From e64c32bf3445033304e0d97c1ce1da0bfd553b93 Mon Sep 17 00:00:00 2001
From: Tom Hubrecht <tom@hubrecht.ovh>
Date: Thu, 8 Jun 2023 10:20:55 +0200
Subject: [PATCH] iso: Update iso config and add a script to ease the
 installation process

---
 iso/build-iso.sh               |   0
 iso/configuration.nix          |   4 +
 iso/dgn-install/README.md      |   1 +
 iso/dgn-install/default.nix    |  20 +++++
 iso/dgn-install/dgn-install.sh | 141 +++++++++++++++++++++++++++++++++
 5 files changed, 166 insertions(+)
 mode change 100644 => 100755 iso/build-iso.sh
 create mode 100644 iso/dgn-install/README.md
 create mode 100644 iso/dgn-install/default.nix
 create mode 100644 iso/dgn-install/dgn-install.sh

diff --git a/iso/build-iso.sh b/iso/build-iso.sh
old mode 100644
new mode 100755
diff --git a/iso/configuration.nix b/iso/configuration.nix
index ab5ce0b..f09979f 100644
--- a/iso/configuration.nix
+++ b/iso/configuration.nix
@@ -7,6 +7,8 @@ let
 in
 
 {
+  imports = [ ./dgn-install ];
+
   boot = {
     blacklistedKernelModules = [ "snd_pcsp" ];
     kernelPackages = pkgs.linuxPackages_6_1;
@@ -23,6 +25,8 @@ in
     ];
   };
 
+  console.keyMap = "fr";
+
   services = {
     openssh.enable = true;
   };
diff --git a/iso/dgn-install/README.md b/iso/dgn-install/README.md
new file mode 100644
index 0000000..32f2f2f
--- /dev/null
+++ b/iso/dgn-install/README.md
@@ -0,0 +1 @@
+Script pour installer automatiquement NixOS sur les machines de la DGNum
diff --git a/iso/dgn-install/default.nix b/iso/dgn-install/default.nix
new file mode 100644
index 0000000..3028540
--- /dev/null
+++ b/iso/dgn-install/default.nix
@@ -0,0 +1,20 @@
+{ pkgs, ... }:
+
+let
+  installScript = pkgs.writeShellApplication {
+    name = "dgn-install";
+
+    runtimeInputs = with pkgs; [
+      coreutils
+      gnused
+      nixos-install-tools
+      zfs
+    ];
+
+    text = builtins.readFile ./dgn-install.sh;
+  };
+in
+
+{
+  environment.systemPackages = [ installScript ];
+}
diff --git a/iso/dgn-install/dgn-install.sh b/iso/dgn-install/dgn-install.sh
new file mode 100644
index 0000000..ab5c767
--- /dev/null
+++ b/iso/dgn-install/dgn-install.sh
@@ -0,0 +1,141 @@
+bootDevice=
+rootDevice=
+
+domain="par01.infra.dgnum.eu"
+hostname="dgn0x"
+
+hasZFS=
+
+while [ "$#" -gt 0 ]; do
+	i="$1"
+	shift 1
+	case "$i" in
+	--root)
+		rootDevice="$1"
+		shift 1
+		;;
+	--boot)
+		bootDevice="$1"
+		shift 1
+		;;
+	--domain)
+	  domain="$1"
+	  shift 1
+	  ;;
+	--hostname)
+	  hostname="$1"
+	  shift 1
+	  ;;
+	--with-zfs)
+	  hasZFS="1"
+	  ;;
+	*)
+		echo "$0: unknown option \`$i'"
+		exit 1
+		;;
+	esac
+done
+
+if [ -z "$bootDevice" ]; then
+  echo "Missing boot partition"
+  exit 1
+fi
+
+if [ -z "$rootDevice" ]; then
+  echo "Missing root partition"
+  exit 1
+fi
+
+# Mount the partitions to where they should be
+mount "$rootDevice" /mnt
+mkdir /mnt/boot
+
+mount "$bootDevice" /mnt/boot
+
+# Generate configration
+nixos-generate-config --root /mnt
+
+NIX="/mnt/etc/nixos/"
+
+# Setup our own files
+mv $NIX/configuration.nix $NIX/base-configuration.nix
+
+cat <<EOF > $NIX/dgnum-server.nix
+{ ... }: {
+  services.nscd.enableNsncd = false;
+  programs.bash.promptInit = ''
+  # Provide a nice prompt if the terminal supports it.
+  if [ "\$TERM" != "dumb" ] || [ -n "\$INSIDE_EMACS" ]; then
+    PROMPT_COLOR="1;31m"
+    ((UID)) && PROMPT_COLOR="1;32m"
+    if [ -n "\$INSIDE_EMACS" ] || [ "\$TERM" = "eterm" ] || [ "\$TERM" = "eterm-color" ]; then
+      # Emacs term mode doesn't support xterm title escape sequence (\e]0;)
+      PS1="\n\[\033[\$PROMPT_COLOR\][\u@\$(hostname -f):\w]\\\$\[\033[0m\] "
+    else
+      PS1="\n\[\033[\$PROMPT_COLOR\][\[\e]0;\u@\H: \w\a\]\u@\$(hostname -f):\w]\\\$\[\033[0m\] "
+    fi
+    if test "\$TERM" = "xterm"; then
+      PS1="\[\033]2;\$(hostname -f):\u:\w\007\]\$PS1"
+    fi
+  fi
+  '';
+}
+EOF
+
+cat <<EOF > $NIX/configuration.nix
+{ pkgs, ... }: {
+  imports = [
+    ./base-configuration.nix
+    ./dgnum-server.nix
+    $(if [ -n "$hasZFS" ]; then echo './zfs.nix'; fi)
+  ];
+
+  boot.tmp.cleanOnBoot = true;
+
+  console.keyMap = "fr";
+
+  time.timeZone = "Europe/Paris";
+
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+    kitty.terminfo
+  ];
+
+  networking = {
+    hostName = "$hostname";
+    domain = "$domain";
+  };
+
+  # Activate SSH and set the keys
+  services.openssh = {
+    enable = true;
+
+    settings.PasswordAuthentication = false;
+  };
+
+  users.users.root.openssh.authorizedKeys.keyFiles = [ ./rootKeys ];
+}
+EOF
+
+if [ -n "$hasZFS" ]; then
+  cat <<EOF > $NIX/zfs.nix
+{ ... }: {
+  boot = {
+    supportedFilesystems = [ "zfs" ];
+    zfs.forceImportRoot = false;
+    zfs.extraPools = [
+      $(zpool list -Ho name | sed 's/^/"/;s/$/"/')
+    ];
+  };
+
+  networking.hostId = "$(head -c4 /dev/urandom | od -A none -t x4 | sed 's/ //')";
+}
+EOF
+fi
+
+# Copy the keys
+cp /etc/ssh/authorized_keys.d/root $NIX/rootKeys
+
+# Perform the installation
+nixos-install