main
1<!DOCTYPE html>
2<html lang="en">
3<head>
4<!-- Oct 07, 2022 -->
5<meta charset="utf-8" />
6<meta name="viewport" content="width=device-width, initial-scale=1" />
7<title>Development machines made easy</title>
8<meta name="author" content="Vincent Demeester" />
9<meta name="keywords" content="article" />
10<meta name="generator" content="Org Mode" />
11<link rel='icon' type='image/x-icon' href='/images/favicon.ico'/>
12<meta name='viewport' content='width=device-width, initial-scale=1'>
13<link rel='stylesheet' href='/css/new.css' type='text/css'/>
14<link rel='stylesheet' href='/css/syntax.css' type='text/css'/>
15<link href='/index.xml' rel='alternate' type='application/rss+xml' title='Vincent Demeester' />
16</head>
17<body>
18<main id="content" class="content">
19<header>
20<h1 class="title">Development machines made easy</h1>
21<p class="subtitle" role="doc-subtitle">From lazyness to awesomeness</p>
22</header><div class="abstract" id="org9ca9678">
23<p>
24Let’s dig into how I manage creating and managing development machines. The Why and the
25How.
26</p>
27
28</div>
29
30<nav id="table-of-contents" role="doc-toc">
31<h2>Table of Contents</h2>
32<div id="text-table-of-contents" role="doc-toc">
33<ul>
34<li><a href="#h:f7b73025-0a31-4001-a08d-a5646d6e7be1">Use case</a></li>
35<li><a href="#h:302d6250-fe7f-42a9-9c1c-0cbfcedf8e62">Base images</a></li>
36<li><a href="#h:dc187bf7-25a3-4bdd-a021-54ca4b59cf65"><span class="todo TODO">TODO</span> Provisionning</a></li>
37<li><a href="#h:9c4d79c4-726c-424c-8d27-3f819532d1ae">References</a></li>
38<li><a href="#h:1f6e052f-3df2-415c-a7a1-e1eb9ae3f6c0">Archives</a></li>
39</ul>
40</div>
41</nav>
42
43<p>
44For work, I sometimes need to create and use <i>development</i> machines to hack on a specific
45case. There is multiple reason I would need to create those machines instead of working
46directly on my laptop or desktop. Let’s look at those, and how I try to automate the hell
47out of it (because I am <b>really lazy</b>).
48</p>
49
50<section id="outline-container-h:f7b73025-0a31-4001-a08d-a5646d6e7be1" class="outline-2">
51<h2 id="h:f7b73025-0a31-4001-a08d-a5646d6e7be1">Use case</h2>
52<div class="outline-text-2" id="text-h:f7b73025-0a31-4001-a08d-a5646d6e7be1">
53<p>
54Let’s look into some use-case that are useful to me
55</p>
56
57<ul class="org-ul">
58<li>Create and/or test packages for a specific distribution — most likely RPM-based (Fedora,
59RHEL, …) and Debian-based (Ubuntu, Debian, …).</li>
60<li>From scratch machine,
61<ul class="org-ul">
62<li>to make sure some documentation are complete for people to start
63hacking on a project, and using a tool.</li>
64<li>to make demo, recording or something 👼</li>
65</ul></li>
66<li>Cluster machines for Kubernetes or Openshift.</li>
67</ul>
68
69<p>
70Some requirements and <span class="underline">nice-to-have</span>:
71</p>
72
73<ul class="org-ul">
74<li>Automate provisioning of these machines.</li>
75<li>Use virtual machine for most case (<code>libvirt</code>, <code>qemu+kvm</code>).</li>
76<li>Auto updates of the “provisioning”</li>
77</ul>
78
79<p>
80Targeted system are, <span class="underline">for now</span> :
81</p>
82
83<ul class="org-ul">
84<li>Fedora, RHEL</li>
85<li>Debian, Ubuntu</li>
86<li>NixOS</li>
87</ul>
88</div>
89</section>
90
91<section id="outline-container-h:302d6250-fe7f-42a9-9c1c-0cbfcedf8e62" class="outline-2">
92<h2 id="h:302d6250-fe7f-42a9-9c1c-0cbfcedf8e62">Base images</h2>
93<div class="outline-text-2" id="text-h:302d6250-fe7f-42a9-9c1c-0cbfcedf8e62">
94<p>
95I initially wanted to use <code>packer</code> and it has its uses. I mainly need to build images for
96virtual machines, and it’s even simpler than that, <code>qemu</code> based virtual machine (using
97<code>libvirt</code>). For those cases, there is simpler solution:
98</p>
99
100<ul class="org-ul">
101<li>For <code>nixos</code>, a tool seems to be designed for that purpose : <a href="https://github.com/nix-community/nixos-generators"><code>nixos-generators</code></a></li>
102<li>For <code>fedora</code>, <code>ubuntu</code> and all, if targeting <code>libvirt</code>, there is a really nice tool :
103<a href="http://libguestfs.org/virt-builder.1.html"><code>virt-builder</code></a> from <a href="http://libguestfs.org/">libguestfs</a>.</li>
104</ul>
105
106<div id="text-table-of-contents" role="doc-toc">
107<ul>
108<li><a href="#h:86b2f8d4-a8c7-4b6f-a788-e7a5a681a3d5"><span class="todo TODO">TODO</span> <code>virt-builder</code></a></li>
109<li><a href="#h:5d22d10b-657d-4ca2-a614-577b60d0023e"><span class="todo TODO">TODO</span> NixOS <code>nixos-generators</code></a></li>
110</ul>
111</div>
112</div>
113
114<div id="outline-container-h:86b2f8d4-a8c7-4b6f-a788-e7a5a681a3d5" class="outline-3">
115<h3 id="h:86b2f8d4-a8c7-4b6f-a788-e7a5a681a3d5"><span class="todo TODO">TODO</span> <code>virt-builder</code></h3>
116<div class="outline-text-3" id="text-h:86b2f8d4-a8c7-4b6f-a788-e7a5a681a3d5">
117</div>
118</div>
119
120<div id="outline-container-h:5d22d10b-657d-4ca2-a614-577b60d0023e" class="outline-3">
121<h3 id="h:5d22d10b-657d-4ca2-a614-577b60d0023e"><span class="todo TODO">TODO</span> NixOS <code>nixos-generators</code></h3>
122<div class="outline-text-3" id="text-h:5d22d10b-657d-4ca2-a614-577b60d0023e">
123</div>
124</div>
125</section>
126
127<section id="outline-container-h:dc187bf7-25a3-4bdd-a021-54ca4b59cf65" class="outline-2">
128<h2 id="h:dc187bf7-25a3-4bdd-a021-54ca4b59cf65"><span class="todo TODO">TODO</span> Provisionning</h2>
129<div class="outline-text-2" id="text-h:dc187bf7-25a3-4bdd-a021-54ca4b59cf65">
130<p>
131Now that we have base images, we can start to play around, most likely with <code>ansible</code> to
132easily and quickly provision setups based on those. Those setups can includes :
133</p>
134
135<ul class="org-ul">
136<li>development environment
137<ul class="org-ul">
138<li>Nix-based (aka Nixos or Nixpkgs on other machines)</li>
139<li><i>Native</i>-based (aka no Nix), Fedora</li>
140</ul></li>
141<li>multiple node testing environment</li>
142</ul>
143</div>
144
145<div id="outline-container-h:b1ad53f3-6ac7-44e1-8fc0-326ef785ec46" class="outline-3">
146<h3 id="h:b1ad53f3-6ac7-44e1-8fc0-326ef785ec46"><span class="todo TODO">TODO</span> Development machine</h3>
147<div class="outline-text-3" id="text-h:b1ad53f3-6ac7-44e1-8fc0-326ef785ec46">
148<p>
149There is currently only one, my <i>main</i> development machine, to hack on containers and
150orchestration tooling, using mainly go.
151</p>
152
153<ul class="org-ul">
154<li>It doesn’t need to be a “workstation”, can be a server, I just need a headless
155fedora on which I can install stuff and run services.</li>
156<li>It needs to be able to run <code>minikube</code> or <code>crc</code>, so nested virtualization is required.</li>
157<li>It needs to require the less effort to reset/recreate.</li>
158<li>It needs to have the same IP on the network, always (meaning same MAC address)</li>
159<li>It needs to be “updatable” using provisionning (aka I change the provisionning part, I
160apply and go !)</li>
161</ul>
162</div>
163
164<div id="outline-container-h:bc7d4e4c-76e9-4fc6-9ce6-999f250c4d4c" class="outline-4">
165<h4 id="h:bc7d4e4c-76e9-4fc6-9ce6-999f250c4d4c"><span class="todo TODO">TODO</span> Create the virtal machine</h4>
166<div class="outline-text-4" id="text-h:bc7d4e4c-76e9-4fc6-9ce6-999f250c4d4c">
167<p>
168I want to re-use a disk for <code>/home</code> (or at least <code>$HOME/src</code>) so that I can just re-attach
169it later on. We are assuming we have a base image working here, see <a href="#h:86b2f8d4-a8c7-4b6f-a788-e7a5a681a3d5"><code>virt-builder</code></a>.
170</p>
171
172<div class="org-src-container">
173<pre class="src src-bash">virsh --connect=qemu+tcp://wakasu.home:16509/system list
174</pre>
175</div>
176
177<table>
178
179
180<colgroup>
181<col class="org-left">
182
183<col class="org-left">
184
185<col class="org-left">
186</colgroup>
187<tbody>
188<tr>
189<td class="org-left">Id</td>
190<td class="org-left">Name</td>
191<td class="org-left">State</td>
192</tr>
193
194<tr>
195<td class="org-left">----------------------------</td>
196<td class="org-left"> </td>
197<td class="org-left"> </td>
198</tr>
199
200<tr>
201<td class="org-left">2</td>
202<td class="org-left">fedora-dev</td>
203<td class="org-left">running</td>
204</tr>
205</tbody>
206</table>
207</div>
208</div>
209
210
211<div id="outline-container-h:af99c176-b991-433e-8070-17b38a8fb82a" class="outline-4">
212<h4 id="h:af99c176-b991-433e-8070-17b38a8fb82a"><span class="todo TODO">TODO</span> Base system</h4>
213<div class="outline-text-4" id="text-h:af99c176-b991-433e-8070-17b38a8fb82a">
214<ul class="org-ul">
215<li>zsh</li>
216<li>bash</li>
217<li>exa</li>
218<li>htop</li>
219<li>ssh/shhd</li>
220</ul>
221</div>
222</div>
223
224<div id="outline-container-h:6cbfd75a-6dbd-4b6b-8b63-c7c92db04e77" class="outline-4">
225<h4 id="h:6cbfd75a-6dbd-4b6b-8b63-c7c92db04e77"><span class="todo TODO">TODO</span> Virtualization tooling</h4>
226<div class="outline-text-4" id="text-h:6cbfd75a-6dbd-4b6b-8b63-c7c92db04e77">
227<ul class="org-ul">
228<li>nested virt => @virtualization, libvirt-devel</li>
229</ul>
230</div>
231</div>
232
233<div id="outline-container-h:8a9a0d74-00d4-458f-a481-1620de380a4f" class="outline-4">
234<h4 id="h:8a9a0d74-00d4-458f-a481-1620de380a4f"><span class="todo TODO">TODO</span> Containers tooling</h4>
235<div class="outline-text-4" id="text-h:8a9a0d74-00d4-458f-a481-1620de380a4f">
236<ul class="org-ul">
237<li>podman-docker</li>
238<li>buildah</li>
239<li>skopeo</li>
240
241<li>ko</li>
242<li>kubectl</li>
243<li>google-cloud-sdk</li>
244</ul>
245</div>
246</div>
247
248<div id="outline-container-h:cbbb7ea9-a553-4029-b755-d3d2f6894ced" class="outline-4">
249<h4 id="h:cbbb7ea9-a553-4029-b755-d3d2f6894ced"><span class="todo TODO">TODO</span> Developers tooling</h4>
250<div class="outline-text-4" id="text-h:cbbb7ea9-a553-4029-b755-d3d2f6894ced">
251</div>
252</div>
253
254<div id="outline-container-h:27836d1b-e7f9-4274-b3ca-37909e72daaa" class="outline-4">
255<h4 id="h:27836d1b-e7f9-4274-b3ca-37909e72daaa"><span class="todo TODO">TODO</span> Nix setup ?</h4>
256<div class="outline-text-4" id="text-h:27836d1b-e7f9-4274-b3ca-37909e72daaa">
257</div>
258</div>
259</div>
260
261<div id="outline-container-h:77a3cff7-20d4-416b-bb1d-b772196b1f3e" class="outline-3">
262<h3 id="h:77a3cff7-20d4-416b-bb1d-b772196b1f3e"><span class="todo TODO">TODO</span> Kubernetes cluster</h3>
263<div class="outline-text-3" id="text-h:77a3cff7-20d4-416b-bb1d-b772196b1f3e">
264</div>
265</div>
266</section>
267
268<section id="outline-container-h:9c4d79c4-726c-424c-8d27-3f819532d1ae" class="outline-2">
269<h2 id="h:9c4d79c4-726c-424c-8d27-3f819532d1ae">References</h2>
270<div class="outline-text-2" id="text-h:9c4d79c4-726c-424c-8d27-3f819532d1ae">
271<ul class="org-ul">
272<li><a href="https://github.com/SkypLabs/packer-debian">https://github.com/SkypLabs/packer-debian</a></li>
273<li><a href="https://github.com/SkypLabs/packer-centos">https://github.com/SkypLabs/packer-centos</a></li>
274<li><a href="https://github.com/idi-ops/packer-fedora">https://github.com/idi-ops/packer-fedora</a></li>
275<li><a href="https://github.com/rustic/fedora29-minimal">https://github.com/rustic/fedora29-minimal</a></li>
276<li><a href="https://github.com/terusus/packer-ansible-arch">https://github.com/terusus/packer-ansible-arch</a></li>
277<li><a href="https://github.com/jogleasonjr/packer-arch">https://github.com/jogleasonjr/packer-arch</a></li>
278<li><a href="https://github.com/karolistamutis/packer-archlinux">https://github.com/karolistamutis/packer-archlinux</a></li>
279<li><a href="https://developer.fedoraproject.org/tools/virt-builder/about.html">https://developer.fedoraproject.org/tools/virt-builder/about.html</a></li>
280<li><a href="https://computingforgeeks.com/virsh-commands-cheatsheet/">https://computingforgeeks.com/virsh-commands-cheatsheet/</a></li>
281<li><a href="https://help.ubuntu.com/community/KVM/Virsh">https://help.ubuntu.com/community/KVM/Virsh</a></li>
282</ul>
283</div>
284</section>
285
286<section id="outline-container-h:1f6e052f-3df2-415c-a7a1-e1eb9ae3f6c0" class="outline-2">
287<h2 id="h:1f6e052f-3df2-415c-a7a1-e1eb9ae3f6c0">Archives</h2>
288<div class="outline-text-2" id="text-h:1f6e052f-3df2-415c-a7a1-e1eb9ae3f6c0">
289</div>
290<div id="outline-container-h:62c6b7b1-0ab4-4ab6-9dad-edd9e2d7c54e" class="outline-3">
291<h3 id="h:62c6b7b1-0ab4-4ab6-9dad-edd9e2d7c54e">Packer</h3>
292<div class="outline-text-3" id="text-h:62c6b7b1-0ab4-4ab6-9dad-edd9e2d7c54e">
293<p>
294Let’s use <a href="https://packer.io/"><code>packer</code></a> with qemu for those cases — and let’s create a repository where we’re
295gonna write the development machine recipes : <a href="https://github.com/vdemeester/machines"><code>vdemeester/machines</code></a>.
296</p>
297
298<div id="text-table-of-contents" role="doc-toc">
299<ul>
300<li><a href="#h:edba86e1-0aa2-43a7-832b-60bfd5bf3727">NixOS recipes</a></li>
301</ul>
302</div>
303</div>
304
305<div id="outline-container-h:edba86e1-0aa2-43a7-832b-60bfd5bf3727" class="outline-4">
306<h4 id="h:edba86e1-0aa2-43a7-832b-60bfd5bf3727">NixOS recipes</h4>
307<div class="outline-text-4" id="text-h:edba86e1-0aa2-43a7-832b-60bfd5bf3727">
308<p>
309The initial source of packer recipes comes from <a href="https://github.com/nix-community/nixbox"><code>nix-community/nixbox</code></a>, but I’m
310<i>tailoring</i> them to my needs
311</p>
312
313<div class="org-src-container">
314<pre class="src src-json">{
315 "builders": [
316 {
317 "boot_wait": "40s",
318 "boot_command": [
319 "echo http://{{ .HTTPIP }}:{{ .HTTPPort}} > .packer_http<enter>",
320 "mkdir -m 0700 .ssh<enter>",
321 "curl $(cat .packer_http)/install_rsa.pub > .ssh/authorized_keys<enter>",
322 "systemctl start sshd<enter>"
323 ],
324 "http_directory": "scripts",
325 "iso_checksum_type": "sha256",
326 "shutdown_command": "shutdown -h now",
327 "ssh_private_key_file": "./scripts/install_rsa",
328 "ssh_port": 22,
329 "ssh_username": "root",
330 "type": "qemu",
331 "iso_url": "https://d3g5gsiof5omrk.cloudfront.net/nixos/18.09/nixos-18.09.1799.b9fa31cea0e/nixos-minimal-18.09.1799.b9fa31cea0e-x86_64-linux.iso",
332 "iso_checksum": "cc7c399c5fe4672383fe54cb1d648854a0d6732765fe1a61bb38b3fe3b7c6d2f",
333 "disk_interface": "virtio-scsi",
334 "qemuargs": [
335 [
336 "-m",
337 "1024"
338 ]
339 ]
340 }
341 ],
342 "provisioners": [
343 {
344 "type": "shell",
345 "script": "./scripts/install.sh"
346 }
347 ]
348}
349</pre>
350</div>
351
352<p>
353Let’s look at the provisioning script. We don’t want to create a full specific
354configuration for these images as we will use <code>ansible</code> for the final provisioning.
355</p>
356
357<ul class="org-ul">
358<li><p>
359<code>scripts/install.sh</code>
360</p>
361
362<div class="org-src-container">
363<pre class="src src-bash"><span class="org-comment-delimiter">#</span><span class="org-comment">!/bin/</span><span class="org-keyword">sh</span><span class="org-comment"> -e</span>
364
365<span class="org-variable-name">packer_http</span>=$(cat .packer_http)
366
367<span class="org-comment-delimiter"># </span><span class="org-comment">Partition disk</span>
368cat <<FDISK | fdisk /dev/sda
369<span class="org-sh-heredoc">n</span>
370
371
372
373
374<span class="org-sh-heredoc">a</span>
375<span class="org-sh-heredoc">w</span>
376
377<span class="org-sh-heredoc">FDISK</span>
378
379<span class="org-comment-delimiter"># </span><span class="org-comment">Create filesystem</span>
380mkfs.ext4 -j -L nixos /dev/sda1
381
382<span class="org-comment-delimiter"># </span><span class="org-comment">Mount filesystem</span>
383mount <span class="org-variable-name">LABEL</span>=nixos /mnt
384
385<span class="org-comment-delimiter"># </span><span class="org-comment">Setup system</span>
386nixos-generate-config --root /mnt
387
388curl -sf <span class="org-string">"$packer_http/machine.nix"</span> > /mnt/etc/nixos/machine.nix
389curl -sf <span class="org-string">"$packer_http/builders/$PACKER_BUILDER_TYPE.nix"</span> > /mnt/etc/nixos/hardware-builder.nix
390curl -sf <span class="org-string">"$packer_http/configuration.nix"</span> > /mnt/etc/nixos/configuration.nix
391curl -sf <span class="org-string">"$packer_http/custom-configuration.nix"</span> > /mnt/etc/nixos/custom-configuration.nix
392
393<span class="org-comment-delimiter">### </span><span class="org-comment">Install ###</span>
394nixos-install
395
396<span class="org-comment-delimiter">### </span><span class="org-comment">Cleanup ###</span>
397curl <span class="org-string">"$packer_http/postinstall.sh"</span> | nixos-install
398</pre>
399</div></li>
400<li><p>
401<code>scripts/postinstall.sh</code>
402</p>
403<div class="org-src-container">
404<pre class="src src-bash"><span class="org-comment-delimiter">#</span><span class="org-comment">!/bin/</span><span class="org-keyword">sh</span>
405
406<span class="org-comment-delimiter"># </span><span class="org-comment">Make sure we are totally up to date</span>
407nix-channel --add https://nixos.org/channels/nixos-18.09 nixos
408nix-channel --update
409nixos-rebuild switch --upgrade
410
411<span class="org-comment-delimiter"># </span><span class="org-comment">Cleanup any previous generations and delete old packages that can be</span>
412<span class="org-comment-delimiter"># </span><span class="org-comment">pruned.</span>
413
414<span class="org-keyword">for</span> x<span class="org-keyword"> in</span> $(seq 0 2) ; <span class="org-keyword">do</span>
415 nix-env --delete-generations old
416 nix-collect-garbage -d
417<span class="org-keyword">done</span>
418
419
420<span class="org-comment-delimiter"># </span><span class="org-comment">Remove install ssh key</span>
421rm -rf /root/.ssh /root/.packer_http
422
423<span class="org-comment-delimiter"># </span><span class="org-comment">Zero out the disk (for better compression)</span>
424dd <span class="org-variable-name">if</span>=/dev/zero <span class="org-variable-name">of</span>=/EMPTY <span class="org-variable-name">bs</span>=1M
425rm -rf /EMPTY
426</pre>
427</div></li>
428<li><p>
429<code>scripts/machine.nix</code>
430</p>
431<div class="org-src-container">
432<pre class="src src-nix"><span class="org-comment-delimiter"># </span><span class="org-comment">This file is overwritten by the vagrant-nixos plugin</span>
433{ config, pkgs, ... }:
434{
435 <span class="org-nix-attribute">networking.hostName</span> = <span class="org-string">"nixos-machine"</span>;
436}
437</pre>
438</div></li>
439<li><p>
440<code>scripts/configuration.nix</code>
441</p>
442<div class="org-src-container">
443<pre class="src src-nix">{ config, pkgs, ... }:
444
445{
446 <span class="org-nix-attribute">imports</span> =
447 [ <span class="org-comment"># Include the results of the hardware scan.</span>
448 <span class="org-nix-constant">./hardware-configuration.nix</span>
449 <span class="org-nix-constant">./hardware-builder.nix</span>
450 <span class="org-nix-constant">./machine.nix</span>
451 <span class="org-nix-constant">./custom-configuration.nix</span>
452 ];
453
454 <span class="org-comment"># Use the GRUB 2 boot loader.</span>
455 <span class="org-nix-attribute">boot.loader.grub.enable</span> = <span class="org-nix-builtin">true</span>;
456 <span class="org-nix-attribute">boot.loader.grub.version</span> = 2;
457 <span class="org-nix-attribute">boot.loader.grub.device</span> = <span class="org-string">"/dev/sda"</span>;
458
459 <span class="org-comment"># remove the fsck that runs at startup. It will always fail to run, stopping</span>
460 <span class="org-comment"># your boot until you press *.</span>
461 <span class="org-nix-attribute">boot.initrd.checkJournalingFS</span> = <span class="org-nix-builtin">false</span>;
462
463 <span class="org-comment"># Services to enable:</span>
464
465 <span class="org-comment"># Enable the OpenSSH daemon.</span>
466 <span class="org-nix-attribute">services.openssh.enable</span> = <span class="org-nix-builtin">true</span>;
467
468 <span class="org-comment"># Enable DBus</span>
469 <span class="org-nix-attribute">services.dbus.enable</span> = <span class="org-nix-builtin">true</span>;
470
471 <span class="org-comment"># Replace nptd by timesyncd</span>
472 <span class="org-nix-attribute">services.timesyncd.enable</span> = <span class="org-nix-builtin">true</span>;
473
474 <span class="org-comment"># Packages for Vagrant</span>
475 <span class="org-nix-attribute">environment.systemPackages</span> = <span class="org-nix-keyword">with</span> pkgs; [
476 iputils
477 ];
478
479 <span class="org-comment"># Creates a "vincent" users with password-less sudo access</span>
480 <span class="org-nix-attribute">users</span> = {
481 <span class="org-nix-attribute">extraGroups</span> = [ { <span class="org-nix-attribute">name</span> = <span class="org-string">"vincent"</span>; } ];
482 <span class="org-nix-attribute">extraUsers</span> = [
483 <span class="org-comment"># Try to avoid ask password</span>
484 { <span class="org-nix-attribute">name</span> = <span class="org-string">"root"</span>; <span class="org-nix-attribute">password</span> = <span class="org-string">"vincent"</span>; }
485 {
486 <span class="org-nix-attribute">description</span> = <span class="org-string">"Vincent User"</span>;
487 <span class="org-nix-attribute">name</span> = <span class="org-string">"vincent"</span>;
488 <span class="org-nix-attribute">group</span> = <span class="org-string">"vincent"</span>;
489 <span class="org-nix-attribute">extraGroups</span> = [ <span class="org-string">"users"</span> <span class="org-string">"wheel"</span> ];
490 <span class="org-nix-attribute">password</span> = <span class="org-string">"vincent"</span>;
491 <span class="org-nix-attribute">home</span> = <span class="org-string">"/home/vincent"</span>;
492 <span class="org-nix-attribute">createHome</span> = <span class="org-nix-builtin">true</span>;
493 <span class="org-nix-attribute">useDefaultShell</span> = <span class="org-nix-builtin">true</span>;
494 <span class="org-nix-attribute">openssh.authorizedKeys.keys</span> = [
495 <span class="org-string">"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDO1sx5h44xnK/k0ODnQ3aQR8+nr7HC7u94fS3OhwQ6AvjqDGLnI6EP4sr4Yh2eXf8lHX+lkg8iZ6Z+y9dVnnzwveZfqbfOyh6t8Hg+M1nl26rwdYv+guU8khvh+Kzl9Vdb5dexf/hWQ/LcWvsuPO+tBmqajNTLYbGinqrMm3Bw2jJS/+DitgoT8hiuSTU1smY1CGzggHEdsx4+oDMuDMvRYwOBBHrUF00lZLx3zB3nGl1VFYD2St3vzlmzoZNrW7Rx8TRg02BTVAwd4qPHOMz8Kg+JmDhVig9yeqHo4FCwXxQ8+jk54Cd2el6TjfaA5HD2+e4FYLP6bMSLIabLTfLP vincent@wakasu"</span>
496 ];
497 }
498 ];
499 };
500
501 <span class="org-nix-attribute">security.sudo.configFile</span> =
502 <span class="org-string">''</span>
503<span class="org-string"> Defaults:root,%wheel env_keep+=LOCALE_ARCHIVE</span>
504<span class="org-string"> Defaults:root,%wheel env_keep+=NIX_PATH</span>
505<span class="org-string"> Defaults:root,%wheel env_keep+=TERMINFO_DIRS</span>
506<span class="org-string"> Defaults env_keep+=SSH_AUTH_SOCK</span>
507<span class="org-string"> Defaults lecture = never</span>
508<span class="org-string"> root ALL=(ALL) SETENV: ALL</span>
509<span class="org-string"> %wheel ALL=(ALL) NOPASSWD: ALL, SETENV: ALL</span>
510<span class="org-string"> ''</span>;
511
512}
513</pre>
514</div></li>
515<li><p>
516<code>scripts/custom-configuration.nix</code>
517</p>
518<div class="org-src-container">
519<pre class="src src-nix">{ config, pkgs, ... }:
520
521{
522<span class="org-comment-delimiter"># </span><span class="org-comment">Place here any custom configuration specific to your organisation (locale, ...)</span>
523<span class="org-comment-delimiter"># </span><span class="org-comment">if you want it to be part of the packer base image to be used with vagrant.</span>
524}
525</pre>
526</div></li>
527<li><p>
528<code>scripts/builders/qemu.nix</code>
529</p>
530<div class="org-src-container">
531<pre class="src src-nix">{ modulesPath, ... }:
532{
533 <span class="org-nix-attribute">imports</span> = [
534 <span class="org-string">"</span><span class="org-nix-antiquote">${</span><span class="org-nix-builtin">toString</span> modulesPath<span class="org-nix-antiquote">}</span><span class="org-string">/profiles/qemu-guest.nix"</span>
535 ];
536}
537</pre>
538</div></li>
539</ul>
540
541
542<p>
543And to build this image, a simple <code>packer build nixos.json</code> is required.
544</p>
545</div>
546</div>
547</div>
548</section>
549</main>
550<footer id="postamble" class="status">
551<footer>
552 <small><a href="/" rel="history">Index</a> • <a href="/sitemap.html">Sitemap</a> • <a href="https://dl.sbr.pm/">Files</a></small><br/>
553 <small class='questions'>Questions, comments ? Please use my <a href="https://lists.sr.ht/~vdemeester/public-inbox">public inbox</a> by sending a plain-text email to <a href="mailto:~vdemeester/public-inbox@lists.sr.ht">~vdemeester/public-inbox@lists.sr.ht</a>.</small><br/>
554 <small class='copyright'>
555 Content and design by Vincent Demeester
556 (<a rel='licence' href='http://creativecommons.org/licenses/by-nc-sa/3.0/'>Some rights reserved</a>)
557 </small><br />
558</footer>
559</footer>
560</body>
561</html>