Sketch for extension services

2024-10-04 20:39:07 +02:00 · 2024-10-04 20:39:07 +02:00 · a84b34a441
commit a84b34a441
parent 07039d2ae2
6 changed files with 73 additions and 11 deletions
--- a/base.nix
+++ b/base.nix
@ -1,12 +1,13 @@
 { ... }:
 {
  imports = [
-    ./modules/system_overrides.nix
-    ./modules/minimize.nix
-    ./modules/generic.nix
    ./modules/filesystems.nix
-    ./modules/partitions.nix
+    ./modules/generic.nix
+    ./modules/minimize.nix
    ./modules/network.nix
+    ./modules/patagia-agent.nix
+    ./modules/partitions.nix
+    ./modules/system_overrides.nix
    ./modules/sysupdate.nix
    ./modules/utils.nix
  ];
--- a/modules/generic.nix
+++ b/modules/generic.nix
@ -7,11 +7,31 @@
 {

  boot = {
-    uki.name = "patos";
-    kernelParams = [ "console=ttyS0" ];
+    enableContainers = false;
    initrd.systemd.enable = true;
+    kernelParams = [
+      "console=ttyS0"
+      # "quiet"
+    ];
+    loader.efi.canTouchEfiVariables = true;
+    loader.grub.enable = false;
+    loader.systemd-boot.enable = true;
+    uki.name = "patos";
  };

+  # Temporary files
+  boot.tmp.useTmpfs = true;
+  systemd.services.nix-daemon = {
+    environment.TMPDIR = "/var/tmp";
+  };
+
+  system.switch = {
+    enable = false;
+    enableNg = true;
+  };
+
+  services.fstrim.enable = true;
+
  system.nixos = {
    codeName = "Finn";
    distroId = "patos";
--- a/modules/minimize.nix
+++ b/modules/minimize.nix
@ -4,10 +4,6 @@
    "${modulesPath}/profiles/minimal.nix"
  ];

-  boot.enableContainers = false;
-  boot.loader.grub.enable = false;
-
-  system.switch.enable = false;
  nix.enable = false;

  system.etc.overlay.enable = true;
--- a/modules/partitions.nix
+++ b/modules/partitions.nix
@ -29,8 +29,9 @@
            # systemd-boot configuration
            "/loader/loader.conf".source = (
              pkgs.writeText "$out" ''
-                timeout 3
+                timeout 0
              ''
+              # FIXME: should not be 0 in prod
            );
          };
          repartConfig = {
--- a/modules/patagia-agent.nix
+++ b/modules/patagia-agent.nix
@ -0,0 +1,39 @@
+{
+  pkgs,
+  utils,
+  ...
+}:
+
+{
+
+  system.activationScripts.patagia-agent = ''
+    mkdir -p /var/lib/extensions
+    mkdir -p /etc/systemd/extensions
+  '';
+
+  environment.etc."sysupdate.patagia-agent.d".source =
+    let
+      format = pkgs.formats.ini { listToValue = toString; };
+    in
+    utils.systemdUtils.lib.definitions "sysupdate.patagia-agent.d" format {
+      "10-image.conf" = {
+        Source = {
+          MatchPattern = "patagia-agent_@v.raw";
+          Path = "https://images.dl.patagia.dev/patagia-agent/";
+          Type = "url-file";
+        };
+
+        Target = {
+          InstancesMax = 2;
+          Path = "/var/lib/extensions";
+          CurrentSymlink = "/etc/systemd/extensions/patagia-agent.raw";
+          Type = "regular-file";
+          MatchPattern = "patagia-agent_@v.raw";
+        };
+
+        Transfer = {
+          Verify = "no"; # FIXME: verify
+        };
+      };
+    };
+}
--- a/modules/sysupdate.nix
+++ b/modules/sysupdate.nix
@ -54,6 +54,7 @@ in
        };
        Transfer = {
          ProtectVersion = "%A";
+          Verify = "no";
        };
      };

@ -79,7 +80,11 @@ in
          Type = "partition";
          ReadOnly = "yes";
        };
+        Transfer = {
+          Verify = "no";
+        };
      };
+
    };
  };
 }