pyrox.dev
1# Builds an ext4 image containing a populated /nix/store with the closure
2# of store paths passed in the storePaths parameter, in addition to the
3# contents of a directory that can be populated with commands. The
4# generated image is sized to only fit its contents, with the expectation
5# that a script resizes the filesystem at boot time.
6{ pkgs
7, lib
8# List of derivations to be included
9, storePaths
10# Whether or not to compress the resulting image with zstd
11, compressImage ? false, zstd
12# Shell commands to populate the ./files directory.
13# All files in that directory are copied to the root of the FS.
14, populateImageCommands ? ""
15, volumeLabel
16, uuid ? "44444444-4444-4444-8888-888888888888"
17, e2fsprogs
18, libfaketime
19, perl
20, fakeroot
21}:
22
23let
24 sdClosureInfo = pkgs.buildPackages.closureInfo { rootPaths = storePaths; };
25in
26pkgs.stdenv.mkDerivation {
27 name = "ext4-fs.img${lib.optionalString compressImage ".zst"}";
28
29 nativeBuildInputs = [ e2fsprogs.bin libfaketime perl fakeroot ]
30 ++ lib.optional compressImage zstd;
31
32 buildCommand =
33 ''
34 ${if compressImage then "img=temp.img" else "img=$out"}
35 (
36 mkdir -p ./files
37 ${populateImageCommands}
38 )
39
40 echo "Preparing store paths for image..."
41
42 # Create nix/store before copying path
43 mkdir -p ./rootImage/nix/store
44
45 xargs -I % cp -a --reflink=auto % -t ./rootImage/nix/store/ < ${sdClosureInfo}/store-paths
46 (
47 GLOBIGNORE=".:.."
48 shopt -u dotglob
49
50 for f in ./files/*; do
51 cp -a --reflink=auto -t ./rootImage/ "$f"
52 done
53 )
54
55 # Also include a manifest of the closures in a format suitable for nix-store --load-db
56 cp ${sdClosureInfo}/registration ./rootImage/nix-path-registration
57
58 # Make a crude approximation of the size of the target image.
59 # If the script starts failing, increase the fudge factors here.
60 numInodes=$(find ./rootImage | wc -l)
61 numDataBlocks=$(du -s -c -B 4096 --apparent-size ./rootImage | tail -1 | awk '{ print int($1 * 1.10) }')
62 bytes=$((2 * 4096 * $numInodes + 4096 * $numDataBlocks))
63 echo "Creating an EXT4 image of $bytes bytes (numInodes=$numInodes, numDataBlocks=$numDataBlocks)"
64
65 truncate -s $bytes $img
66
67 faketime -f "1970-01-01 00:00:01" fakeroot mkfs.ext4 -L ${volumeLabel} -U ${uuid} -d ./rootImage $img
68
69 export EXT2FS_NO_MTAB_OK=yes
70 # I have ended up with corrupted images sometimes, I suspect that happens when the build machine's disk gets full during the build.
71 if ! fsck.ext4 -n -f $img; then
72 echo "--- Fsck failed for EXT4 image of $bytes bytes (numInodes=$numInodes, numDataBlocks=$numDataBlocks) ---"
73 cat errorlog
74 return 1
75 fi
76
77 # We may want to shrink the file system and resize the image to
78 # get rid of the unnecessary slack here--but see
79 # https://github.com/NixOS/nixpkgs/issues/125121 for caveats.
80
81 # shrink to fit
82 resize2fs -M $img
83
84 # Add 16 MebiByte to the current_size
85 new_size=$(dumpe2fs -h $img | awk -F: \
86 '/Block count/{count=$2} /Block size/{size=$2} END{print (count*size+16*2**20)/size}')
87
88 resize2fs $img $new_size
89
90 if [ ${builtins.toString compressImage} ]; then
91 echo "Compressing image"
92 zstd -v --no-progress ./$img -o $out
93 fi
94 '';
95}