From a84b34a4416ec112f6ffa0667d5167d81177240e Mon Sep 17 00:00:00 2001 From: Daniel Lundin Date: Fri, 4 Oct 2024 20:39:07 +0200 Subject: [PATCH] Sketch for extension services --- base.nix | 9 +++++---- modules/generic.nix | 24 ++++++++++++++++++++++-- modules/minimize.nix | 4 ---- modules/partitions.nix | 3 ++- modules/patagia-agent.nix | 39 +++++++++++++++++++++++++++++++++++++++ modules/sysupdate.nix | 5 +++++ 6 files changed, 73 insertions(+), 11 deletions(-) create mode 100644 modules/patagia-agent.nix diff --git a/base.nix b/base.nix index 8e50f03..516a782 100644 --- a/base.nix +++ b/base.nix @@ -1,12 +1,13 @@ { ... }: { imports = [ - ./modules/system_overrides.nix - ./modules/minimize.nix - ./modules/generic.nix ./modules/filesystems.nix - ./modules/partitions.nix + ./modules/generic.nix + ./modules/minimize.nix ./modules/network.nix + ./modules/patagia-agent.nix + ./modules/partitions.nix + ./modules/system_overrides.nix ./modules/sysupdate.nix ./modules/utils.nix ]; diff --git a/modules/generic.nix b/modules/generic.nix index 1f42ec6..b350a27 100644 --- a/modules/generic.nix +++ b/modules/generic.nix @@ -7,11 +7,31 @@ { boot = { - uki.name = "patos"; - kernelParams = [ "console=ttyS0" ]; + enableContainers = false; initrd.systemd.enable = true; + kernelParams = [ + "console=ttyS0" + # "quiet" + ]; + loader.efi.canTouchEfiVariables = true; + loader.grub.enable = false; + loader.systemd-boot.enable = true; + uki.name = "patos"; }; + # Temporary files + boot.tmp.useTmpfs = true; + systemd.services.nix-daemon = { + environment.TMPDIR = "/var/tmp"; + }; + + system.switch = { + enable = false; + enableNg = true; + }; + + services.fstrim.enable = true; + system.nixos = { codeName = "Finn"; distroId = "patos"; diff --git a/modules/minimize.nix b/modules/minimize.nix index 2bc8cff..4d1185a 100644 --- a/modules/minimize.nix +++ b/modules/minimize.nix @@ -4,10 +4,6 @@ "${modulesPath}/profiles/minimal.nix" ]; - boot.enableContainers = false; - boot.loader.grub.enable = false; - - system.switch.enable = false; nix.enable = false; system.etc.overlay.enable = true; diff --git a/modules/partitions.nix b/modules/partitions.nix index 0510348..6381f06 100644 --- a/modules/partitions.nix +++ b/modules/partitions.nix @@ -29,8 +29,9 @@ # systemd-boot configuration "/loader/loader.conf".source = ( pkgs.writeText "$out" '' - timeout 3 + timeout 0 '' + # FIXME: should not be 0 in prod ); }; repartConfig = { diff --git a/modules/patagia-agent.nix b/modules/patagia-agent.nix new file mode 100644 index 0000000..81b328c --- /dev/null +++ b/modules/patagia-agent.nix @@ -0,0 +1,39 @@ +{ + pkgs, + utils, + ... +}: + +{ + + system.activationScripts.patagia-agent = '' + mkdir -p /var/lib/extensions + mkdir -p /etc/systemd/extensions + ''; + + environment.etc."sysupdate.patagia-agent.d".source = + let + format = pkgs.formats.ini { listToValue = toString; }; + in + utils.systemdUtils.lib.definitions "sysupdate.patagia-agent.d" format { + "10-image.conf" = { + Source = { + MatchPattern = "patagia-agent_@v.raw"; + Path = "https://images.dl.patagia.dev/patagia-agent/"; + Type = "url-file"; + }; + + Target = { + InstancesMax = 2; + Path = "/var/lib/extensions"; + CurrentSymlink = "/etc/systemd/extensions/patagia-agent.raw"; + Type = "regular-file"; + MatchPattern = "patagia-agent_@v.raw"; + }; + + Transfer = { + Verify = "no"; # FIXME: verify + }; + }; + }; +} diff --git a/modules/sysupdate.nix b/modules/sysupdate.nix index 8f126e8..8d05b14 100644 --- a/modules/sysupdate.nix +++ b/modules/sysupdate.nix @@ -54,6 +54,7 @@ in }; Transfer = { ProtectVersion = "%A"; + Verify = "no"; }; }; @@ -79,7 +80,11 @@ in Type = "partition"; ReadOnly = "yes"; }; + Transfer = { + Verify = "no"; + }; }; + }; }; }