ISO: stuffies

2025-02-22 22:25:09 +00:00 · 2025-01-27 22:31:45 +02:00 · 2025-01-27 22:31:45 +02:00 · 0863504183
commit 0863504183
parent 35e372a025
7 changed files with 146 additions and 1 deletions
--- a/modules/iso/boot.nix
+++ b/modules/iso/boot.nix
@ -1,7 +1,13 @@
-{lib, ...}: let
+{
+  lib,
+  pkgs,
+  ...
+}: let
  inherit (lib.modules) mkForce mkAfter;
 in {
  boot = {
+    # Use lts kernel for zfs
+    kernelPackages = mkForce pkgs.linuxPackages_6_12;
    kernelParams = mkAfter [
      "noquiet"
      "toram"
--- a/modules/iso/console.nix
+++ b/modules/iso/console.nix
@ -0,0 +1,6 @@
+{pkgs, ...}: {
+  console = {
+    font = "${pkgs.terminus_font}/share/consolefonts/ter-d18n.psf.gz";
+    keyMap = "en";
+  };
+}
--- a/modules/iso/default.nix
+++ b/modules/iso/default.nix
@ -1,6 +1,11 @@
 {
  imports = [
    ./boot.nix
+    ./console.nix
    ./image.nix
+    ./networking.nix
+    ./nix.nix
+    ./programs.nix
+    ./space.nix
  ];
 }
--- a/modules/iso/networking.nix
+++ b/modules/iso/networking.nix
@ -0,0 +1,19 @@
+{lib, ...}: let
+  inherit (lib.modules) mkForce;
+in {
+  # use networkmanager in the live environment
+  networking.networkmanager = {
+    enable = true;
+    # we don't want any plugins, they only takeup space
+    # you might consider adding some if you need a VPN for example
+    plugins = mkForce [];
+  };
+
+  networking.wireless.enable = mkForce false;
+
+  # allow ssh into the system for headless installs
+  systemd.services.sshd.wantedBy = mkForce ["multi-user.target"];
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILPbmiNqoyeKXk/VopFm2cFfEnV4cKCFBhbhyYB69Fuu"
+  ];
+}
--- a/modules/iso/nix.nix
+++ b/modules/iso/nix.nix
@ -0,0 +1,54 @@
+{config, ...}: {
+  # We don't want to alter the iso image itself so we prevent rebuilds
+  system.switch.enable = false;
+
+  nix = {
+    # we can disable channels since we can just use the flake
+    channel.enable = false;
+
+    # we need to have nixpkgs in our path
+    nixPath = ["nixpkgs=${config.nix.registry.nixpkgs.to.path}"];
+
+    settings = {
+      experimental-features = [
+        "flakes"
+        "nix-command"
+        "auto-allocate-uids"
+      ];
+
+      # more logging is nice when doing installs, we want to know if something goes wrong
+      log-lines = 50;
+
+      # A unimportant warning in this case
+      warn-dirty = false;
+
+      # Its nice to have more http downloads when setting up
+      http-connections = 50;
+
+      # We can ignore the flake registry since we won't be using it
+      # this is because we already have all the programs we need in the ISO
+      flake-registry = "";
+
+      # we don't need this nor do we want it
+      accept-flake-config = false;
+
+      # this is not important when your in a ISO
+      auto-optimise-store = false;
+
+      # fetch from a cache if we can
+      substituters = [
+        "https://nix-community.cachix.org"
+        "https://nixpkgs-unfree.cachix.org"
+        "https://hyprland.cachix.org"
+        "https://wezterm.cachix.org"
+      ];
+
+      trusted-public-keys = [
+        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
+        "nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
+        "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
+        "wezterm.cachix.org-1:kAbhjYUC9qvblTE+s7S+kl5XM1zVa4skO+E/1IDWdH0="
+      ];
+    };
+  };
+}
--- a/modules/iso/programs.nix
+++ b/modules/iso/programs.nix
@ -0,0 +1,9 @@
+{pkgs, ...}: {
+  environment.systemPackages = with pkgs; [
+    vim
+    pciutils
+    gitMinimal
+    nixos-install-tools
+    util-linux
+  ];
+}
--- a/modules/iso/space.nix
+++ b/modules/iso/space.nix
@ -0,0 +1,46 @@
+{lib, ...}: let
+  inherit (lib.modules) mkForce mkDefault;
+in {
+  # disable documentation
+  documentation = {
+    enable = mkDefault false;
+    doc.enable = mkDefault false;
+    info.enable = mkDefault false;
+  };
+
+  # we don't need this, plus it adds extra programs to the iso
+  services = {
+    logrotate.enable = false;
+    udisks2.enable = false;
+  };
+
+  # disable fontConfig
+  fonts.fontconfig.enable = mkForce false;
+
+  # disable containers as it also pulls in pearl
+  boot.enableContainers = false;
+
+  programs = {
+    # disable less as it pulls in pearl
+    less.lessopen = null;
+
+    # disable command-not-found and other similar programs
+    command-not-found.enable = false;
+  };
+
+  # Use environment options, minimal profile
+  environment = {
+    # we don't really need this warning on the minimal profile
+    stub-ld.enable = mkForce false;
+
+    # no packages other, other then the ones I provide
+    defaultPackages = [];
+  };
+
+  xdg = {
+    autostart.enable = false;
+    icons.enable = false;
+    mime.enable = false;
+    sounds.enable = false;
+  };
+}