feat: kernel modules as system extensions

pkgs/image/default.nix

@@ -25,18 +25,28 @@ runCommand pname {
     SYSTEMD_REPART_MKFS_OPTIONS_EROFS = "--all-root -zlz4hc,12 -C1048576 -Efragments,dedupe,ztailpacking";
   };
 
-  kernelCmdLine = "console=ttyS0 patos.secureboot=true";
+  kernelCmdLine = "console=ttyS0 patos.secureboot=false";
 }
 ''
 mkdir -p $out/init.repart.d $out/final.repart.d
 pushd $out
 
-# Don't seem to work just to create a symlink to rootfs derivation?
-# ln -sf $rootfs rootfs
 mkdir rootfs
 cp -prP ${patosPkgs.rootfs}/* rootfs/
 find rootfs/ -type d -exec chmod 755 {} \;
 
+# package kernel modules as sysext
+pkgName="patos-kernel-modules-${version}"
+mkdir -p ./tree/usr/lib/extension-release.d
+cat << EOF > ./tree/usr/lib/extension-release.d/extension-release.patos-kernel-modules
+ID=patos
+IMAGE_ID=patos-kernel-modules
+IMAGE_VERSION=${version}
+VERSION_ID=patos
+EOF
+cp -Prp rootfs/usr/lib/modules ./tree/usr/lib/modules && rm -rf rootfs/usr/lib/modules
+tar -cJf $pkgName.tar.xz -C ./tree . --owner=root:0 --group=root:0 && rm -rf tree
+
 # set default target to multi-user
 ln -sf multi-user.target rootfs/usr/lib/systemd/system/default.target
 
@@ -127,6 +137,22 @@ ReadOnly=1
 Verify=no
 EOF
 
+cat <<EOF > rootfs/etc/sysupdate.d/30-kernel-modules.transfer
+[Source]
+Type=url-tar
+Path=${updateUrl}
+MatchPattern=patos-kernel-modules-@v.tar.xz
+
+[Target]
+Type=subvolume
+Path=/var/lib/extensions
+MatchPattern=patos-kernel-modules-@v
+CurrentSymlink=patos-kernel-modules
+
+[Transfer]
+Verify=no
+EOF
+
 
 # Initial partitioning
 cat <<EOF > init.repart.d/10-root.conf
@@ -241,8 +267,8 @@ ${patosPkgs.systemd}/usr/bin/systemd-repart \
   --root=$out \
   patos_${version}.img > final-repart-output.json
 
-rm -rf rootfs
-sha256sum *.root *.verity *.efi > SHA256SUMS
+rm -rf rootfs init.repart.d final.repart.d *.json
+sha256sum *.root *.verity *.efi *.tar.xz > SHA256SUMS
 
 popd
 ''