nixos/modules/installer/tools/nixos-install.sh at 16.09-beta · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs
lol
nixpkgs / nixos / modules / installer / tools / nixos-install.sh
at 16.09-beta 8.4 kB view raw
  1#! @shell@
  2
  3# - make Nix store etc.
  4# - copy closure of Nix to target device
  5# - register validity
  6# - with a chroot to the target device:
  7#   * nix-env -p /nix/var/nix/profiles/system -i <nix-expr for the configuration>
  8#   * install the boot loader
  9
 10# Ensure a consistent umask.
 11umask 0022
 12
 13# Re-exec ourselves in a private mount namespace so that our bind
 14# mounts get cleaned up automatically.
 15if [ "$(id -u)" = 0 ]; then
 16    if [ -z "$NIXOS_INSTALL_REEXEC" ]; then
 17        export NIXOS_INSTALL_REEXEC=1
 18        exec unshare --mount --uts -- "$0" "$@"
 19    else
 20        mount --make-rprivate /
 21    fi
 22fi
 23
 24# Parse the command line for the -I flag
 25extraBuildFlags=()
 26chrootCommand=(/run/current-system/sw/bin/bash)
 27buildUsersGroup="nixbld"
 28
 29while [ "$#" -gt 0 ]; do
 30    i="$1"; shift 1
 31    case "$i" in
 32        --max-jobs|-j|--cores|-I)
 33            j="$1"; shift 1
 34            extraBuildFlags+=("$i" "$j")
 35            ;;
 36        --option)
 37            j="$1"; shift 1
 38            k="$1"; shift 1
 39            extraBuildFlags+=("$i" "$j" "$k")
 40            ;;
 41        --root)
 42            mountPoint="$1"; shift 1
 43            ;;
 44        --closure)
 45            closure="$1"; shift 1
 46            buildUsersGroup=""
 47            ;;
 48        --no-channel-copy)
 49            noChannelCopy=1
 50            ;;
 51        --no-root-passwd)
 52            noRootPasswd=1
 53            ;;
 54        --no-bootloader)
 55            noBootLoader=1
 56            ;;
 57        --show-trace)
 58            extraBuildFlags+=("$i")
 59            ;;
 60        --chroot)
 61            runChroot=1
 62            if [[ "$@" != "" ]]; then
 63                chrootCommand=("$@")
 64            fi
 65            break
 66            ;;
 67        --help)
 68            exec man nixos-install
 69            exit 1
 70            ;;
 71        *)
 72            echo "$0: unknown option \`$i'"
 73            exit 1
 74            ;;
 75    esac
 76done
 77
 78set -e
 79shopt -s nullglob
 80
 81if test -z "$mountPoint"; then
 82    mountPoint=/mnt
 83fi
 84
 85if ! test -e "$mountPoint"; then
 86    echo "mount point $mountPoint doesn't exist"
 87    exit 1
 88fi
 89
 90
 91# Mount some stuff in the target root directory.
 92mkdir -m 0755 -p $mountPoint/dev $mountPoint/proc $mountPoint/sys $mountPoint/etc $mountPoint/run $mountPoint/home
 93mkdir -m 01777 -p $mountPoint/tmp
 94mkdir -m 0755 -p $mountPoint/tmp/root
 95mkdir -m 0700 -p $mountPoint/root
 96mount --rbind /dev $mountPoint/dev
 97mount --rbind /proc $mountPoint/proc
 98mount --rbind /sys $mountPoint/sys
 99mount --rbind / $mountPoint/tmp/root
100mount -t tmpfs -o "mode=0755" none $mountPoint/run
101rm -rf $mountPoint/var/run
102ln -s /run $mountPoint/var/run
103for f in /etc/resolv.conf /etc/hosts; do rm -f $mountPoint/$f; [ -f "$f" ] && cp -Lf $f $mountPoint/etc/; done
104for f in /etc/passwd /etc/group;      do touch $mountPoint/$f; [ -f "$f" ] && mount --rbind -o ro $f $mountPoint/$f; done
105
106cp -Lf "@cacert@" "$mountPoint/tmp/ca-cert.crt"
107export SSL_CERT_FILE=/tmp/ca-cert.crt
108# For Nix 1.7
109export CURL_CA_BUNDLE=/tmp/ca-cert.crt
110
111if [ -n "$runChroot" ]; then
112    if ! [ -L $mountPoint/nix/var/nix/profiles/system ]; then
113        echo "$0: installation not finished; cannot chroot into installation directory"
114        exit 1
115    fi
116    ln -s /nix/var/nix/profiles/system $mountPoint/run/current-system
117    exec chroot $mountPoint "${chrootCommand[@]}"
118fi
119
120
121# Get the path of the NixOS configuration file.
122if test -z "$NIXOS_CONFIG"; then
123    NIXOS_CONFIG=/etc/nixos/configuration.nix
124fi
125
126if [ ! -e "$mountPoint/$NIXOS_CONFIG" ] && [ -z "$closure" ]; then
127    echo "configuration file $mountPoint/$NIXOS_CONFIG doesn't exist"
128    exit 1
129fi
130
131
132# Create the necessary Nix directories on the target device, if they
133# don't already exist.
134mkdir -m 0755 -p \
135    $mountPoint/nix/var/nix/gcroots \
136    $mountPoint/nix/var/nix/temproots \
137    $mountPoint/nix/var/nix/userpool \
138    $mountPoint/nix/var/nix/profiles \
139    $mountPoint/nix/var/nix/db \
140    $mountPoint/nix/var/log/nix/drvs
141
142mkdir -m 1775 -p $mountPoint/nix/store
143chown @root_uid@:@nixbld_gid@ $mountPoint/nix/store
144
145
146# There is no daemon in the chroot.
147unset NIX_REMOTE
148
149
150# We don't have locale-archive in the chroot, so clear $LANG.
151export LANG=
152export LC_ALL=
153export LC_TIME=
154
155
156# Builds will use users that are members of this group
157extraBuildFlags+=(--option "build-users-group" "$buildUsersGroup")
158
159
160# Inherit binary caches from the host
161binary_caches="$(@perl@/bin/perl -I @nix@/lib/perl5/site_perl/*/* -e 'use Nix::Config; Nix::Config::readConfig; print $Nix::Config::config{"binary-caches"};')"
162extraBuildFlags+=(--option "binary-caches" "$binary_caches")
163
164
165# Copy Nix to the Nix store on the target device, unless it's already there.
166if ! NIX_DB_DIR=$mountPoint/nix/var/nix/db nix-store --check-validity @nix@ 2> /dev/null; then
167    echo "copying Nix to $mountPoint...."
168    for i in $(@perl@/bin/perl @pathsFromGraph@ @nixClosure@); do
169        echo "  $i"
170        chattr -R -i $mountPoint/$i 2> /dev/null || true # clear immutable bit
171        @rsync@/bin/rsync -a $i $mountPoint/nix/store/
172    done
173
174    # Register the paths in the Nix closure as valid.  This is necessary
175    # to prevent them from being deleted the first time we install
176    # something.  (I.e., Nix will see that, e.g., the glibc path is not
177    # valid, delete it to get it out of the way, but as a result nothing
178    # will work anymore.)
179    chroot $mountPoint @nix@/bin/nix-store --register-validity < @nixClosure@
180fi
181
182
183# Create the required /bin/sh symlink; otherwise lots of things
184# (notably the system() function) won't work.
185mkdir -m 0755 -p $mountPoint/bin
186# !!! assuming that @shell@ is in the closure
187ln -sf @shell@ $mountPoint/bin/sh
188
189
190# Build hooks likely won't function correctly in the minimal chroot; just disable them.
191unset NIX_BUILD_HOOK
192
193# Make the build below copy paths from the CD if possible.  Note that
194# /tmp/root in the chroot is the root of the CD.
195export NIX_OTHER_STORES=/tmp/root/nix:$NIX_OTHER_STORES
196
197p=@nix@/libexec/nix/substituters
198export NIX_SUBSTITUTERS=$p/copy-from-other-stores.pl:$p/download-from-binary-cache.pl
199
200
201if [ -z "$closure" ]; then
202    # Get the absolute path to the NixOS/Nixpkgs sources.
203    nixpkgs="$(readlink -f $(nix-instantiate --find-file nixpkgs))"
204
205    nixEnvAction="-f <nixpkgs/nixos> --set -A system"
206else
207    nixpkgs=""
208    nixEnvAction="--set $closure"
209fi
210
211# Build the specified Nix expression in the target store and install
212# it into the system configuration profile.
213echo "building the system configuration..."
214NIX_PATH="nixpkgs=/tmp/root/$nixpkgs:nixos-config=$NIXOS_CONFIG" NIXOS_CONFIG= \
215    chroot $mountPoint @nix@/bin/nix-env \
216    "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/system $nixEnvAction
217
218
219# Copy the NixOS/Nixpkgs sources to the target as the initial contents
220# of the NixOS channel.
221mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles
222mkdir -m 1777 -p $mountPoint/nix/var/nix/profiles/per-user
223mkdir -m 0755 -p $mountPoint/nix/var/nix/profiles/per-user/root
224srcs=$(nix-env "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/per-user/root/channels -q nixos --no-name --out-path 2>/dev/null || echo -n "")
225if [ -z "$noChannelCopy" ] && [ -n "$srcs" ]; then
226    echo "copying NixOS/Nixpkgs sources..."
227    chroot $mountPoint @nix@/bin/nix-env \
228        "${extraBuildFlags[@]}" -p /nix/var/nix/profiles/per-user/root/channels -i "$srcs" --quiet
229fi
230mkdir -m 0700 -p $mountPoint/root/.nix-defexpr
231ln -sfn /nix/var/nix/profiles/per-user/root/channels $mountPoint/root/.nix-defexpr/channels
232
233
234# Get rid of the /etc bind mounts.
235for f in /etc/passwd /etc/group; do [ -f "$f" ] && umount $mountPoint/$f; done
236
237
238# Grub needs an mtab.
239ln -sfn /proc/mounts $mountPoint/etc/mtab
240
241
242# Mark the target as a NixOS installation, otherwise
243# switch-to-configuration will chicken out.
244touch $mountPoint/etc/NIXOS
245
246
247# Switch to the new system configuration.  This will install Grub with
248# a menu default pointing at the kernel/initrd/etc of the new
249# configuration.
250echo "finalising the installation..."
251if [ -z "$noBootLoader" ]; then
252  NIXOS_INSTALL_BOOTLOADER=1 chroot $mountPoint \
253      /nix/var/nix/profiles/system/bin/switch-to-configuration boot
254fi
255
256# Run the activation script.
257chroot $mountPoint /nix/var/nix/profiles/system/activate
258
259
260# Ask the user to set a root password.
261if [ -z "$noRootPasswd" ] && [ -x $mountPoint/var/setuid-wrappers/passwd ] && [ -t 0 ]; then
262    echo "setting root password..."
263    chroot $mountPoint /var/setuid-wrappers/passwd
264fi
265
266
267echo "installation finished!"