toph/dot.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enhance ISO configuration: add ARM-specific options and update system settings; ensure no password conflicts for users

Browse source
This commit is contained in:
Chris Toph 2025-06-16 14:13:05 -04:00
parent 15699b2a30
commit d9eaddc9db
2 changed files with 23 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
iso/default.nix
View file

@ -8,15 +8,17 @@
... ...
}: }:
{ {
# ISO settings ## ISO ##
isoImage = { isoImage = {
isoName = lib.mkForce "nixos-${config.hostSpec.hostName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso"; isoName = lib.mkForce "nixos-${config.hostSpec.hostName}-${config.system.nixos.label}-${pkgs.stdenv.hostPlatform.system}.iso";
makeEfiBootable = true; makeEfiBootable = true;
makeUsbBootable = true; makeUsbBootable = true;
compressImage = false; compressImage = false;
squashfsCompression = lib.mkIf isARM "gzip";
includeSystemBuildDependencies = lib.mkIf isARM false;
}; };
# Enable root SSH access ## SSH & NETWORK ##
services.openssh = { services.openssh = {
enable = true; enable = true;
settings = { settings = {
@ -31,7 +33,7 @@
enableIPv6 = false; enableIPv6 = false;
}; };
# Extra pkgs; iso tools ## PKGS ##
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
parted parted
gptfdisk gptfdisk
@ -39,11 +41,10 @@
gparted gparted
]; ];
# VM guest additions to improve host-guest interaction ## VM additions ##
services.spice-vdagentd.enable = true; services.spice-vdagentd.enable = true;
services.qemuGuest.enable = true; services.qemuGuest.enable = true;
virtualisation.vmware.guest.enable = pkgs.stdenv.hostPlatform.isx86; virtualisation.vmware.guest.enable = pkgs.stdenv.hostPlatform.isx86;
# https://github.com/torvalds/linux/blob/00b827f0cffa50abb6773ad4c34f4cd909dae1c8/drivers/hv/Kconfig#L7-L8
virtualisation.hypervGuest.enable = virtualisation.hypervGuest.enable =
pkgs.stdenv.hostPlatform.isx86 || pkgs.stdenv.hostPlatform.isAarch64; pkgs.stdenv.hostPlatform.isx86 || pkgs.stdenv.hostPlatform.isAarch64;
services.xe-guest-utilities.enable = pkgs.stdenv.hostPlatform.isx86; services.xe-guest-utilities.enable = pkgs.stdenv.hostPlatform.isx86;
@ -51,9 +52,20 @@
# which lags behind kernel releases, potentially causing broken builds. # which lags behind kernel releases, potentially causing broken builds.
virtualisation.virtualbox.guest.enable = false; virtualisation.virtualbox.guest.enable = false;
# Basic system settings ## System ##
system.stateVersion = "25.05"; system.stateVersion = "25.05";
nixpkgs.hostPlatform = system; nixpkgs.hostPlatform = system;
nixpkgs.config.allowUnsupportedSystem = true; # Cross-compilation
users.mutableUsers = lib.mkForce true; # Allow password changes users.mutableUsers = lib.mkForce true; # Allow password changes
boot.kernelPackages = pkgs.linuxPackages_latest;
nixpkgs.config = {
allowUnsupportedSystem = true;
allowUnfree = true;
allowBroken = false;
};
systemd.services = lib.mkIf isARM {
systemd-firstboot.enable = lib.mkForce false;
systemd-machine-id-commit.enable = lib.mkForce false;
};
} }

4
iso/not-secrets.nix
View file

@ -48,4 +48,8 @@ in
}; };
}; };
}; };
# Override the installation-cd defaults to prevent password conflicts
users.users.nixos.initialHashedPassword = lib.mkForce null;
users.users.root.initialHashedPassword = lib.mkForce null;
} }