nixos/vagrant-virtualbox-image: init (#101120)
Co-authored-by: zimbatm <zimbatm@zimbatm.com> Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>wip/yesman
parent
1a9e02dec6
commit
a2ee5cbb05
@ -0,0 +1,58 @@ |
||||
# Minimal configuration that vagrant depends on |
||||
|
||||
{ config, pkgs, ... }: |
||||
let |
||||
# Vagrant uses an insecure shared private key by default, but we |
||||
# don't use the authorizedKeys attribute under users because it should be |
||||
# removed on first boot and replaced with a random one. This script sets |
||||
# the correct permissions and installs the temporary key if no |
||||
# ~/.ssh/authorized_keys exists. |
||||
install-vagrant-ssh-key = pkgs.writeScriptBin "install-vagrant-ssh-key" '' |
||||
#!${pkgs.runtimeShell} |
||||
if [ ! -e ~/.ssh/authorized_keys ]; then |
||||
mkdir -m 0700 -p ~/.ssh |
||||
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> ~/.ssh/authorized_keys |
||||
chmod 0600 ~/.ssh/authorized_keys |
||||
fi |
||||
''; |
||||
in |
||||
{ |
||||
# Enable the OpenSSH daemon. |
||||
services.openssh.enable = true; |
||||
|
||||
# Packages used by Vagrant |
||||
environment.systemPackages = with pkgs; [ |
||||
findutils |
||||
iputils |
||||
nettools |
||||
netcat |
||||
nfs-utils |
||||
rsync |
||||
]; |
||||
|
||||
users.extraUsers.vagrant = { |
||||
isNormalUser = true; |
||||
createHome = true; |
||||
description = "Vagrant user account"; |
||||
extraGroups = [ "users" "wheel" ]; |
||||
home = "/home/vagrant"; |
||||
password = "vagrant"; |
||||
useDefaultShell = true; |
||||
uid = 1000; |
||||
}; |
||||
|
||||
systemd.services.install-vagrant-ssh-key = { |
||||
description = "Vagrant SSH key install (if needed)"; |
||||
after = [ "fs.target" ]; |
||||
wants = [ "fs.target" ]; |
||||
wantedBy = [ "multi-user.target" ]; |
||||
serviceConfig = { |
||||
ExecStart = "${install-vagrant-ssh-key}/bin/install-vagrant-ssh-key"; |
||||
User = "vagrant"; |
||||
# So it won't be (needlessly) restarted: |
||||
RemainAfterExit = true; |
||||
}; |
||||
}; |
||||
|
||||
security.sudo.wheelNeedsPassword = false; |
||||
} |
@ -0,0 +1,60 @@ |
||||
# Vagrant + VirtualBox |
||||
|
||||
{ config, pkgs, ... }: |
||||
|
||||
{ |
||||
imports = [ |
||||
./vagrant-guest.nix |
||||
./virtualbox-image.nix |
||||
]; |
||||
|
||||
virtualbox.params = { |
||||
audio = "none"; |
||||
audioin = "off"; |
||||
audioout = "off"; |
||||
usb = "off"; |
||||
usbehci = "off"; |
||||
}; |
||||
sound.enable = false; |
||||
documentation.man.enable = false; |
||||
documentation.nixos.enable = false; |
||||
|
||||
users.extraUsers.vagrant.extraGroups = [ "vboxsf" ]; |
||||
|
||||
# generate the box v1 format which is much easier to generate |
||||
# https://www.vagrantup.com/docs/boxes/format.html |
||||
system.build.vagrantVirtualbox = pkgs.runCommand |
||||
"virtualbox-vagrant.box" |
||||
{} |
||||
'' |
||||
mkdir workdir |
||||
cd workdir |
||||
|
||||
# 1. create that metadata.json file |
||||
echo '{"provider":"virtualbox"}' > metadata.json |
||||
|
||||
# 2. create a default Vagrantfile config |
||||
cat <<VAGRANTFILE > Vagrantfile |
||||
Vagrant.configure("2") do |config| |
||||
config.vm.base_mac = "0800275F0936" |
||||
end |
||||
VAGRANTFILE |
||||
|
||||
# 3. add the exported VM files |
||||
tar xvf ${config.system.build.virtualBoxOVA}/*.ova |
||||
|
||||
# 4. move the ovf to the fixed location |
||||
mv *.ovf box.ovf |
||||
|
||||
# 5. generate OVF manifest file |
||||
rm *.mf |
||||
touch box.mf |
||||
for fname in *; do |
||||
checksum=$(sha256sum $fname | cut -d' ' -f 1) |
||||
echo "SHA256($fname)= $checksum" >> box.mf |
||||
done |
||||
|
||||
# 6. compress everything back together |
||||
tar --owner=0 --group=0 --sort=name --numeric-owner -czf $out . |
||||
''; |
||||
} |
Loading…
Reference in new issue