feat: add minimal config support (WIP)

2025-12-06 09:07:21 +01:00 · 2025-07-04 19:54:45 +02:00 · 2025-07-04 19:54:45 +02:00 · 49b557befa
commit 49b557befa
parent 34badc91d5
26 changed files with 726 additions and 599 deletions
--- a/nix/installer-config.nix
+++ b/nix/installer-config.nix
@ -1,111 +0,0 @@
-{ pkgs, lib, ... }:
-{
-
-  config = {
-    home-manager.users.root.home = {
-      stateVersion = "23.05";
-      file = {
-        ".bash_history" = {
-          text = ''
-            swarsel-install -n chaostheatre
-          '';
-        };
-      };
-    };
-
-    nix.settings = {
-      experimental-features = [ "nix-command" "flakes" ];
-    };
-
-    boot = {
-      supportedFilesystems = lib.mkForce [ "brtfs" "vfat" ];
-      loader.systemd-boot = {
-        enable = true;
-      };
-    };
-
-    services = {
-      qemuGuest.enable = true;
-      openssh = {
-        enable = true;
-        settings.PermitRootLogin = "yes";
-        authorizedKeysFiles = lib.mkForce [
-          "/etc/ssh/authorized_keys.d/%u"
-        ];
-      };
-    };
-
-    environment.systemPackages = with pkgs; [
-      curl
-      git
-      gnupg
-      rsync
-      ssh-to-age
-      sops
-      vim
-      just
-      sbctl
-    ];
-
-    programs = {
-      git.enable = true;
-    };
-
-    fileSystems."/boot".options = [ "umask=0077" ];
-
-    environment.etc."issue".text = ''
-      [32m~SwarselSystems~[0m
-                               IP of primary interface: [31m\4[0m
-                                                                   The Password for all users & root is '[31msetup[0m'.
-                                                                   Install the system remotely by running '[33mbootstrap -n <CONFIGURATION_NAME> -d <IP_FROM_ABOVE> [0m' on a machine with deployed secrets.
-                                                                   Alternatively, run '[33mswarsel-install -n <CONFIGURATION_NAME>[0m' for a local install. For your convenience, an example call is in the bash history (press up on the keyboard to access).
-    '';
-
-    networking = {
-      hostName = "drugstore";
-      wireless.enable = false;
-      dhcpcd.runHook = "${pkgs.utillinux}/bin/agetty --reload";
-      networkmanager.enable = true;
-    };
-
-    services.getty.autologinUser = lib.mkForce "root";
-
-    users = {
-      allowNoPasswordLogin = true;
-      users = {
-        root = {
-          password = "setup"; # this is overwritten after install
-          initialHashedPassword = lib.mkForce null;
-          openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDd0XXoLfRE0AyasxscEBwMqOnLWPqwz+etGqzVNeSw/RcgnxOi903mlVjCH+jzWMSe2GVSgzgM20j/r9sfE2P1z+wq/RODFS04JM0ltUoFkkm/IDZXQ2piOk7AoVi5ajdx4EiBnXY87jvxh5cCgQltkj3ouPF7FVN/MaN21IgWYB8NgkaVGft//OplodlDQNot17c0sFMibY0HcquwmHhqKOtKM1gT98+jZl0rd1rCqXFOvkesW6FPC4nzirPai+Hizp5gncrkJOZmLLqrjVx6PfpQzqzIhoUn1YS5CpyfXnKZUgx2Oi8SENmWOZ9DxYvDklgEttob37E2bIXbUhOw/u4I3olGFgCsKL6jg0N+d5teEaCZFnzlOp0UMWiUo7lVqq7Bwl3rNka2pxEdZ9v/1+m9cJiP7h6pnKmccVGku57iGIDnsnoTrmo1qbAje+EsmPYbc+qMnTDvOdSHTOXnjsyTd+ADklvMHCUAuf6ku4ktQEhlZxU3PvYvKHa1cTCEXxLWjytIgHgTgab9M5IH29Q55LSRRQBzUdkwjOG6KhsqG+xEE6038EbXr0MGKTm01AFmeVZWewmkSLu2UdoOMiw8mTSQhQFfp2QruYHnh7oJCo7ttKT1sLoRX+TfgQm1ryn/orhReg2GFfmbiLGxaJGVNvjqCxqrIFQXx4ZDHw== cardno:22_412_399" ];
-        };
-      };
-    };
-
-    programs.bash.shellAliases = {
-      "swarsel-install" = "nix run github:Swarsel/.dotfiles#swarsel-install --";
-    };
-
-    system.activationScripts.cache = {
-      text = ''
-          mkdir -p -m=0777 /home/setup/.local/state/nix/profiles
-        mkdir -p -m=0777 /home/setup/.local/state/home-manager/gcroots
-        mkdir -p -m=0777 /home/setup/.local/share/nix/
-        printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /home/setup/.local/share/nix/trusted-settings.json > /dev/null
-        mkdir -p /root/.local/share/nix/
-        printf '{\"extra-substituters\":{\"https://nix-community.cachix.org\":true,\"https://nix-community.cachix.org https://cache.ngi0.nixos.org/\":true},\"extra-trusted-public-keys\":{\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=\":true,\"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs= cache.ngi0.nixos.org-1:KqH5CBLNSyX184S9BKZJo1LxrxJ9ltnY2uAs5c/f1MA=\":true}}' | tee /root/.local/share/nix/trusted-settings.json > /dev/null
-      '';
-    };
-    systemd = {
-      services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
-      targets = {
-        sleep.enable = false;
-        suspend.enable = false;
-        hibernate.enable = false;
-        hybrid-sleep.enable = false;
-      };
-    };
-
-    system.stateVersion = lib.mkForce "23.05";
-
-  };
-}
--- a/nix/iso.nix
+++ b/nix/iso.nix
@ -1,4 +1,4 @@
-{ inputs, ... }:
+{ self, inputs, ... }:
 {
  perSystem = { pkgs, system, ... }:
    {
@ -7,7 +7,7 @@
        inherit pkgs;
        modules = [
          inputs.home-manager.nixosModules.home-manager
-          ./installer-config.nix
+          "${self}/install/installer-config.nix"
        ];
        format =
          {