feat(image): install upstream kexec which now have support for UKIs

2025-02-26 14:35:58 +01:00 · 2025-02-26 14:35:58 +01:00 · 7365ef8918
commit 7365ef8918
parent 0a0e9127e0
13 changed files with 74 additions and 7 deletions
--- a/pkgs/image/default.nix
+++ b/pkgs/image/default.nix
@ -0,0 +1,36 @@
+{
+  pkgs,
+  stdenvNoCC,
+  patosPkgs,
+  version,
+  ...
+}:
+let
+  pname = "patos-image";
+in
+stdenvNoCC.mkDerivation (finalAttrs: {
+  inherit version;
+  inherit pname;
+
+  buildInputs = with pkgs; [
+    erofs-utils
+    dosfstools
+    mtools
+    e2fsprogs
+  ];
+
+  env = {
+    # vfat options won't efi won't find the fs otherwise.
+    SYSTEMD_REPART_MKFS_OPTIONS_VFAT = "-S 512 -c";
+  };
+
+  systemd = patosPkgs.systemd.out;
+  kernel = patosPkgs.kernel.kernel;
+  initrd = patosPkgs.initrd.out;
+  rootfs = patosPkgs.rootfs.out;
+
+  #FIXME: use roothash instead of device.
+  kernelCmdLine = "root=/dev/sda2 console=ttyS0";
+
+  builder = ./mkimage.sh;
+})
--- a/pkgs/image/mkimage.sh
+++ b/pkgs/image/mkimage.sh
@ -0,0 +1,73 @@
+set -ex -o pipefail
+
+mkdir -p $out/repart.d $out/boot
+pushd $out
+
+# Don't seem to work just to create a symlink to rootfs derivation?
+# ln -sf $rootfs rootfs
+mkdir rootfs
+cp -prP $rootfs/* rootfs/
+find rootfs/ -type d -exec chmod 755 {} \;
+
+# set default target to multi-user
+ln -sf multi-user.target rootfs/usr/lib/systemd/system/default.target
+
+# mount /etc overlay and patos state
+ln -sf ../etc.mount rootfs/usr/lib/systemd/system/local-fs.target.wants/etc.mount
+ln -sf ../var.mount rootfs/usr/lib/systemd/system/sysinit.target.wants/var.mount
+
+# enable dbus
+ln -sf ../dbus.service rootfs/usr/lib/systemd/system/multi-user.target.wants/dbus.service
+ln -sf ../dbus.socket rootfs/usr/lib/systemd/system/sockets.target.wants/dbus.socket
+
+# enable network services
+ln -sf ../systemd-networkd.service rootfs/usr/lib/systemd/system/sysinit.target.wants/systemd-networkd.service
+ln -sf ../systemd-resolved.service rootfs/usr/lib/systemd/system/sysinit.target.wants/systemd-resolved.service
+ln -sf ../systemd-timesyncd.service rootfs/usr/lib/systemd/system/multi-user.target.wants/systemd-timesyncd.service
+
+# generate a temporary machine id (replace with overlay later)
+$systemd/usr/bin/systemd-machine-id-setup --root=rootfs/
+
+$systemd/usr/bin/ukify build \
+  --linux $kernel/bzImage \
+  --initrd $initrd/initrd.xz \
+  --os-release @rootfs/etc/os-release \
+  --cmdline "$kernelCmdLine" \
+  -o boot/patos.efi
+
+cp ${systemd}/usr/lib/systemd/boot/efi/systemd-bootx64.efi boot/
+
+echo "timeout 1" > boot/loader.conf
+
+cat <<EOF > repart.d/10-esp.conf
+[Partition]
+Type=esp
+Format=vfat
+SizeMinBytes=96M
+SizeMaxBytes=96M
+CopyFiles=/boot/systemd-bootx64.efi:/EFI/BOOT/BOOTX64.EFI
+CopyFiles=/boot/patos.efi:/EFI/Linux/patos.efi
+CopyFiles=/boot/loader.conf:/loader/loader.conf
+EOF
+
+cat <<EOF > repart.d/10-root.conf
+[Partition]
+Type=root
+Format=erofs
+Minimize=best
+CopyFiles=/rootfs:/
+SplitName=root
+EOF
+
+$systemd/usr/bin/systemd-repart \
+  --no-pager \
+  --empty=create \
+  --size=auto \
+  --definitions=./repart.d \
+  --root=$out \
+  patos-$version.raw
+
+rm -rf rootfs
+rm -rf boot
+
+popd