motiejus/config
1
Fork 0
Code Packages Releases Activity

nixos

Browse Source
This commit is contained in:
Motiejus Jakštys
2026-01-28 20:34:48 +00:00
parent 01049996da
commit b4678effc0
8 changed files with 167 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
flake.nix
View File

@@ -126,6 +126,11 @@
version = "13.3.0"; version = "13.3.0";
hash = "sha256-ahYjQLygLt9n4VnIR81gVhinfVC/ggiO5RT4M2nkO4k="; hash = "sha256-ahYjQLygLt9n4VnIR81gVhinfVC/ggiO5RT4M2nkO4k=";
}; };
# NixOS netboot rescue image
# Note: Update URL and hash manually from https://nixos.org/download
mrescue-nixos = super.callPackage ./pkgs/mrescue-nixos.nix { };
vanta-agent = super.callPackage ./pkgs/vanta-agent.nix { }; vanta-agent = super.callPackage ./pkgs/vanta-agent.nix { };
gcloud-wrapped = super.callPackage ./pkgs/gcloud-wrapped { }; gcloud-wrapped = super.callPackage ./pkgs/gcloud-wrapped { };
go-raceless = super.callPackage ./pkgs/go-raceless { inherit (nicer) ; }; go-raceless = super.callPackage ./pkgs/go-raceless { inherit (nicer) ; };
@@ -415,6 +420,7 @@
mrescue-debian-standard mrescue-debian-standard
mrescue-debian-xfce mrescue-debian-xfce
mrescue-debian-kde mrescue-debian-kde
mrescue-nixos
sentinelone sentinelone
; ;
}; };

11
hosts/mtworx/configuration.nix
View File

@@ -20,6 +20,7 @@ let
item debian-standard Boot Debian Live ${pkgs.mrescue-debian-standard.version} (Standard) item debian-standard Boot Debian Live ${pkgs.mrescue-debian-standard.version} (Standard)
item debian-xfce Boot Debian Live ${pkgs.mrescue-debian-xfce.version} (XFCE) item debian-xfce Boot Debian Live ${pkgs.mrescue-debian-xfce.version} (XFCE)
item debian-kde Boot Debian Live ${pkgs.mrescue-debian-kde.version} (KDE) item debian-kde Boot Debian Live ${pkgs.mrescue-debian-kde.version} (KDE)
item nixos Boot NixOS ${pkgs.mrescue-nixos.version}
item netbootxyz Boot netboot.xyz item netbootxyz Boot netboot.xyz
item shell iPXE Shell item shell iPXE Shell
choose --default alpine --timeout 10000 selected || goto menu choose --default alpine --timeout 10000 selected || goto menu
@@ -45,6 +46,11 @@ let
initrd http://10.14.143.1/boot/debian-kde/initrd initrd http://10.14.143.1/boot/debian-kde/initrd
boot boot
:nixos
kernel http://10.14.143.1/boot/nixos/kernel init=/nix/store/*/init loglevel=4
initrd http://10.14.143.1/boot/nixos/initrd
boot
:netbootxyz :netbootxyz
isset ''${platform} && iseq ''${platform} pcbios && chain --autofree https://boot.netboot.xyz/ipxe/netboot.xyz.kpxe || isset ''${platform} && iseq ''${platform} pcbios && chain --autofree https://boot.netboot.xyz/ipxe/netboot.xyz.kpxe ||
chain --autofree https://boot.netboot.xyz/ipxe/netboot.xyz.efi chain --autofree https://boot.netboot.xyz/ipxe/netboot.xyz.efi
@@ -69,6 +75,7 @@ let
mkdir -p $out/debian-standard mkdir -p $out/debian-standard
mkdir -p $out/debian-xfce mkdir -p $out/debian-xfce
mkdir -p $out/debian-kde mkdir -p $out/debian-kde
mkdir -p $out/nixos
cp ${customIpxeEfi}/ipxe.efi $out/boot.efi cp ${customIpxeEfi}/ipxe.efi $out/boot.efi
cp ${customIpxeBios}/undionly.kpxe $out/boot.kpxe cp ${customIpxeBios}/undionly.kpxe $out/boot.kpxe
@@ -91,6 +98,10 @@ let
cp ${pkgs.mrescue-debian-kde}/kernel $out/debian-kde/kernel cp ${pkgs.mrescue-debian-kde}/kernel $out/debian-kde/kernel
cp ${pkgs.mrescue-debian-kde}/initrd $out/debian-kde/initrd cp ${pkgs.mrescue-debian-kde}/initrd $out/debian-kde/initrd
cp ${pkgs.mrescue-debian-kde}/filesystem.squashfs $out/debian-kde/filesystem.squashfs cp ${pkgs.mrescue-debian-kde}/filesystem.squashfs $out/debian-kde/filesystem.squashfs
# NixOS
cp ${pkgs.mrescue-nixos}/kernel $out/nixos/kernel
cp ${pkgs.mrescue-nixos}/initrd $out/nixos/initrd
''; '';
in in
{ {

5
pkgs/mrescue-alpine.nix
View File

@@ -9,7 +9,10 @@ stdenv.mkDerivation rec {
version = "3.23.3"; version = "3.23.3";
src = fetchurl { src = fetchurl {
url = "https://dl-cdn.alpinelinux.org/alpine/v3.23/releases/x86_64/alpine-netboot-${version}-x86_64.tar.gz"; urls = [
"https://dl-cdn.alpinelinux.org/alpine/v3.23/releases/x86_64/alpine-netboot-${version}-x86_64.tar.gz"
"https://dl.jakstys.lt/boot/alpine-netboot-${version}-x86_64.tar.gz"
];
hash = "sha256-U/tUZvdhLU/2Fr3g9jfwuM0mfX5SrtxwUiD0h+Qx8VA="; hash = "sha256-U/tUZvdhLU/2Fr3g9jfwuM0mfX5SrtxwUiD0h+Qx8VA=";
}; };

5
pkgs/mrescue-debian.nix
View File

@@ -14,7 +14,10 @@ stdenv.mkDerivation rec {
inherit version; inherit version;
src = fetchurl { src = fetchurl {
url = "https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-${version}-amd64-${flavor}.iso"; urls = [
"https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-${version}-amd64-${flavor}.iso"
"https://dl.jakstys.lt/boot/debian-live-${version}-amd64-${flavor}.iso"
];
inherit hash; inherit hash;
}; };

55
pkgs/mrescue-nixos.nix Normal file
View File

@@ -0,0 +1,55 @@
{
pkgs,
stdenv,
fetchurl,
}:
let
# NixOS netboot files from nix-community/nixos-images
# Source: https://github.com/nix-community/nixos-images/releases
version = "25.11";
kernel = fetchurl {
urls = [
"https://dl.jakstys.lt/boot/nixos-${version}-bzImage-x86_64-linux"
"https://github.com/nix-community/nixos-images/releases/download/nixos-${version}/bzImage-x86_64-linux"
];
hash = "sha256-ClUTxNU8YQfA8yo0vKx32fxl5Q3atXDXvGyIJP2OTpU=";
};
initrd =
(fetchurl {
urls = [
"https://dl.jakstys.lt/boot/nixos-${version}-initrd-x86_64-linux"
"https://github.com/nix-community/nixos-images/releases/download/nixos-${version}/initrd-x86_64-linux"
];
hash = "sha256-0nLNJVrjxIKQCTPB3iz4N3j6OyQEJ2G0JTluhHOTpPU=";
}).overrideAttrs
(_: {
__structuredAttrs = true;
unsafeDiscardReferences.out = true;
});
in
stdenv.mkDerivation rec {
pname = "mrescue-nixos";
inherit version;
dontUnpack = true;
dontBuild = true;
installPhase = ''
runHook preInstall
mkdir -p $out
install -Dm644 ${kernel} $out/kernel
install -Dm644 ${initrd} $out/initrd
runHook postInstall
'';
meta = with pkgs.lib; {
description = "NixOS minimal netboot files for rescue purposes";
homepage = "https://github.com/nix-community/nixos-images";
platforms = platforms.linux;
};
}

14
scripts/update-alpine.sh
View File

@@ -42,3 +42,17 @@ HASH_SRI=$(nix-hash --type sha256 --to-sri "$HASH_HEX")
# Output version and hash # Output version and hash
echo "version: $VERSION" echo "version: $VERSION"
echo "hash: $HASH_SRI" echo "hash: $HASH_SRI"
echo ""
# Check mirror availability
echo "Checking mirror availability..." >&2
MIRROR_URL="https://dl.jakstys.lt/boot/alpine-netboot-${VERSION}-x86_64.tar.gz"
if curl -sI "$MIRROR_URL" | head -1 | grep -q "200"; then
echo "✓ File available on mirror" >&2
else
echo "⚠ Warning: File not found on mirror!" >&2
echo ""
echo "To upload to mirror, run:" >&2
echo " ssh fwminex sh -c 'cd /var/www/dl/boot && wget https://dl-cdn.alpinelinux.org/alpine/${LATEST_MINOR}/releases/x86_64/alpine-netboot-${VERSION}-x86_64.tar.gz'" >&2
echo ""
fi

13
scripts/update-debian.sh
View File

@@ -58,3 +58,16 @@ cat <<EOF
hash = "${HASH_SRI}"; hash = "${HASH_SRI}";
}; };
EOF EOF
echo ""
echo "Checking mirror availability..." >&2
MIRROR_URL="https://dl.jakstys.lt/boot/debian-live-${VERSION}-amd64-${FLAVOR}.iso"
if curl -sI "$MIRROR_URL" | head -1 | grep -q "200"; then
echo "✓ File available on mirror" >&2
else
echo "⚠ Warning: File not found on mirror!" >&2
echo ""
echo "To upload to mirror, run:" >&2
echo " ssh fwminex sh -c 'cd /var/www/dl/boot && wget https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-${VERSION}-amd64-${FLAVOR}.iso'" >&2
echo ""
fi

60
scripts/update-nixos.sh Executable file
View File

@@ -0,0 +1,60 @@
#!/usr/bin/env bash
set -euo pipefail
# Script to get latest NixOS netboot file hashes from nix-community/nixos-images
# Usage: ./update-nixos.sh [version]
# version: 25.11, unstable, etc. (default: 25.11)
VERSION="${1:-25.11}"
BASE_URL="https://github.com/nix-community/nixos-images/releases/download/nixos-${VERSION}"
MIRROR_BASE="https://dl.jakstys.lt/boot"
echo "Fetching NixOS netboot files for version: ${VERSION}" >&2
# Fetch kernel hash
KERNEL_URL="${BASE_URL}/bzImage-x86_64-linux"
echo "Downloading kernel from: $KERNEL_URL" >&2
KERNEL_HASH_B32=$(nix-prefetch-url "$KERNEL_URL" 2>/dev/null)
KERNEL_HASH_HEX=$(nix-hash --type sha256 --to-base16 "$KERNEL_HASH_B32")
KERNEL_HASH_SRI=$(nix-hash --type sha256 --to-sri "$KERNEL_HASH_HEX")
# Fetch initrd hash
INITRD_URL="${BASE_URL}/initrd-x86_64-linux"
echo "Downloading initrd from: $INITRD_URL" >&2
INITRD_HASH_B32=$(nix-prefetch-url "$INITRD_URL" 2>/dev/null)
INITRD_HASH_HEX=$(nix-hash --type sha256 --to-base16 "$INITRD_HASH_B32")
INITRD_HASH_SRI=$(nix-hash --type sha256 --to-sri "$INITRD_HASH_HEX")
echo ""
echo "Update pkgs/mrescue-nixos.nix with:"
echo ""
echo " version = \"${VERSION}\";"
echo ""
echo " kernel hash = \"${KERNEL_HASH_SRI}\";"
echo " initrd hash = \"${INITRD_HASH_SRI}\";"
echo ""
# Check mirror availability
KERNEL_MIRROR="${MIRROR_BASE}/nixos-${VERSION}-bzImage-x86_64-linux"
INITRD_MIRROR="${MIRROR_BASE}/nixos-${VERSION}-initrd-x86_64-linux"
echo "Checking mirror availability..." >&2
KERNEL_EXISTS=$(curl -sI "$KERNEL_MIRROR" | head -1 | grep -q "200" && echo "yes" || echo "no")
INITRD_EXISTS=$(curl -sI "$INITRD_MIRROR" | head -1 | grep -q "200" && echo "yes" || echo "no")
if [[ "$KERNEL_EXISTS" == "no" ]] || [[ "$INITRD_EXISTS" == "no" ]]; then
echo ""
echo "⚠ Warning: Files not found on mirror!" >&2
echo ""
echo "To upload to mirror, run:" >&2
echo ""
if [[ "$KERNEL_EXISTS" == "no" ]]; then
echo " ssh fwminex sh -c 'cd /var/www/dl/boot && wget -O nixos-${VERSION}-bzImage-x86_64-linux ${KERNEL_URL}'" >&2
fi
if [[ "$INITRD_EXISTS" == "no" ]]; then
echo " ssh fwminex sh -c 'cd /var/www/dl/boot && wget -O nixos-${VERSION}-initrd-x86_64-linux ${INITRD_URL}'" >&2
fi
echo ""
else
echo "✓ All files available on mirror" >&2
fi