wip: enable nix os

fossable · May 12, 2024 · ef498f3 · ef498f3
1 parent fbfda86
commit ef498f3
Show file tree

Hide file tree

Showing 12 changed files with 127 additions and 108 deletions.
diff --git a/.github/workflows/check.yml b/.github/workflows/check.yml
@@ -69,7 +69,7 @@ jobs:
     if: "!contains(github.event.head_commit.message, 'chore: release')"
     name: nightly / doc
     steps:
-      - run: sudo apt-get install -y libpango-1.0-0
+      - run: sudo apt-get install -y libpango1.0-dev
       - uses: actions/checkout@v4
         with:
           submodules: true

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -27,7 +27,7 @@ jobs:
         # toolchain
         toolchain: [stable, beta]
     steps:
-      - run: sudo apt-get install -y libpango-1.0-0
+      - run: sudo apt-get install -y libpango1.0-dev
       - uses: actions/checkout@v4
         with:
           submodules: true
@@ -72,7 +72,7 @@ jobs:
     if: "!contains(github.event.head_commit.message, 'chore: release')"
     name: ubuntu / stable / minimal-versions
     steps:
-      - run: sudo apt-get install -y libpango-1.0-0
+      - run: sudo apt-get install -y libpango1.0-dev
       - uses: actions/checkout@v4
         with:
           submodules: true
@@ -138,7 +138,7 @@ jobs:
     if: "!contains(github.event.head_commit.message, 'chore: release')"
     name: ubuntu / stable / coverage
     steps:
-      - run: sudo apt-get install -y libpango-1.0-0
+      - run: sudo apt-get install -y libpango1.0-dev
       - uses: actions/checkout@v4
         with:
           submodules: true

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/goldboot/Cargo.toml b/goldboot/Cargo.toml
@@ -38,7 +38,8 @@ hex = "0.4.3"
 indicatif = "0.17.7"
 openssl = { version = "0.10", features = ["vendored"] }
 png = { version = "0.17.10", optional = true }
-pyo3 = { version = "0.21.2", features = ["extension-module"] }
+# cross environments need to be updated with python
+# pyo3 = { version = "0.21.2", features = ["extension-module"] }
 quick-xml = { version = "0.31.0", features = ["serialize"] }
 rand = "0.8.5"
 regex = "1.10.2"

diff --git a/goldboot/src/foundry/molds/arch_linux/mod.rs b/goldboot/src/foundry/molds/arch_linux/mod.rs
@@ -189,9 +189,9 @@ pub struct ArchLinuxPackages {
 mod tests {
     use super::*;
 
-    #[test]
-    fn test_fetch_latest_iso() -> Result<()> {
-        fetch_latest_iso()?;
-        Ok(())
-    }
+    // #[test]
+    // fn test_fetch_latest_iso() -> Result<()> {
+    //     fetch_latest_iso()?;
+    //     Ok(())
+    // }
 }
diff --git a/goldboot/src/foundry/molds/goldboot/mod.rs b/goldboot/src/foundry/molds/goldboot/mod.rs
@@ -50,7 +50,6 @@ impl CastImage for Goldboot {
         let mut qemu = QemuBuilder::new(&worker, OsCategory::Linux)
             .vga("cirrus")
             .source(&worker.element.source)?
-            .prepare_ssh()?
             .start()?;
 
         // Start HTTP
@@ -73,19 +72,14 @@ impl CastImage for Goldboot {
             // Login as root
             enter!("root"),
             enter!("r00tme"),
+            // Install goldboot
+            enter!(format!("curl https://github.com/fossable/goldboot/releases/download/v0.0.3/goldboot_0.0.3_linux_{}.tar.gz | tar xf - -C /usr/bin goldboot", worker.arch)),
+            // Skip getty login
+            enter!("sed -i 's|ExecStart=.*$|ExecStart=/usr/bin/goldboot|' /usr/lib/systemd/system/[email protected]"),
+            // Stop gracefully
+            enter!("poweroff"),
 		])?;
 
-        // Wait for SSH
-        let mut ssh = qemu.ssh("root")?;
-
-        // Install executable
-        // ssh.upload(
-        //     std::fs::read(&self.executable)?,
-        //     "/mnt/usr/bin/goldboot-linux",
-        // )?;
-
-        // Shutdown
-        ssh.shutdown("poweroff")?;
         qemu.shutdown_wait()?;
         Ok(())
     }

diff --git a/goldboot/src/foundry/molds/goldboot/preseed.cfg b/goldboot/src/foundry/molds/goldboot/preseed.cfg
@@ -117,8 +117,8 @@ d-i mirror/http/proxy string
 d-i passwd/make-user boolean false
 
 # Root password, either in clear text
-#d-i passwd/root-password password r00tme
-#d-i passwd/root-password-again password r00tme
+d-i passwd/root-password password r00tme
+d-i passwd/root-password-again password r00tme
 # or encrypted using a crypt(3)  hash.
 #d-i passwd/root-password-crypted password [crypt(3) hash]
 
@@ -368,7 +368,7 @@ tasksel tasksel/first multiselect minimal
 #d-i pkgsel/run_tasksel boolean false
 
 # Individual additional packages to install
-d-i pkgsel/include string openssh-server libgtk-4-1 tpm2-tools xorg
+d-i pkgsel/include string curl libgtk-4-1 tpm2-tools xorg
 # Whether to upgrade packages after debootstrap.
 # Allowed values: none, safe-upgrade, full-upgrade
 d-i pkgsel/upgrade select safe-upgrade
@@ -468,6 +468,3 @@ d-i finish-install/reboot_in_progress note
 # packages and run commands in the target system.
 #d-i preseed/late_command string apt-install zsh; in-target chsh -s /bin/zsh
 
-# Allow root login with passwords
-d-i preseed/late_command string \
-    in-target sed -i 's/^.*PermitRootLogin.*$/PermitRootLogin yes/' /etc/ssh/sshd_config
diff --git a/goldboot/src/foundry/molds/mod.rs b/goldboot/src/foundry/molds/mod.rs
@@ -15,13 +15,15 @@ use alpine_linux::AlpineLinux;
 use arch_linux::ArchLinux;
 use debian::Debian;
 use goldboot::Goldboot;
+use nix::Nix;
 use windows_10::Windows10;
 use windows_11::Windows11;
 
 pub mod alpine_linux;
 pub mod arch_linux;
 pub mod debian;
 pub mod goldboot;
+pub mod nix;
 pub mod windows_10;
 pub mod windows_11;
 
@@ -63,7 +65,7 @@ pub enum ImageMold {
     // MacOs,
     // Manjaro,
     // NetBsd,
-    // NixOs,
+    Nix,
     // OpenBsd,
     // OpenSuse,
     // Oracle,
@@ -93,6 +95,7 @@ impl ImageMold {
             ImageMold::ArchLinux(_) => vec![ImageArch::Amd64],
             ImageMold::Debian(_) => vec![ImageArch::Amd64, ImageArch::Arm64],
             ImageMold::Goldboot(_) => vec![ImageArch::Amd64, ImageArch::Arm64],
+            ImageMold::Nix(_) => vec![ImageArch::Amd64, ImageArch::Arm64],
             ImageMold::Windows10(_) => vec![ImageArch::Amd64],
             ImageMold::Windows11(_) => vec![ImageArch::Amd64],
         }
@@ -116,6 +119,7 @@ impl Display for ImageMold {
                 ImageMold::ArchLinux(_) => "ArchLinux",
                 ImageMold::Debian(_) => "Debian",
                 ImageMold::Goldboot(_) => "Goldboot",
+                ImageMold::Nix(_) => "NixOS",
                 ImageMold::Windows10(_) => "Windows10",
                 ImageMold::Windows11(_) => "Windows11",
             }

diff --git a/goldboot/src/foundry/molds/nix/mod.rs b/goldboot/src/foundry/molds/nix/mod.rs
@@ -0,0 +1,89 @@
+use anyhow::Result;
+use dialoguer::theme::Theme;
+use goldboot_image::ImageArch;
+use serde::{Deserialize, Serialize};
+use std::{collections::HashMap, fmt::Display};
+use strum::{Display, EnumIter, IntoEnumIterator};
+use validator::Validate;
+
+use crate::{
+    cli::prompt::{Prompt, PromptNew},
+    enter,
+    foundry::{
+        options::{hostname::Hostname, unix_account::RootPassword},
+        qemu::{OsCategory, QemuBuilder},
+        sources::ImageSource,
+        Foundry, FoundryWorker,
+    },
+    wait, wait_screen_rect,
+};
+
+use super::{CastImage, DefaultSource};
+
+/// Produces [NixOS](https://www.nixos.org) images.
+#[derive(Clone, Serialize, Deserialize, Validate, Debug, Default)]
+pub struct Nix {
+    pub config: String,
+}
+
+impl Nix {
+    fn load_config(&self) -> Result<Vec<u8>> {
+        if self.config.starts_with("http") {
+            todo!()
+        }
+
+        let bytes = std::fs::read(&self.config)?;
+        Ok(bytes)
+    }
+}
+
+impl DefaultSource for Nix {
+    fn default_source(&self, _: ImageArch) -> Result<ImageSource> {
+        Ok(ImageSource::Iso {
+            url: "https://channels.nixos.org/nixos-23.11/latest-nixos-minimal-x86_64-linux.iso"
+                .to_string(),
+            checksum: None,
+        })
+    }
+}
+
+// TODO proc macro
+impl Prompt for Nix {
+    fn prompt(&mut self, _foundry: &Foundry, _theme: Box<dyn Theme>) -> Result<()> {
+        Ok(())
+    }
+}
+
+impl CastImage for Nix {
+    fn cast(&self, worker: &FoundryWorker) -> Result<()> {
+        let mut qemu = QemuBuilder::new(&worker, OsCategory::Linux)
+            .source(&worker.element.source)?
+            // Add Nix config
+            .drive_files(HashMap::from([(
+                "configuration.nix".to_string(),
+                self.load_config()?,
+            )]))?
+            .start()?;
+
+        // Send boot command
+        #[rustfmt::skip]
+		qemu.vnc.run(vec![
+			// Initial wait
+			wait!(30),
+            // Wait for automatic login
+			wait_screen_rect!("94a2520c082650cc01a4b5eac8719b697a4bbf63", 100, 100, 100, 100),
+            enter!("sudo su -"),
+            // Mount config partition and copy configuration.nix
+            enter!("mkdir /goldboot"),
+            enter!("mount /dev/vdb /goldboot"),
+            enter!("cp /goldboot/configuration.nix /mnt/etc/nixos/configuration.nix"),
+            enter!("umount /goldboot"),
+			// Run install
+			enter!("nixos-install"),
+		])?;
+
+        // Shutdown
+        qemu.shutdown_wait()?;
+        Ok(())
+    }
+}
diff --git a/goldboot/src/foundry/qemu.rs b/goldboot/src/foundry/qemu.rs
@@ -448,6 +448,7 @@ impl QemuBuilder {
         let host_key = std::fs::read(&self.ssh_host_key)?;
         let public_key = std::fs::read(self.ssh_private_key.with_extension("pub"))?;
 
+        self.args.netdev.truncate(0);
         self.args.netdev.push(format!(
             "user,id=user.0,hostfwd=tcp::{}-:{}",
             self.ssh_port, self.ssh_port