Skip to content

feat: add --extra-files and --chown parameters #752

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: add --extra-files and --chown parameters #752

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 47 additions & 3 deletions docs/src/building.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@

This requires access to a system that already has Nix installed. Please refer to the [Nix installation guide](https://nixos.org/guides/install-nix.html) if that\'s not the case.

If you have a flakes-enabled Nix, you can use the following command to
build your own tarball instead of relying on a prebuilt one:
If you have a flakes-enabled Nix, you can use the following command to build your own tarball instead of relying on a prebuilt one:

```sh
sudo nix run github:nix-community/NixOS-WSL#nixosConfigurations.default.config.system.build.tarballBuilder
Expand All @@ -19,7 +18,52 @@ Without a flakes-enabled Nix, you can build a tarball using:

```sh
nix-build -A nixosConfigurations.default.config.system.build.tarballBuilder && sudo ./result/bin/nixos-wsl-tarball-builder

```

The resulting tarball can then be found under `nixos.wsl`.

## Copying files to the new installation

The tarball builder supports copying in extra files and fixing up ownership before the tarball is packed.

### `--extra-files <path>`

The `--extra-files <path>` option allows copying files into the target root after installation.

The contents of `<path>` are recursively copied and overwrite the target\'s root (`/`). The structure and permissions of `<path>` should already match how you want them on the target.

For example, if you want to copy your SSH host key, you can prepare a directory structure like this:

```sh
root=$(mktemp -d)
sudo mkdir -p $root/etc/ssh
sudo cp /etc/ssh/ssh_host_ed25519_key $root/etc/ssh
```

Then run:

```sh
sudo nix run github:nix-community/NixOS-WSL#nixosConfigurations.default.config.system.build.tarballBuilder --extra-files $root
```

By default, everything ends up owned by root.

### `--chown <path> <uid:gid>`

The `--chown` option allows adjusting ownership of directories or files inside the tarball after they\'re copied.

For example:

```sh
sudo nix run github:nix-community/NixOS-WSL#nixosConfigurations.default.config.system.build.tarballBuilder \
--extra-files ./extra \
--chown /home/myuser 1000:100
```

This is equivalent to running inside the tarball root:

```sh
chown -R 1000:100 /home/myuser
```

The `--chown` option can be used multiple times to set ownership for different paths. Only use this when you can guarantee what the UID/GID will be on the target system.
61 changes: 58 additions & 3 deletions modules/build-tarball.nix
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -77,20 +77,77 @@ in
];

text = ''
usage() {
echo "Usage: $0 [--extra-files PATH] [--chown PATH UID:GID] [output.tar.gz]"
exit 1
}

if ! [ $EUID -eq 0 ]; then
echo "This script must be run as root!"
exit 1
fi

# Use .wsl extension to support double-click installs on recent versions of Windows
out=''${1:-nixos.wsl}
out="nixos.wsl"
extra_files=""

declare -A chowns=()
positionals=()

while [ $# -gt 0 ]; do
case "$1" in
--extra-files)
shift
extra_files="$1"
;;
--chown)
shift
path="$1"
shift
perms="$1"
chowns["$path"]="$perms"
;;
-*)
echo "Unknown option: $1"
usage
;;
*)
positionals+=("$1")
;;
esac
shift
done

if [ ''${#positionals[@]} -gt 1 ]; then
echo "Too many positional arguments: ''${positionals[*]}"
usage
fi

if [ ''${#positionals[@]} -gt 0 ]; then
out="''${positionals[0]}"
fi

root=$(mktemp -p "''${TMPDIR:-/tmp}" -d nixos-wsl-tarball.XXXXXXXXXX)
# FIXME: fails in CI for some reason, but we don't really care because it's CI
trap 'chattr -Rf -i "$root" || true && rm -rf "$root" || true' INT TERM EXIT

if [ -n "$extra_files" ]; then
if ! [ -d "$extra_files" ]; then
echo "The path passed to --extra-files must be a directory"
exit 1
fi

echo "[NixOS-WSL] Copying extra files to $root..."
cp --verbose --archive --no-preserve=ownership --no-target-directory "$extra_files" "$root"
fi

chmod o+rx "$root"

for path in "''${!chowns[@]}"; do
echo "[NixOS-WSL] Setting ownership for $path to ''${chowns[$path]}"
chown -R "''${chowns[$path]}" "$root/$path"
done

echo "[NixOS-WSL] Installing..."
nixos-install \
--root "$root" \
Expand Down Expand Up @@ -119,8 +176,6 @@ in
-c \
--sort=name \
--mtime='@1' \
--owner=0 \
--group=0 \
--numeric-owner \
--hard-dereference \
. \
Expand Down
Loading