From a4d0e10cc4fd0df9ba0dff3fbb6c54b4d62e2d66 Mon Sep 17 00:00:00 2001
From: Daniel Lundin <dln@arity.se>
Date: Thu, 14 Nov 2024 20:06:23 +0100
Subject: [PATCH] chore: cleanup
---
modules/image/disk/:w | 128 ------------------------------------------
overlays/default.nix | 21 -------
2 files changed, 149 deletions(-)
delete mode 100644 modules/image/disk/:w
delete mode 100644 overlays/default.nix
diff --git a/modules/image/disk/:w b/modules/image/disk/:w
deleted file mode 100644
index 2862e18..0000000
--- a/modules/image/disk/:w
+++ /dev/null
@@ -1,128 +0,0 @@
-{
- config,
- lib,
- pkgs,
- ...
-}:
-{
-
- imports = [
- ./updater.nix
- ./ssh.nix
- ./builder.nix
- ./veritysetup.nix
- ];
-
- system.build.updatePackage = pkgs.runCommand "update-package" { } ''
- mkdir "$out"
- cd "$out"
- cp "${config.system.build.image}"/* .
- ${pkgs.coreutils}/bin/sha256sum * > SHA256SUMS
- '';
-
- boot.initrd.systemd.enable = true;
-
- boot.initrd.systemd.repart.enable = true;
- systemd.repart.partitions = {
- "10-esp" = {
- Type = "esp";
- Format = "vfat";
- SizeMinBytes = "96M";
- SizeMaxBytes = "96M";
- };
- "20-root-verity-a" = {
- Type = "root-verity";
- SizeMinBytes = "64M";
- SizeMaxBytes = "64M";
- };
- "22-root-a" = {
- Type = "root";
- SizeMinBytes = "512M";
- SizeMaxBytes = "512M";
- };
- "30-root-verity-b" = {
- Type = "root-verity";
- SizeMinBytes = "64M";
- SizeMaxBytes = "64M";
- Label = "_empty";
- ReadOnly = 1;
- };
- "32-root-b" = {
- Type = "root";
- SizeMinBytes = "512M";
- SizeMaxBytes = "512M";
- Label = "_empty";
- ReadOnly = 1;
- };
- "40-home" = {
- Type = "home";
- Format = "btrfs";
- SizeMinBytes = "512M";
- Encrypt = "tpm2";
- };
- };
-
- boot.initrd.compressor = "zstd";
- boot.initrd.compressorArgs = [ "-8" ];
-
- boot.loader.grub.enable = false;
-
- boot.initrd.luks.forceLuksSupportInInitrd = true;
- boot.initrd.kernelModules = [
- "dm_mod"
- "dm_crypt"
- ] ++ config.boot.initrd.luks.cryptoModules;
-
- boot.initrd.supportedFilesystems = {
- btrfs = true;
- erofs = true;
- };
-
- system.etc.overlay.mutable = false;
- users.mutableUsers = false;
-
- boot.initrd.systemd.services.systemd-repart.after = lib.mkForce [ "sysroot.mount" ];
- boot.initrd.systemd.services.systemd-repart.requires = [ "sysroot.mount" ];
-
- boot.kernelParams = [
- "rootfstype=erofs"
- "rootflags=ro"
- "roothash=${config.system.build.verityRootHash}"
- ];
-
- fileSystems."/var" = {
- fsType = "tmpfs";
- options = [ "mode=0755" ];
- };
-
- # Required to mount the efi partition
- boot.kernelModules = [
- "vfat"
- "nls_cp437"
- "nls_iso8859-1"
- ];
-
- # Store SSH host keys on /home since /etc is read-only
- services.openssh.hostKeys = [
- {
- path = "/home/.ssh/ssh_host_ed25519_key";
- type = "ed25519";
- }
- ];
-
- environment.etc."machine-id" = {
- text = "";
- mode = "0755";
- };
-
- boot.initrd.systemd.services.systemd-repart.serviceConfig.Environment = [
- "SYSTEMD_REPART_MKFS_OPTIONS_BTRFS=--nodiscard"
- ];
-
- # Refuse to boot on mount failure
- systemd.targets."sysinit".requires = [ "local-fs.target" ];
-
- # Make sure home gets mounted
- systemd.targets."local-fs".requires = [ "home.mount" ];
-
-}
diff --git a/overlays/default.nix b/overlays/default.nix
deleted file mode 100644
index 31634f8..0000000
--- a/overlays/default.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-final: prev: {
- # Build mkfs.erofs with zstd support
- erofs-utils = prev.erofs-utils.overrideAttrs (old: {
- buildInputs = old.buildInputs ++ [ prev.zstd ];
- configureFlags = old.configureFlags ++ [
- "--enable-multithreading"
- "--enable-zstd"
- ];
- });
-
- ## FIXME: Revisit + refine these below in a future image minimization effort
-
- # util-linux = prev.util-linux.override {
- # ncursesSupport = false;
- # nlsSupport = false;
- # };
- #
- # dbus = prev.dbus.override {
- # x11Support = false;
- # };
-}