIENT_LTSC_EVAL_x64FRE_en-us.iso";
|
||||
sha256 = "668fe1af70c2f7416328aee3a0bb066b12dc6bbd2576f40f812b95741e18bc3a";
|
||||
};
|
||||
|
||||
openSshServerPackage = ./openssh/server-package.cab;
|
||||
|
||||
autounattend = import ./autounattend.nix (
|
||||
attrs // {
|
||||
inherit pkgs;
|
||||
}
|
||||
);
|
||||
|
||||
bundleInstaller = pkgs.callPackage ./bundle {};
|
||||
|
||||
# Packages required to drive installation of other packages
|
||||
bootstrapPkgs = let
|
||||
winPkgs = import ./pkgs.nix { inherit pkgs; };
|
||||
|
||||
in
|
||||
runQemuCommand "bootstrap-win-pkgs.img" ''
|
||||
mkdir pkgs
|
||||
mkdir pkgs/bootstrap
|
||||
mkdir pkgs/user
|
||||
mkdir pkgs/fod
|
||||
|
||||
cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
|
||||
|
||||
# Install optional windows features
|
||||
|
||||
cp ${openSshServerPackage} pkgs/fod/OpenSSH-Server-Package~31bf3856ad364e35~amd64~~.cab
|
||||
|
||||
# SSH setup script goes here because windows XML parser sucks
|
||||
cp ${autounattend.setupScript} pkgs/ssh-setup.ps1
|
||||
|
||||
${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)}
|
||||
|
||||
virt-make-fs --partition --type=fat pkgs/ $out
|
||||
'';
|
||||
|
||||
mkQemuFlags = extraFlags: [
|
||||
"-enable-kvm"
|
||||
"-cpu"
|
||||
"host"
|
||||
"-smp"
|
||||
"$NIX_BUILD_CORES"
|
||||
"-m"
|
||||
"${qemuMem}"
|
||||
"-bios"
|
||||
"${pkgs.OVMF.fd}/FV/OVMF.fd"
|
||||
"-vga"
|
||||
"virtio"
|
||||
"-device"
|
||||
"piix3-usb-uhci" # USB root hub
|
||||
# "CD" drive with windows features-on-demand
|
||||
# "-cdrom" "${fodIso}"
|
||||
# Set the base clock inside the VM
|
||||
"-rtc base=${baseRtc}"
|
||||
# Always enable SSH port forward
|
||||
# It's not really required for the initial setup but we do it here anyway
|
||||
"-netdev user,id=n1,net=192.168.1.0/24,restrict=off,hostfwd=tcp::2022-:22"
|
||||
"-device e1000,netdev=n1"
|
||||
] ++ lib.optional (!impureMode) "-nographic" ++ extraFlags;
|
||||
|
||||
installScript = pkgs.writeScript "windows-install-script" (
|
||||
let
|
||||
qemuParams = mkQemuFlags [
|
||||
# "CD" drive with bootstrap pkgs
|
||||
"-drive"
|
||||
"id=virtio-win,file=${bootstrapPkgs},if=none,format=raw,readonly=on"
|
||||
"-device"
|
||||
"usb-storage,drive=virtio-win"
|
||||
# USB boot
|
||||
"-drive"
|
||||
"id=win-install,file=usbimage.img,if=none,format=raw,readonly=on"
|
||||
"-device"
|
||||
"usb-storage,drive=win-install"
|
||||
# Output image
|
||||
"-drive"
|
||||
"file=c.img,index=0,media=disk,cache=unsafe"
|
||||
];
|
||||
in
|
||||
''
|
||||
#!${pkgs.runtimeShell}
|
||||
set -euxo pipefail
|
||||
export PATH=${lib.makeBinPath [ p7zip qemu libguestfs ]}:$PATH
|
||||
|
||||
if test -z "''${NIX_BUILD_CORES+x}"; then
|
||||
export NIX_BUILD_CORES=$(nproc)
|
||||
fi
|
||||
|
||||
# Create a bootable "USB" image
|
||||
# Booting in USB mode circumvents the "press any key to boot from cdrom" prompt
|
||||
#
|
||||
# Also embed the autounattend answer file in this image
|
||||
mkdir -p win
|
||||
mkdir -p win/nix-win
|
||||
7z x -y ${windowsIso} -owin
|
||||
|
||||
cp ${autounattend.autounattendXML} win/autounattend.xml
|
||||
|
||||
virt-make-fs --partition --type=fat win/ usbimage.img
|
||||
rm -rf win
|
||||
|
||||
# Qemu requires files to be rw
|
||||
qemu-img create -f qcow2 c.img ${diskImageSize}
|
||||
env NIX_BUILD_CORES="''${NIX_BUILD_CORES:4}" qemu-system-x86_64 ${lib.concatStringsSep " " qemuParams}
|
||||
''
|
||||
);
|
||||
|
||||
baseImage = pkgs.runCommandNoCC "windows.img" {} ''
|
||||
${installScript}
|
||||
mv c.img $out
|
||||
'';
|
||||
|
||||
# Use Paramiko instead of OpenSSH
|
||||
#
|
||||
# OpenSSH goes out of it's way to make password logins hard
|
||||
# and Windows goes out of it's way to make key authentication hard
|
||||
# so we're in a pretty tough spot
|
||||
#
|
||||
# Luckily the usage patterns are quite simple and easy to reimplement with paramiko
|
||||
paramikoClient = pkgs.writeScriptBin "win" ''
|
||||
#!${pkgs.python3.withPackages(ps: [ ps.paramiko ])}/bin/python
|
||||
import paramiko
|
||||
import os.path
|
||||
import sys
|
||||
|
||||
|
||||
def w_join(*args):
|
||||
# Like os.path.join but for windows paths
|
||||
return "\\".join(args)
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
client = paramiko.SSHClient()
|
||||
client.set_missing_host_key_policy(paramiko.client.AutoAddPolicy)
|
||||
|
||||
|
||||
cmd = sys.argv[1]
|
||||
|
||||
try:
|
||||
client.connect(hostname="127.0.0.1", port=2022, username="artiq", password="${users.artiq.password}", timeout=1)
|
||||
|
||||
if cmd == "put":
|
||||
sftp = client.open_sftp()
|
||||
src = sys.argv[2]
|
||||
dst = sys.argv[3]
|
||||
sftp.put(src, w_join(dst, os.path.basename(src)))
|
||||
|
||||
elif cmd == "exec":
|
||||
_, stdout, stderr = client.exec_command(sys.argv[2])
|
||||
|
||||
sys.stdout.write(stdout.read().strip().decode())
|
||||
sys.stdout.flush()
|
||||
|
||||
sys.stderr.write(stderr.read().strip().decode())
|
||||
sys.stderr.flush()
|
||||
|
||||
else:
|
||||
raise ValueError(f"Unhandled command: {cmd}")
|
||||
except (EOFError, paramiko.ssh_exception.SSHException):
|
||||
exit(1)
|
||||
'';
|
||||
|
||||
finalImage = builtins.foldl' (acc: v: pkgs.runCommandNoCC "${v.name}.img" {
|
||||
buildInputs = [
|
||||
paramikoClient
|
||||
qemu
|
||||
];
|
||||
} (let
|
||||
script = pkgs.writeScript "${v.name}-script" v.script;
|
||||
qemuParams = mkQemuFlags [
|
||||
# Output image
|
||||
"-drive"
|
||||
"file=c.img,index=0,media=disk,cache=unsafe"
|
||||
];
|
||||
|
||||
in ''
|
||||
export HOME=$(mktemp -d)
|
||||
|
||||
# Create an image referencing the previous image in the chain
|
||||
qemu-img create -f qcow2 -b ${acc} c.img
|
||||
|
||||
qemu-system-x86_64 ${lib.concatStringsSep " " qemuParams} &
|
||||
|
||||
# If the machine is not up within 10 minutes it's likely never coming up
|
||||
timeout=600
|
||||
|
||||
# Wait for VM to be accessible
|
||||
sleep 20
|
||||
echo "Waiting for SSH"
|
||||
while true; do
|
||||
if test "$timeout" -eq 0; then
|
||||
echo "SSH connection timed out"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
output=$(win exec 'echo Ran command' || echo "")
|
||||
if test "$output" = "Ran command"; then
|
||||
break
|
||||
fi
|
||||
|
||||
echo "Retrying in 1 second, timing out in $timeout seconds"
|
||||
|
||||
((timeout=$timeout-1))
|
||||
|
||||
sleep 1
|
||||
done
|
||||
|
||||
echo "Executing user script to build layer"
|
||||
|
||||
${script}
|
||||
|
||||
# Allow install to "settle"
|
||||
sleep 20
|
||||
|
||||
win exec 'shutdown /s'
|
||||
|
||||
mv c.img $out
|
||||
'')) baseImage installCommands;
|
||||
|
||||
in
|
||||
|
||||
# impureMode is meant for debugging the base image, not the full incremental build process
|
||||
if !(impureMode) then finalImage else assert installCommands == []; installScript
|
Loading…
Reference in New Issue
Block a user