Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

init nixos-remote #1

Merged
merged 7 commits into from
Nov 10, 2022
Merged

init nixos-remote #1

Show file tree
Hide file tree
Changes from 6 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
6af2a66
init nixos-remote
Lassulus Nov 10, 2022
5029d6a
add --kexec paramter to specify custom image
Lassulus Nov 10, 2022
650b6db
ssh timeout
Lassulus Nov 10, 2022
b7c4b74
ssh: use timout only for waiting
Lassulus Nov 10, 2022
416390f
check if tar exists on target system
Lassulus Nov 10, 2022
ab86ca7
add minimal README
Lassulus Nov 10, 2022
28809e0
check target OS
Lassulus Nov 10, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 8 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1,8 @@
# nixos-remote
# nixos-remote - install nixos everywhere via ssh

## Usage
Needs a repo with your configurations with flakes. for a minimal example checkout https://github.com/Lassulus/flakes-testing.
afterwards you can just run:
```
./nixos-remote root@yourip --flake github:your-user/your-repo#your-system
```
123 changes: 123 additions & 0 deletions nixos-remote
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,123 @@
#!/usr/bin/env bash
set -eufo pipefail
set -x

showUsage() {
cat <<USAGE
Usage: $0 [options] ssh-host

Options:

* -f, --flake flake
set the flake to install the system from
* --arg name value
pass value to nix-build. can be used to set disk-names for example
* --argstr name value
pass value to nix-build as string
* --kexec url
use another kexec tarball to bootstrap NixOS
USAGE
}

abort() {
echo "aborted: $*" >&2
exit 1
}

nix_args=()
kexec_url=https://github.com/nix-community/nixos-images/releases/download/nixos-22.05/nixos-kexec-installer-x86_64-linux.tar.gz
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
kexec_url=https://github.com/nix-community/nixos-images/releases/download/nixos-22.05/nixos-kexec-installer-x86_64-linux.tar.gz
# FIXME support aarch64 at least.
kexec_url=https://github.com/nix-community/nixos-images/releases/download/nixos-22.05/nixos-kexec-installer-x86_64-linux.tar.gz

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe we just make it dependant on uname -m from the target?

Copy link
Member

@Mic92 Mic92 Nov 10, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

target="$(uname -s).$(uname -m)"
case "$target" in
    Linux.x86_64)
        url="https://github.com/nix-community/nixos-images/releases/download/nixos-22.05/nixos-kexec-installer-x86_64-linux.tar.gz"
        ;;
     *)
       echo "$target is currently not supported by by our kexec tarball"
       exit 1
esac


while [[ $# -gt 0 ]]; do
case "$1" in
-f | --flake)
flake=$2
shift
;;
--argstr | --arg)
nix_args+=("$1" "$2" "$3")
shift
shift
;;
--help)
showUsage
exit 0
;;
--kexec)
kexec_url=$2
shift
;;
*)
if [ -z ${ssh_connection+x} ]; then
ssh_connection=$1
else
showUsage
exit 1
fi
;;
esac
shift
done

# ssh wrapper
timeout_ssh_() {
timeout 10 ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$ssh_connection" "$@"
}
ssh_() {
ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no "$ssh_connection" "$@"
}

# first check if the remote system is kexec booted
if $(ssh_ -- test -e /etc/is-kexec); then
is_kexec=y
fi


echo ${is_kexec-n}
if [ ${is_kexec-n} != "y" ]; then
# TODO we probably need an architecture detection here
ssh_ << SSH
set -efux
fetch(){
if command -v curl >/dev/null 2>&1; then
curl --fail -Ss -L "\$1"
elif command -v wget >/dev/null 2>&1; then
wget "\$1" -O-
else
echo "no downloader (curl or wget) found, bailing out"
exit 1
fi
}
if command -v tar >/dev/null 2>&1; then
echo "no tar command found, but required to unpack kexec tarball" >&2
exit 1
fi
Lassulus marked this conversation as resolved.
Show resolved Hide resolved
rm -rf /root/kexec
mkdir -p /root/kexec
Lassulus marked this conversation as resolved.
Show resolved Hide resolved
fetch "$kexec_url" | tar -C /root/kexec -xvzf-
export TMPDIR=/root/kexec
setsid /root/kexec/kexec/run
SSH
# wait for machine to become unreachable
while timeout_ssh_ -- exit 0; do sleep 1; done

# watiting for machine to become available again
until ssh_ -o ConnectTimeout=10 -- exit 0; do sleep 5; done
fi


ssh_ << SSH
set -efux
$(declare -p nix_args)
nix --extra-experimental-features nix-command --extra-experimental-features flakes \
run github:nix-community/disko \
--no-write-lock-file -- \
--debug -m create "\${nix_args[@]}" --flake "$flake"

nix --extra-experimental-features nix-command --extra-experimental-features flakes \
run github:nix-community/disko \
--no-write-lock-file -- \
--debug -m mount "\${nix_args[@]}" --flake "$flake"

nixos-install --flake "$flake"
reboot
SSH