Nixos19.09

from_scratch/base.yaml

@@ -63,6 +63,8 @@ global:
   qemu_append_cmdline: $${installer_cmdline}
   qemu_iso_path: $${kameleon_cwd}/qemu.iso
 
+  first_vm_boot_timeout: 5
+
   # rootfs options
   disk_device: /dev/vda
   rootfs: /rootfs
@@ -105,15 +107,15 @@ bootstrap:
   - enable_checkpoint
   - download_installer
   - prepare_disk
-  - prepare_autoinstall
+  - prepare_ssh_to_out_context
   - start_http_server
+  - prepare_autoinstall
   - start_qemu:
     - force_vm_shutdown: false
     - shutdown_vm_immediately: true
     - vm_cleanup_section: bootstrap
     - vm_expected_service:
-    - boot_timeout: 5
-  - prepare_ssh_to_out_context
+    - boot_timeout: $${first_vm_boot_timeout}
   - prepare_appliance
   - start_qemu:
     - force_vm_shutdown: true

from_scratch/nixos-19.03.yaml

@@ -0,0 +1,21 @@
+#==============================================================================
+# vim: softtabstop=2 shiftwidth=2 expandtab fenc=utf-8 cc=81 tw=80
+#==============================================================================
+#
+# DESCRIPTION: NIXOS
+#
+#==============================================================================
+---
+extend: nixos-base.yaml
+
+global:
+  release: 19.03
+
+bootstrap:
+  - "@base"
+
+setup:
+  - "@base"
+
+export:
+  - "@base"

from_scratch/nixos-19.09.yaml

@@ -0,0 +1,21 @@
+#==============================================================================
+# vim: softtabstop=2 shiftwidth=2 expandtab fenc=utf-8 cc=81 tw=80
+#==============================================================================
+#
+# DESCRIPTION: NIXOS
+#
+#==============================================================================
+---
+extend: nixos-base.yaml
+
+global:
+  release: 19.09
+
+bootstrap:
+  - "@base"
+
+setup:
+  - "@base"
+
+export:
+  - "@base"

from_scratch/nixos-20.03.yaml

@@ -0,0 +1,21 @@
+#==============================================================================
+# vim: softtabstop=2 shiftwidth=2 expandtab fenc=utf-8 cc=81 tw=80
+#==============================================================================
+#
+# DESCRIPTION: NIXOS
+#
+#==============================================================================
+---
+extend: nixos-base.yaml
+
+global:
+  release: 20.03
+
+bootstrap:
+  - "@base"
+
+setup:
+  - "@base"
+
+export:
+  - "@base"

from_scratch/nixos-base.yaml

@@ -0,0 +1,52 @@
+#==============================================================================
+# vim: softtabstop=2 shiftwidth=2 expandtab fenc=utf-8 cc=81 tw=80
+#==============================================================================
+#
+# DESCRIPTION: NIXOS
+#
+#==============================================================================
+---
+extend: base.yaml
+
+global:
+  distrib: nixos
+  release: 19.09
+
+  installer_iso_url: https://channels.nixos.org/$${distrib}-$${release}/latest-nixos-minimal-$${arch}-linux.iso
+  # To use a special build, comment the previous line and uncomment the build
+  # and installer_iso_url lines below. Builds can be found at http://releases.nixos.org/?prefix=nixos/19.09-small/
+  #build: 2484.322fd893724
+  #installer_iso_url: http://releases.nixos.org/$${distrib}/$${release}-small/$${distrib}-$${release}.$${build}/$${distrib}-minimal-$${release}.$${build}-$${arch}-linux.iso
+
+  qemu_iso_path: $${kameleon_cwd}/$${distrib}.iso
+
+  qemu_sendkeys_commands: $${kameleon_data_dir}/qemu-sendkeys/netinst-iso-$${distrib}
+  qemu_memory_size: 2048
+
+  first_vm_boot_timeout: 40
+  use_virt_customize: false
+
+  autoinstall_script_path: $${kameleon_data_dir}/$${distrib}/autoinstall.sh
+
+  nix_hardware_configuration: $${kameleon_data_dir}/$${distrib}/hardware-configuration.nix
+  nix_configuration: $${kameleon_data_dir}/$${distrib}/configuration.nix
+
+  out_context:
+    cmd: ssh -F $${ssh_config_file} $${kameleon_recipe_name} -t /run/current-system/sw/bin/bash
+    workdir: /root/kameleon_workdir
+    proxy_cache: $${local_ip}
+
+  in_context:
+    cmd: ssh -F $${ssh_config_file} $${kameleon_recipe_name} -t /run/current-system/sw/bin/bash
+    workdir: /root/kameleon_workdir
+    proxy_cache: $${local_ip}
+
+bootstrap:
+  - "@base"
+  - breakpoint
+setup:
+  - "@base"
+  - breakpoint
+
+export:
+  - "@base"

steps/bootstrap/nixos/prepare_autoinstall.yaml

@@ -1,21 +1,24 @@
+- insecure_ssh_key: $${kameleon_cwd}/insecure_ssh_key
+
 - copy_autoinstall_script_to_http_directory:
   - exec_local: mkdir -p $${http_directory}
   - exec_local: cp $${autoinstall_script_path} $${http_directory}/autoinstall.sh
   - exec_local: cp $${nix_configuration} $${http_directory}/configuration.nix
+  - exec_local: cp $${nix_hardware_configuration} $${http_directory}/hardware-configuration.nix
 
 - configure_proxy:
   - exec_local: |
-      if [ ! "$${proxy_out}" = "" ]; then
-        sed -i s'|export http_proxy=\(.*\)|export http_proxy=http://$${proxy_out}|'g $${http_directory}/autoinstall.sh
+      if [ -n "$${proxy_out}" ]; then
+        sed -i -e "s|%HTTP_PROXY%|http://$${proxy_out}|g" $${http_directory}/autoinstall.sh
+      else
+        sed -i -e "s|%HTTP_PROXY%||g" $${http_directory}/autoinstall.sh
       fi
 
 - set_root_password:
   - exec_local: |
-        sed -i s'|export PASSWD=\(.*\)|export PASSWD=$${root_password}|'g $${http_directory}/autoinstall.sh
-
-- write_boot_command:
-  - write_local:
-    - $${kameleon_cwd}/boot_command
-    - >
-      curl -sSL http://$${local_ip}:$${http_port}/configuration.nix <gt> /tmp/configuration.nix<kp_enter>
-      curl -sSL http://$${local_ip}:$${http_port}/autoinstall.sh | bash<kp_enter>
+        INSECURE_SSH_KEY_PUB=$(< $${insecure_ssh_key}.pub)
+        sed -i -e "s|%PASSWORD%|$${root_password}|g" $${http_directory}/autoinstall.sh
+        sed -i -e "s|%LOCAL_IP%|$${local_ip}|g" $${http_directory}/autoinstall.sh
+        sed -i -e "s|%HTTP_PORT%|$HTTP_PORT|g" $${http_directory}/autoinstall.sh
+        sed -i -e "s|%PASSWORD%|$${root_password}|g" $${http_directory}/configuration.nix
+        sed -i -e "s|%SSH_PUBLIC_KEY%|$INSECURE_SSH_KEY_PUB|g" $${http_directory}/configuration.nix

steps/bootstrap/prepare_appliance.yaml

@@ -1,53 +1,33 @@
 - insecure_ssh_key: $${kameleon_cwd}/insecure_ssh_key
 - enable_workaround_login_delay: false
+- use_virt_customize: true
 
-- generate_ssh_keys:
-  - check_cmd_local: ssh-keygen
-  - exec_local: echo -e  'y\n' | ssh-keygen -q -t rsa -b 4096 -f $${insecure_ssh_key} -N ''
+- show_ssh_keys:
   - exec_local: cat $${insecure_ssh_key}
+  - exec_local: cat $${insecure_ssh_key}.pub
 
 - inject_ssh_private_key:
   - check_cmd_local: virt-customize
-  - exec_local: |
-      virt-customize \
-        -a $${image_disk}.$${image_format} \
-        --run-command 'mkdir -p /root/.ssh' \
-        --upload $${insecure_ssh_key}.pub:/root/.ssh/.kameleon_authorized_keys \
-        --run-command 'touch /root/.ssh/authorized_keys' \
-        --run-command 'cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak' \
-        --run-command 'cat /root/.ssh/.kameleon_authorized_keys >> /root/.ssh/authorized_keys' \
-        --run-command 'chmod 700 /root/.ssh' \
-        --run-command 'chmod -R go-rw /root/.ssh' \
-        --run-command 'chown -R root:root /root/.ssh'
-  - on_export_init:
-    - exec_local: |
-        virt-customize \
-          -a $${image_disk}.$${image_format} \
-          --run-command 'mv /root/.ssh/authorized_keys.bak /root/.ssh/authorized_keys' \
-          --delete /root/.ssh/.kameleon_authorized_keys
-
-- add_insecure_key_to_ssh_config:
-  - on_checkpoint: redo
-  - exec_local: |
-      cat <<EOF >> $${ssh_config_file}
-      IdentityFile $${insecure_ssh_key}
-      EOF
-
-- workaround_login_delay_due_to_ldap_and_dns:
   - test:
-    - exec_local: test "$${enable_workaround_login_delay}" = "true"
+    - exec_local: test "$${use_virt_customize}" = "true"
     - exec_local: |
-        virt-customize \
-          -a $${image_disk}.$${image_format} \
-          --run-command 'mv /etc/nslcd.conf /etc/nslcd.conf.orig-g5k' \
-          --run-command 'sed -i.orig-g5k "s/ ldap//" /etc/nsswitch.conf' \
-          --run-command 'echo > /etc/resolv.conf'
-    - exec_local: echo "Workaround is not enabled"
-  - on_setup_clean:
-    - test:
-      - exec_local: test "$${enable_workaround_login_delay}" = "true"
-      - exec_local: |
           virt-customize \
             -a $${image_disk}.$${image_format} \
-            --run-command 'mv /etc/nslcd.conf.orig-g5k /etc/nslcd.conf' \
-            --run-command 'mv /etc/nsswitch.conf.orig-g5k /etc/nsswitch.conf'
+            --run-command 'mkdir -p /root/.ssh' \
+            --upload $${insecure_ssh_key}.pub:/root/.ssh/.kameleon_authorized_keys \
+            --run-command 'touch /root/.ssh/authorized_keys' \
+            --run-command 'cp /root/.ssh/authorized_keys /root/.ssh/authorized_keys.bak' \
+            --run-command 'cat /root/.ssh/.kameleon_authorized_keys >> /root/.ssh/authorized_keys' \
+            --run-command 'chmod 700 /root/.ssh' \
+            --run-command 'chmod -R go-rw /root/.ssh' \
+            --run-command 'chown -R root:root /root/.ssh'
+    - exec_local: echo "Do nothing (do not use virt-customize)"
+  - on_export_init:
+    - test:
+      - exec_local: test "$${use_virt_customize}" = "true"
+      - exec_local: |
+            virt-customize \
+              -a $${image_disk}.$${image_format} \
+              --run-command 'mv /root/.ssh/authorized_keys.bak /root/.ssh/authorized_keys' \
+              --delete /root/.ssh/.kameleon_authorized_keys
+      - exec_local: echo "Do nothing (do not use virt-customize)"

steps/bootstrap/prepare_ssh_to_out_context.yaml

@@ -1,9 +1,17 @@
+- insecure_ssh_key: $${kameleon_cwd}/insecure_ssh_key
+
 - select_empty_port:
   - on_checkpoint: redo
   - exec_local: |
       # Find empty SSH forwarding port
       SSH_FWD_PORT=$(__find_free_port 50000 60000)
       echo "SSH forwarding port: $SSH_FWD_PORT"
+
+- generate_ssh_keys:
+  - check_cmd_local: ssh-keygen
+  - exec_local: echo -e  'y\n' | ssh-keygen -q -t rsa -b 4096 -f $${insecure_ssh_key} -N ''
+  - exec_local: cat $${insecure_ssh_key}
+
 - prepare_ssh_config:
   - on_checkpoint: redo
   - write_local:
@@ -21,3 +29,5 @@
       ForwardAgent yes
       Compression yes
       Protocol 2
+      IdentityFile $${insecure_ssh_key}
+

steps/bootstrap/start_http_server.yaml

@@ -1,6 +1,7 @@
 - http_script: $${kameleon_data_dir}/helpers/simple_http_server.py
 
 - run_http_server:
+  - exec_local: mkdir -p $${http_directory}
   - exec_local: |
       HTTP_PORT=$(__find_free_port 8000 8100)
       echo "HTTP port: $HTTP_PORT"

steps/bootstrap/start_qemu.yaml

@@ -17,6 +17,7 @@
 - no_reboot: true
 - socat_monitor: socat - UNIX-CONNECT:$${qemu_monitor_socket}
 - qemu_sendkeys_script: $${kameleon_data_dir}/qemu-sendkeys.rb
+- qemu_sendkeys_opts: 
 - qemu_sendkeys_commands: 
 - vm_expected_service: ssh
 - vm_cleanup_section: setup
@@ -207,7 +208,7 @@
     - exec_local: |
         echo "Sending keyboard commands to the VM: $${qemu_sendkeys_commands}"
         echo "(Local httpd server url: http://$${local_ip}:$HTTP_PORT)"
-        ruby $${qemu_sendkeys_script} -d 0.05 "$(sed -e s/%LOCAL_IP%/$${local_ip}/g -e s/%HTTP_PORT%/$HTTP_PORT/g $${qemu_sendkeys_commands})" | $${socat_monitor} > /dev/null
+        ruby $${qemu_sendkeys_script} $${qemu_sendkeys_opts} "$(sed -e s/%LOCAL_IP%/$${local_ip}/g -e s/%HTTP_PORT%/$HTTP_PORT/g $${qemu_sendkeys_commands})" | $${socat_monitor} > /dev/null
     - exec_local: echo "No keyboard commands to send"
 
 - shutdown_vm: