Commit Graph

21 Commits

Author SHA1 Message Date
nikstur
80cafa6a29
Merge pull request #302590 from nikstur/repart-image-label-length
nixos/image/repart: assert maximum label length
2024-04-08 18:48:53 +02:00
nikstur
ad19cee09c nixos/image/repart: assert maximum label length
The maximum label length is specified by UEFI and enforced/asserted by
systemd-repart. This lets evaluation fail already and give the user
some more information about what's wrong.

Also warn when the suggested label length is exceeded. This serves as a
safety mechanism for using systemd-sysupdate style A/B updates where the
version number is encoded in the label and might not be incrementable
when the maximum label size is reached.
2024-04-08 16:42:25 +02:00
nikstur
b9fe4b1e26 nixos/repart-image: supply explicit --architecture to repart
This enables cross-compiling images.
2024-04-04 17:38:08 +02:00
WilliButz
d9264d0568
nixos/repart-image: add myself as maintainer 2024-03-21 11:37:43 +01:00
WilliButz
5282cdd926
nixos/repart-image: add internal option to expose finalPartitions 2024-03-21 11:37:43 +01:00
WilliButz
d7ef2defda
nixos/repart-image: refactor to use mkDerivation
As a follow-up to https://github.com/NixOS/nixpkgs/pull/294096 this
should further improve the flexibility around building OS images with
systemd-repart:

* Previously the attribute set `compression` needed to be fully
  populated, including `algorithm` and `level` because
  `compression.enable` was evaluated by bash, after being interpolated
  as strings into the `buildCommand`. Now it's sufficient to pass
  `compression.enable = false` to the builder, e.g. in `overrideAttrs`,
  to disable the compression.
* Using mkDerivation allows for much more customization than the
  previously used `runCommand`, making use of phases and pre/post hooks.
  This is especially helpful for building multiple images from the same
  system configuration, e.g. to build an image `Y` based on a partially
  built raw image `X`,  by injecting a UKI that depends on `X` into a
  defered ESP.
* Before this change it was non-trivial to conduct further manipulations
  on the amended repart definitions. Now, the definitions that
  systemd-repart uses to build the image can be easily manipulated in
  `postPatch` or `preBuild`.

Aside from this, the build is now executed in the build directory, rather
than `$out`. This allows references to relative paths in the build
environment to be used, especially for `--definitions`, which previously
required an absolute path.
2024-03-21 11:37:43 +01:00
WilliButz
82ef47d3b7
nixos/repart-image: add options to specify mkfs parameters
This new option makes it easier to specify extra mkfs parameters for the
systemd-repart builder.

See https://github.com/systemd/systemd/blob/v255/docs/ENVIRONMENT.md?plain=1#L575-L577
2024-03-07 22:50:56 +01:00
WilliButz
f88148f05e
nixos/repart-image: improve overridability, use structuredAttrs
Parameters passed to systemd-repart are now passed to the build script
via environment variable, which is defined as a list of strings in
combination with `__structuredAttrs = true`. This should make it easier
to customize the image build using `overrideAttrs`.

Both the script used to amend the repart definitions and the amended
definitions are now available via passthru.
2024-03-07 18:27:11 +01:00
Jared Baur
4e139026b5
nixos/repart: add option for configuring sector size
This option is helpful for situations when the target host disk's sector
size differs from that of the build host.
2024-01-27 17:19:32 -08:00
nikstur
a34af9a955 image/repart: add version and compression options
The version option is needed if you want to implement partition &
systemd-boot based A/B booting where the version information is encoded
in the files on the ESP. See systemd-sysupate docs for more details on
this:
https://www.freedesktop.org/software/systemd/man/latest/sysupdate.d.html

Note, however, that this is not *only* useful for systemd-sysupdate but
also for other similar updating tools/mechanisms.
2024-01-19 14:43:29 +01:00
Jared Baur
f58c5e7154
image/repart: build image with buildPackages
Since the repart image is built on the build platform, use
`buildPackages` to construct the image. This allows for systemd-repart
images for cross-compiled nixos configurations to work properly.
2023-12-21 15:11:13 -08:00
nikstur
14152f80bb nixos/image: fix layout of option examples in repart builder 2023-10-31 11:27:57 +01:00
nikstur
84722633b7 nixos/image: move docs into manual 2023-10-31 11:27:56 +01:00
Julian Stecklina
ea3ca0b1e3 nixos/image: fix documentation build
literalExpression triggers the following error when building the
manual:

Cacheable portion of option doc build failed.
Usually this means that an option attribute that ends up in documentation (eg `default` or `description`) depends on the restricted module arguments `config` or `pkgs`.
2023-10-31 00:36:17 +01:00
nikstur
e2699cd256 nixos/image: fix for systemd 254 2023-09-13 12:03:50 +02:00
Arian van Putten
3eb0214551 modules/image/repart: Fix stripNixStorePrefix
It seems it wasn't working
2023-08-22 13:09:03 +02:00
Vincent Haupert
f652755434 nixos/image: add image.repart.package option
Allow giving a custom package containing the `systemd-repart` binary.
Defaults to `pkgs.systemd`. This option opens up the possibility to use
a different package for the image builder and the system configuration.

For example, someone could use this option to build an image with a
patched systemd while still using the upstream nixpkgs systemd package
(i.e., `pkgs.systemd`) for the system configuration installed to the
created image.
2023-08-04 13:49:18 +02:00
Vincent Haupert
5fd478506d nixos/image: use stable target dir for amended repart definitions
Output the amended repart definitions to a well-known directory in
$TMPDIR instead of using a temporary directory with a random directory
name.

The output file `repart-output.json` also contains the full path to the
repart definition file used to create the partition. As
`amend-repart-definitions.py` uses `tempfile.mkdtemp`, this introduces
an impurity:

```json
{
        "type" : "root-x86-64",
        "label" : "rootfs",
        "uuid" : "f2fa2e49-e443-45d2-a2e2-c3754cab6363",
        "file" : "/build/tmppjo7kv5o/rootfs.conf",
        "node" : "image.raw2",
        "offset" : 135266304,
        "old_size" : 0,
        "raw_size" : 1651101696,
        "old_padding" : 0,
        "raw_padding" : 0,
        "activity" : "create",
}
```

This commit changes the parent directory of the amended repart
definitions to `/build/amended-repart.d/`.
2023-08-03 11:46:35 +02:00
Vincent Haupert
7f70abf80c nixos/image: write systemd-repart output to $out/repart-output.json
Write the output of `systemd-repart` as a JSON file to
`$out/repart-output.json`.

Depending on the repart configuration, the output of `systemd-repart`
contains important information, for example, when creating verity
partitions:

> The verity root hash itself will be included in the output of
> systemd-repart.

See `Verity=` in repart.d(5).
2023-08-02 00:10:14 +02:00
nikstur
cb2d047c57 nixos/image: add repart builder docs 2023-07-26 23:36:18 +02:00
nikstur
ec8d30cc50 nixos/image: add repart builder 2023-07-26 23:33:14 +02:00