From 4c0a4740a76ce61b419d51336073764284118aaf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Sat, 9 Apr 2022 16:23:35 +0200 Subject: WIP --- lxc/configuration.nix | 30 ++++++++++++++++++ lxc/flake.lock | 84 +++++++++++++++++++++++++++++++++++++++++++++++++++ lxc/flake.nix | 36 ++++++++++++++++++++++ lxc/lxc-import.sh | 15 +++++++++ lxc/lxc.nix | 5 +++ 5 files changed, 170 insertions(+) create mode 100644 lxc/configuration.nix create mode 100644 lxc/flake.lock create mode 100644 lxc/flake.nix create mode 100755 lxc/lxc-import.sh create mode 100644 lxc/lxc.nix (limited to 'lxc') diff --git a/lxc/configuration.nix b/lxc/configuration.nix new file mode 100644 index 0000000..7ea0120 --- /dev/null +++ b/lxc/configuration.nix @@ -0,0 +1,30 @@ +{ config, lib, pkgs, ... }: { + boot.isContainer = true; + + i18n.supportedLocales = ["en_US.UTF-8/UTF-8" "cs_CZ.UTF-8/UTF-8"]; + nix.extraOptions = "experimental-features = nix-command flakes"; + + programs.vim.defaultEditor = true; + + services.openssh = { + enable = true; + passwordAuthentication = false; + }; + + environment.systemPackages = with pkgs; [ + openrc + git bash + htop + ]; + + users.users = { + cynerd = { + uid = 1000; + name = "cynerd"; + shell = pkgs.zsh.out; + openssh.authorizedKeys.keys = ["ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3cs5UOO/epaxSUaO6kDtQlfdS/K5GEJBGK9nH+KcRL4DNQlAGWZsJiJQPuIL3fGlzRLqnPr8YEMbT5sl/moe/gZe2VD5FoAr2dR2fEw5wXXDI90bxbmCWqbyjmRxlKxdKhc6v1BukmuxScsZO0VrUNks1veCGgi1G9w+tY5HevBlMqvDyDpU/H1LN7MVgkCser+ROjRPviDhLaXk6dLKut33SYgce02s5hlvTiWQa+CqeBfRkdiP5VBo/7PQOWsd8GSfCgO0mwhxFowG8cMFyEwMOi70HeNmURtKbd/h6cz0zsdA39fQ8huRWHRd/CQhgIUOsM+W0uPEwkv9HBErx Private key"]; + isNormalUser = true; + createHome = true; + }; + }; +} diff --git a/lxc/flake.lock b/lxc/flake.lock new file mode 100644 index 0000000..85229ec --- /dev/null +++ b/lxc/flake.lock @@ -0,0 +1,84 @@ +{ + "nodes": { + "flake-utils": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "id": "flake-utils", + "type": "indirect" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1644151317, + "narHash": "sha256-TpXGBYCFKvEN7Q+To45rn4kqTbLPY4f56rF6ymUGGRE=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "942b0817e898262cc6e3f0a5f706ce09d8f749f1", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1645013224, + "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "openrc": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "narHash": "sha256-yf7cvvZACTUsMKhOvIoKHbTCsoFFSxD+qwAxL4stTx8=", + "path": "/nix/store/aknx92czbrjr3r238i6ib3h5mvi3qm8g-source", + "type": "path" + }, + "original": { + "path": "/nix/store/aknx92czbrjr3r238i6ib3h5mvi3qm8g-source", + "type": "path" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs", + "openrc": "openrc" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/lxc/flake.nix b/lxc/flake.nix new file mode 100644 index 0000000..9f6b09d --- /dev/null +++ b/lxc/flake.nix @@ -0,0 +1,36 @@ +{ + description = "LXC for OpenRC for testing"; + + inputs.openrc.url = ".."; + + outputs = { self, flake-utils, nixpkgs, openrc, ... }: + let + + flakelib = flake-utils.lib; + + nixos = { system, attr }: + let + nixos = nixpkgs.lib.nixosSystem { + system = system; + modules = [ + ./lxc.nix + ./configuration.nix + openrc.nixosModule + ]; + }; + in + nixos.config.system.build."${attr}"; + + in flakelib.eachDefaultSystem (system: { + packages = { + lxc = nixos { + system = system; + attr = "tarball"; + }; + lxc-metadata = nixos { + system = system; + attr = "metadata"; + }; + }; + }); +} diff --git a/lxc/lxc-import.sh b/lxc/lxc-import.sh new file mode 100755 index 0000000..f4160a4 --- /dev/null +++ b/lxc/lxc-import.sh @@ -0,0 +1,15 @@ +#!/bin/sh +set -eu +alias="${1:-nixos-openrc}" + +nix build -o result-metadata .#lxc-metadata +nix build -o result .#lxc + +if lxc image info "$alias" >/dev/null 2>&1; then + lxc image delete "$alias" +fi + +lxc image import \ + --alias "$alias" \ + result-metadata/tarball/nixos-system-*.tar.xz \ + result/tarball/nixos-system-*.tar.xz diff --git a/lxc/lxc.nix b/lxc/lxc.nix new file mode 100644 index 0000000..9f26f3c --- /dev/null +++ b/lxc/lxc.nix @@ -0,0 +1,5 @@ +{ config, lib, pkgs, modulesPath, ... }: { + imports = [ + "${toString modulesPath}/virtualisation/lxc-container.nix" + ]; +} -- cgit v1.2.3