wind-tunnel-runner/installer.nix at main · holochain/wind-tunnel-runner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
{ inputs, config, pkgs, lib, modulesPath, ... }:
let
  baseSystem = lib.nixosSystem {
    system = "x86_64-linux";
    modules = [ ./base-install.nix ];
    specialArgs = { inherit inputs; };
  };
in
{
  imports = [
    "${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
  ];

  image = {
    baseName = lib.mkForce "wind-tunnel-runner-auto-installer";
  };

  isoImage = {
    volumeID = "wind-tunnel-runner-installer";
  };

  nix = {
    # Set nixpkgs version to the latest unstable version
    package = pkgs.nixVersions.latest;

    # Enable the `nix` command and `flakes`
    extraOptions = "experimental-features = nix-command flakes";
  };

  services.getty.helpLine = ''
                       ██╗    ██╗██╗███╗   ██╗██████╗     ████████╗██╗   ██╗███╗   ██╗███╗   ██╗███████╗██╗
                       ██║    ██║██║████╗  ██║██╔══██╗    ╚══██╔══╝██║   ██║████╗  ██║████╗  ██║██╔════╝██║
                       ██║ █╗ ██║██║██╔██╗ ██║██║  ██║       ██║   ██║   ██║██╔██╗ ██║██╔██╗ ██║█████╗  ██║
                       ██║███╗██║██║██║╚██╗██║██║  ██║       ██║   ██║   ██║██║╚██╗██║██║╚██╗██║██╔══╝  ██║
                       ╚███╔███╔╝██║██║ ╚████║██████╔╝       ██║   ╚██████╔╝██║ ╚████║██║ ╚████║███████╗███████╗
                        ╚══╝╚══╝ ╚═╝╚═╝  ╚═══╝╚═════╝        ╚═╝    ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚══════╝

    ██████╗ ██╗   ██╗███╗   ██╗███╗   ██╗███████╗██████╗     ██╗███╗   ██╗███████╗████████╗ █████╗ ██╗     ██╗     ███████╗██████╗
    ██╔══██╗██║   ██║████╗  ██║████╗  ██║██╔════╝██╔══██╗    ██║████╗  ██║██╔════╝╚══██╔══╝██╔══██╗██║     ██║     ██╔════╝██╔══██╗
    ██████╔╝██║   ██║██╔██╗ ██║██╔██╗ ██║█████╗  ██████╔╝    ██║██╔██╗ ██║███████╗   ██║   ███████║██║     ██║     █████╗  ██████╔╝
    ██╔══██╗██║   ██║██║╚██╗██║██║╚██╗██║██╔══╝  ██╔══██╗    ██║██║╚██╗██║╚════██║   ██║   ██╔══██║██║     ██║     ██╔══╝  ██╔══██╗
    ██║  ██║╚██████╔╝██║ ╚████║██║ ╚████║███████╗██║  ██║    ██║██║ ╚████║███████║   ██║   ██║  ██║███████╗███████╗███████╗██║  ██║
    ╚═╝  ╚═╝ ╚═════╝ ╚═╝  ╚═══╝╚═╝  ╚═══╝╚══════╝╚═╝  ╚═╝    ╚═╝╚═╝  ╚═══╝╚══════╝   ╚═╝   ╚═╝  ╚═╝╚══════╝╚══════╝╚══════╝╚═╝  ╚═╝

    Automatically erasing disk and installing Wind Tunnel Runner.
  '';

  services.journald.console = "/dev/tty1";

  systemd.services.install = {
    description = "Bootstrap Wind Tunnel Runner NixOS installation";
    wantedBy = [ "multi-user.target" ];
    after = [ "network.target" "polkit.service" ];
    path = [ "/run/current-system/sw/" ];
    script = with pkgs; ''
      set -euxo pipefail

      wait_for() {
        for _ in $(seq 10); do
          if $@; then
            return
          fi
          ${coreutils-full}/bin/sleep 1
        done
        exit 1
      }

      [ -b /dev/sda ] && dev=/dev/sda
      [ -b /dev/vda ] && dev=/dev/vda
      [ -d /sys/firmware/efi ] && [ -b /dev/nvme0n1 ] && dev=/dev/nvme0n1

      if [ -z ''${dev+x} ]; then
        ${coreutils-full}/bin/echo "Cannot find drive to install on, aborting"
        exit 1
      else
        ${coreutils-full}/bin/echo "Erasing $dev and installing Wind Tunnel Runner NixOS"
      fi

      ${parted}/bin/parted -s "$dev" -- mklabel gpt \
        mkpart primary 0% 2MiB \
        name 1 bios \
        set 1 bios_grub on \
        mkpart ESP fat32 2MiB 512MiB \
        name 2 boot \
        set 2 esp on \
        mkpart root ext4 512MiB -8GiB \
        name 3 nixos \
        mkpart swap linux-swap -8GiB 100% \
        name 4 swap

      ${coreutils-full}/bin/sync

      wait_for [ -b /dev/disk/by-partlabel/nixos ]
      ${e2fsprogs}/bin/mkfs.ext4 -L nixos /dev/disk/by-partlabel/nixos

      wait_for [ -b /dev/disk/by-partlabel/swap ]
      ${util-linux}/bin/mkswap -L swap /dev/disk/by-partlabel/swap

      wait_for [ -b /dev/disk/by-partlabel/boot ]
      ${dosfstools}/bin/mkfs.fat -F 32 -n boot /dev/disk/by-partlabel/boot

      ${coreutils-full}/bin/sync

      wait_for [ -b /dev/disk/by-label/nixos ]
      mount /dev/disk/by-label/nixos /mnt

      wait_for [ -b /dev/disk/by-label/boot ]
      ${coreutils-full}/bin/mkdir -p /mnt/efi-boot
      mount -o umask=077 /dev/disk/by-label/boot /mnt/efi-boot

      wait_for [ -b /dev/disk/by-label/swap ]
      ${util-linux}/bin/swapon /dev/disk/by-label/swap

      ${config.system.build.nixos-install}/bin/nixos-install \
        --system "${baseSystem.config.system.build.toplevel}" \
        --no-root-passwd \
        --cores 0

      ${grub2}/bin/grub-install --target=i386-pc --boot-directory=/mnt/boot "$dev"

      ${coreutils-full}/bin/mkdir -p /mnt/root/secrets
      ${curl}/bin/curl -L https://github.com/holochain/wind-tunnel-runner/releases/latest/download/tailscale_key -o /mnt/root/secrets/tailscale_key

      ${systemd}/bin/systemctl poweroff
    '';
    serviceConfig = {
      User = "root";
      Type = "oneshot";
    };
  };
}