iso: Make a script for iso generation

iso/build-iso.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+NIXPKGS=$(nix-build nixpkgs.nix)
+
+nixos-generate -c configuration.nix -I NIX_PATH="$NIXPKGS" -f install-iso

iso/configuration.nix

@@ -0,0 +1,32 @@
+{ pkgs, ... }:
+
+let
+  dgn-lib = import ../lib/trivial.nix;
+
+  dgn-members = (import ../meta).members.groups.iso;
+in
+
+{
+  boot = {
+    blacklistedKernelModules = [ "snd_pcsp" ];
+    kernelPackages = pkgs.linuxPackages_6_1;
+    tmp.cleanOnBoot = true;
+
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+
+    supportedFilesystems = [
+      "exfat"
+      "zfs"
+    ];
+  };
+
+  services = {
+    openssh.enable = true;
+  };
+
+  users.users.root.openssh.authorizedKeys.keyFiles =
+    builtins.map (m: dgn-lib.mkRel ../keys "${m}.keys") dgn-members;
+}

iso/nixpkgs.nix

@@ -0,0 +1,5 @@
+let
+  inherit (import ../npins) nixpkgs;
+in
+
+(import nixpkgs { }).srcOnly { name = "nixpkgs-for-iso"; src = nixpkgs; }

meta/members.nix

@@ -26,6 +26,9 @@ let
 
     # members of this group are root on web nodes
     web = [ "mdebray" "raito" ];
+
+    # members of this group will have root acces on the installation isos
+    iso = [ "thubrecht" "mdebray" "raito" ];
   };
 in
 

shell.nix

@@ -43,6 +43,7 @@ pkgs.mkShell {
   packages = with pkgs; [
     npins
     colmena
+    nixos-generators
   ] ++ (builtins.map (p: callPackage p { }) [
     (sources.disko + "/package.nix")
   ]);