nixos/modules/installer/tools/nixos-install.sh at 15.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / installer / tools / nixos-install.sh
at 15.09-beta 8.5 kB view raw
  1#! @shell@
  2
  3# - make Nix store etc.
  4# - copy closure of Nix to target device
  5# - register validity
  6# - with a chroot to the target device:
  7#   * nix-env -p /nix/var/nix/profiles/system -i <nix-expr for the configuration>
  8#   * install the boot loader
  9
 10# Ensure a consistent umask.
 11umask 0022
 12
 13# Re-exec ourselves in a private mount namespace so that our bind
 14# mounts get cleaned up automatically.
 15if [ "$(id -u)" = 0 ]; then
 16    if [ -z "$NIXOS_INSTALL_REEXEC" ]; then
 17        export NIXOS_INSTALL_REEXEC=1
 18        exec unshare --mount --uts -- "$0" "$@"
 19    else
 20        mount --make-rprivate /
 21    fi
 22fi
 23
 24# Parse the command line for the -I flag
 25extraBuildFlags=()
 26chrootCommand=(/run/current-system/sw/bin/bash)
 27
 28while [ "$#" -gt 0 ]; do
 29    i="$1"; shift 1
 30    case "$i" in
 31        --max-jobs|-j|--cores|-I)
 32            j="$1"; shift 1
 33            extraBuildFlags+=("$i" "$j")
 34            ;;
 35        --option)
 36            j="$1"; shift 1
 37            k="$1"; shift 1
 38            extraBuildFlags+=("$i" "$j" "$k")
 39            ;;
 40        --root)
 41            mountPoint="$1"; shift 1
 42            ;;
 43        --show-trace)
 44            extraBuildFlags+=("$i")
 45            ;;
 46        --chroot)
 47            runChroot=1
 48            if [[ "$@" != "" ]]; then
 49                chrootCommand=("$@")
 50            fi
 51            break
 52            ;;
 53        --help)
 54            exec man nixos-install
 55            exit 1
 56            ;;
 57        *)
 58            echo "$0: unknown option \`$i'"
 59            exit 1
 60            ;;
 61    esac
 62done
 63
 64set -e
 65shopt -s nullglob
 66
 67if test -z "$mountPoint"; then
 68    mountPoint=/mnt
 69fi
 70
 71if ! test -e "$mountPoint"; then
 72    echo "mount point $mountPoint doesn't exist"
 73    exit 1
 74fi
 75
 76if ! grep -F -q " $mountPoint " /proc/mounts; then
 77    echo "$mountPoint doesn't appear to be a mount point"
 78    exit 1
 79fi
 80
 81
 82# Mount some stuff in the target root directory.
 83mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home
 84mkdir -m 01777 -p $mountPoint/tmp
 85mkdir -m 0755 -p $mountPoint/tmp/root
 86mkdir -m 0755 -p $mountPoint/var/setuid-wrappers
 87mkdir -m 0700 -p $mountPoint/root
 88mount --rbind /dev $mountPoint/dev
 89mount --rbind /proc $mountPoint/proc
 90mount --rbind /sys $mountPoint/sys
 91mount --rbind / $mountPoint/tmp/root
 92mount -t tmpfs -o "mode=0755" none $mountPoint/run
 93mount -t tmpfs -o "mode=0755" none $mountPoint/var/setuid-wrappers
 94rm -rf $mountPoint/var/run
 95ln -s /run $mountPoint/var/run
 96rm -f $mountPoint/etc/{resolv.conf,hosts}
 97cp -Lf /etc/resolv.conf /etc/hosts $mountPoint/etc/
 98
 99if [ -e "$SSL_CERT_FILE" ]; then
100    cp -Lf "$SSL_CERT_FILE" "$mountPoint/tmp/ca-cert.crt"
101    export SSL_CERT_FILE=/tmp/ca-cert.crt
102    # For Nix 1.7
103    export CURL_CA_BUNDLE=/tmp/ca-cert.crt
104fi
105
106if [ -n "$runChroot" ]; then
107    if ! [ -L $mountPoint/nix/var/nix/profiles/system ]; then
108        echo "$0: installation not finished; cannot chroot into installation directory"
109        exit 1
110    fi
111    ln -s /nix/var/nix/profiles/system $mountPoint/run/current-system
112    exec chroot $mountPoint "${chrootCommand[@]}"
113fi
114
115
116# Get the path of the NixOS configuration file.
117if test -z "$NIXOS_CONFIG"; then
118    NIXOS_CONFIG=/etc/nixos/configuration.nix
119fi
120
121if ! test -e "$mountPoint/$NIXOS_CONFIG"; then
122    echo "configuration file $mountPoint/$NIXOS_CONFIG doesn't exist"
123    exit 1
124fi
125
126
127# Create the necessary Nix directories on the target device, if they
128# don't already exist.
129mkdir -m 0755 -p \
130    $mountPoint/nix/var/nix/gcroots \
131    $mountPoint/nix/var/nix/temproots \
132    $mountPoint/nix/var/nix/manifests \
133    $mountPoint/nix/var/nix/userpool \
134    $mountPoint/nix/var/nix/profiles \
135    $mountPoint/nix/var/nix/db \
136    $mountPoint/nix/var/log/nix/drvs
137
138mkdir -m 1775 -p $mountPoint/nix/store
139chown root:nixbld $mountPoint/nix/store
140
141
142# There is no daemon in the chroot.
143unset NIX_REMOTE
144
145
146# We don't have locale-archive in the chroot, so clear $LANG.
147export LANG=
148export LC_ALL=
149export LC_TIME=
150
151
152# Create a temporary Nix config file that causes the nixbld users to
153# be used.
154echo "build-users-group = nixbld" > $mountPoint/tmp/nix.conf # FIXME: remove in Nix 1.8
155binary_caches=$(@perl@/bin/perl -I @nix@/lib/perl5/site_perl/*/* -e 'use Nix::Config; Nix::Config::readConfig; print $Nix::Config::config{"binary-caches"};')
156if test -n "$binary_caches"; then
157    echo "binary-caches = $binary_caches" >> $mountPoint/tmp/nix.conf
158fi
159export NIX_CONF_DIR=/tmp
160
161touch $mountPoint/etc/passwd $mountPoint/etc/group
162mount --bind -o ro /etc/passwd $mountPoint/etc/passwd
163mount --bind -o ro /etc/group $mountPoint/etc/group
164
165
166# Copy Nix to the Nix store on the target device, unless it's already there.
167if ! NIX_DB_DIR=$mountPoint/nix/var/nix/db nix-store --check-validity @nix@ 2> /dev/null; then
168    echo "copying Nix to $mountPoint...."
169    for i in $(@perl@/bin/perl @pathsFromGraph@ @nixClosure@); do
170        echo "  $i"
171        chattr -R -i $mountPoint/$i 2> /dev/null || true # clear immutable bit
172        rsync -a $i $mountPoint/nix/store/
173    done
174
175    # Register the paths in the Nix closure as valid.  This is necessary
176    # to prevent them from being deleted the first time we install
177    # something.  (I.e., Nix will see that, e.g., the glibc path is not
178    # valid, delete it to get it out of the way, but as a result nothing
179    # will work anymore.)
180    chroot $mountPoint @nix@/bin/nix-store --register-validity < @nixClosure@
181fi
182
183
184# Create the required /bin/sh symlink; otherwise lots of things
185# (notably the system() function) won't work.
186mkdir -m 0755 -p $mountPoint/bin
187# !!! assuming that @shell@ is in the closure
188ln -sf @shell@ $mountPoint/bin/sh
189
190
191# Make the build below copy paths from the CD if possible.  Note that
192# /tmp/root in the chroot is the root of the CD.
193export NIX_OTHER_STORES=/tmp/root/nix:$NIX_OTHER_STORES
194
195p=@nix@/libexec/nix/substituters
196export NIX_SUBSTITUTERS=$p/copy-from-other-stores.pl:$p/download-from-binary-cache.pl
197
198
199# Make manifests available in the chroot.
200rm -f $mountPoint/nix/var/nix/manifests/*
201for i in /nix/var/nix/manifests/*.nixmanifest; do
202    chroot $mountPoint @nix@/bin/nix-store -r "$(readlink -f "$i")" > /dev/null
203    cp -pd "$i" $mountPoint/nix/var/nix/manifests/
204done
205
206
207# Get the absolute path to the NixOS/Nixpkgs sources.
208nixpkgs="$(readlink -f $(nix-instantiate --find-file nixpkgs))"
209
210
211# Build the specified Nix expression in the target store and install
212# it into the system configuration profile.
213echo "building the system configuration..."
214NIX_PATH="nixpkgs=/tmp/root/$nixpkgs:nixos-config=$NIXOS_CONFIG" NIXOS_CONFIG= \
215    chroot $mountPoint @nix@/bin/nix-env \
216    "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/system -f '<nixpkgs/nixos>' --set -A system
217
218
219# Copy the NixOS/Nixpkgs sources to the target as the initial contents
220# of the NixOS channel.
221mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles
222mkdir -m 1777 -p $mountPoint/nix/var/nix/profiles/per-user
223mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles/per-user/root
224srcs=$(nix-env "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/per-user/root/channels -q nixos --no-name --out-path 2>/dev/null || echo -n "")
225if test -n "$srcs"; then
226    echo "copying NixOS/Nixpkgs sources..."
227    chroot $mountPoint @nix@/bin/nix-env \
228        "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/per-user/root/channels -i "$srcs" --quiet
229fi
230mkdir -m 0700 -p $mountPoint/root/.nix-defexpr
231ln -sfn /nix/var/nix/profiles/per-user/root/channels $mountPoint/root/.nix-defexpr/channels
232
233
234# Get rid of the /etc bind mounts.
235umount $mountPoint/etc/passwd $mountPoint/etc/group
236
237
238# Grub needs an mtab.
239ln -sfn /proc/mounts $mountPoint/etc/mtab
240
241
242# Mark the target as a NixOS installation, otherwise
243# switch-to-configuration will chicken out.
244touch $mountPoint/etc/NIXOS
245
246
247# Switch to the new system configuration.  This will install Grub with
248# a menu default pointing at the kernel/initrd/etc of the new
249# configuration.
250echo "finalising the installation..."
251NIXOS_INSTALL_GRUB=1 chroot $mountPoint \
252    /nix/var/nix/profiles/system/bin/switch-to-configuration boot
253
254
255# Run the activation script.
256chroot $mountPoint /nix/var/nix/profiles/system/activate
257
258
259# Ask the user to set a root password.
260if [ "$(chroot $mountPoint /run/current-system/sw/bin/sh -l -c "nix-instantiate --eval '<nixpkgs/nixos>' -A config.users.mutableUsers")" = true ] && [ -t 0 ] ; then
261    echo "setting root password..."
262    chroot $mountPoint /var/setuid-wrappers/passwd
263fi
264
265
266echo "installation finished!"