nix/os/devices/steveej-t480s-work: attempt to enable pre-boot SSH

2018-11-12 20:20:36 +01:00 · 2018-11-12 20:20:36 +01:00 · 4e01df65e0
commit 4e01df65e0
parent 69034f287c
4 changed files with 158 additions and 1 deletions
--- a/nix/os/devices/steveej-t480s-work/configuration.nix
+++ b/nix/os/devices/steveej-t480s-work/configuration.nix
@ -1,7 +1,14 @@
 { ... }:

 {
+  disabledModules = [
+    "system/boot/initrd-network.nix"
+
+  ];
+
  imports = [
+    ../../modules/initrd-network.nix
+
    ../../profiles/common/configuration.nix
    ../../profiles/graphical/configuration.nix
    ../../modules/encryptedDisk.nix
--- a/nix/os/devices/steveej-t480s-work/hw.nix
+++ b/nix/os/devices/steveej-t480s-work/hw.nix
@ -7,6 +7,12 @@ let
    "aes_x86_64"
    "nvme"
    "nvme_core"
+
+    "pcieport"
+    "thunderbolt"
+    "e1000e"
+    "xhci_pci"
+    "hxci_hcd"
  ];

 in
--- a/nix/os/devices/steveej-t480s-work/system.nix
+++ b/nix/os/devices/steveej-t480s-work/system.nix
@ -1,8 +1,12 @@
 { pkgs
 , lib
+, config
 , ... }:

-{
+let
+  keys = import ../../../variables/keys.nix;
+in {
+
  # TASK: new device
  networking.hostName = "steveej-t480s-work"; # Define your hostname.

@ -47,4 +51,15 @@
    virtualbox.host.addNetworkInterface = true;
    docker.enable = true;
  };
+
+  boot.initrd.network = {
+    enable = true;
+    useDHCP = true;
+    udhcpc.extraArgs = [ "-x hostname:${config.networking.hostName}" ];
+
+    ssh = {
+      enable = true;
+      authorizedKeys = keys.users.steveej.openssh;
+    };
+  };
 }
--- a/nix/os/modules/initrd-network.nix
+++ b/nix/os/modules/initrd-network.nix
@ -0,0 +1,129 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+
+  cfg = config.boot.initrd.network;
+
+  udhcpcScript = pkgs.writeScript "udhcp-script"
+    ''
+      #! /bin/sh
+      if [ "$1" = bound ]; then
+        ip address add "$ip/$mask" dev "$interface"
+        if [ -n "$router" ]; then
+          ip route add "$router" dev "$interface" # just in case if "$router" is not within "$ip/$mask" (e.g. Hetzner Cloud)
+          ip route add default via "$router" dev "$interface"
+        fi
+        if [ -n "$dns" ]; then
+          rm -f /etc/resolv.conf
+          for i in $dns; do
+            echo "nameserver $dns" >> /etc/resolv.conf
+          done
+        fi
+      fi
+    '';
+
+  udhcpcArgs = toString cfg.udhcpc.extraArgs;
+
+in
+
+{
+
+  options = {
+
+    boot.initrd.network.enable = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Add network connectivity support to initrd. The network may be
+        configured using the <literal>ip</literal> kernel parameter,
+        as described in <link
+        xlink:href="https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt">the
+        kernel documentation</link>.  Otherwise, if
+        <option>networking.initrd.network.useDHCP</option> is enabled, an IP address
+        is acquired using DHCP.
+
+        You should add the module(s) required for your network card to
+        boot.initrd.availableKernelModules. lspci -v -s &lt;ethernet controller&gt;
+        will tell you which.
+      '';
+    };
+
+    boot.initrd.network.udhcpc.extraArgs = mkOption {
+      default = [];
+      type = types.listOf types.str;
+      description = ''
+        Additional command-line arguments passed verbatim to udhcpc if
+        <option>boot.initrd.network.enable</option> and <option>networking.useDHCP</option>
+        are enabled.
+      '';
+    };
+
+    boot.initrd.network.postCommands = mkOption {
+      default = "";
+      type = types.lines;
+      description = ''
+        Shell commands to be executed after stage 1 of the
+        boot has initialised the network.
+      '';
+    };
+
+    boot.initrd.network.useDHCP = mkOption {
+      type = types.bool;
+      default = false;
+      description = ''
+        Whether to enable DHCP for the network interfaces.
+      '';
+    };
+
+  };
+
+  config = mkIf cfg.enable {
+
+    warnings = [ "Enabled SSH for stage1" ];
+
+    boot.initrd.kernelModules = [ "af_packet" ];
+
+    boot.initrd.extraUtilsCommands = ''
+      copy_bin_and_libs ${pkgs.mkinitcpio-nfs-utils}/bin/ipconfig
+    '';
+
+    boot.initrd.preLVMCommands = mkBefore (
+      # Search for interface definitions in command line.
+      ''
+        for o in $(cat /proc/cmdline); do
+          case $o in
+            ip=*)
+              ipconfig $o && hasNetwork=1
+              ;;
+          esac
+        done
+      ''
+
+      # Otherwise, use DHCP.
+      + optionalString cfg.useDHCP ''
+        if [ -z "$hasNetwork" ]; then
+
+          # Bring up all interfaces.
+          for iface in $(cd /sys/class/net && ls); do
+            echo "bringing up network interface $iface..."
+            ip link set "$iface" up
+          done
+
+          # Acquire a DHCP lease.
+          echo "acquiring IP address via DHCP..."
+          udhcpc --quit --now --script ${udhcpcScript} ${udhcpcArgs} && hasNetwork=1
+        fi
+      ''
+
+      + ''
+        if [ -n "$hasNetwork" ]; then
+          echo "networking is up!"
+          ${cfg.postCommands}
+        fi
+      '');
+
+  };
+
+}