pyrox.dev / nixpkgs
lol
fork atom
nixpkgs / nixos / modules / profiles / installation-device.nix
at 17.09-beta 3.0 kB view raw
1# Provide a basic configuration for installation devices like CDs. 2{ config, pkgs, lib, ... }: 3 4with lib; 5 6{ 7 imports = 8 [ # Enable devices which are usually scanned, because we don't know the 9 # target system. 10 ../installer/scan/detected.nix 11 ../installer/scan/not-detected.nix 12 13 # Allow "nixos-rebuild" to work properly by providing 14 # /etc/nixos/configuration.nix. 15 ./clone-config.nix 16 17 # Include a copy of Nixpkgs so that nixos-install works out of 18 # the box. 19 ../installer/cd-dvd/channel.nix 20 ]; 21 22 config = { 23 24 # Enable in installer, even if the minimal profile disables it. 25 services.nixosManual.enable = mkForce true; 26 27 # Show the manual. 28 services.nixosManual.showManual = true; 29 30 # Let the user play Rogue on TTY 8 during the installation. 31 #services.rogue.enable = true; 32 33 # Disable some other stuff we don't need. 34 security.sudo.enable = false; 35 36 # Automatically log in at the virtual consoles. 37 services.mingetty.autologinUser = "root"; 38 39 # Some more help text. 40 services.mingetty.helpLine = 41 '' 42 43 The "root" account has an empty password. ${ 44 optionalString config.services.xserver.enable 45 "Type `systemctl start display-manager' to\nstart the graphical user interface."} 46 ''; 47 48 # Allow sshd to be started manually through "systemctl start sshd". 49 services.openssh = { 50 enable = true; 51 # Allow password login to the installation, if the user sets a password via "passwd" 52 # It is safe as root doesn't have a password by default and SSH is disabled by default 53 permitRootLogin = "yes"; 54 }; 55 systemd.services.sshd.wantedBy = mkOverride 50 []; 56 57 # Enable wpa_supplicant, but don't start it by default. 58 networking.wireless.enable = mkDefault true; 59 systemd.services.wpa_supplicant.wantedBy = mkOverride 50 []; 60 61 # Tell the Nix evaluator to garbage collect more aggressively. 62 # This is desirable in memory-constrained environments that don't 63 # (yet) have swap set up. 64 environment.variables.GC_INITIAL_HEAP_SIZE = "100000"; 65 66 # Make the installer more likely to succeed in low memory 67 # environments. The kernel's overcommit heustistics bite us 68 # fairly often, preventing processes such as nix-worker or 69 # download-using-manifests.pl from forking even if there is 70 # plenty of free memory. 71 boot.kernel.sysctl."vm.overcommit_memory" = "1"; 72 73 # To speed up installation a little bit, include the complete 74 # stdenv in the Nix store on the CD. 75 system.extraDependencies = with pkgs; [ stdenv stdenvNoCC busybox ]; 76 77 # Show all debug messages from the kernel but don't log refused packets 78 # because we have the firewall enabled. This makes installs from the 79 # console less cumbersome if the machine has a public IP. 80 boot.consoleLogLevel = mkDefault 7; 81 networking.firewall.logRefusedConnections = mkDefault false; 82 83 environment.systemPackages = [ pkgs.vim ]; 84 }; 85}