├── .github └── workflows │ └── release.yml ├── .gitignore ├── LICENSE ├── Makefile ├── README.md ├── Vagrantfile ├── efi_data ├── OVMF_CODE_4M.ms.fd └── OVMF_VARS_4M.ms.fd ├── nixos.pkr.hcl ├── scripts ├── builders │ ├── hyperv-iso.nix │ ├── qemu.nix │ ├── virtualbox-iso.nix │ └── vmware-iso.nix ├── configuration.nix ├── custom-configuration.nix ├── grub-bios.nix ├── grub-efi.nix ├── install.sh ├── install_ed25519 ├── install_ed25519.pub ├── postinstall.sh ├── vagrant-hostname.nix ├── vagrant-network.nix └── vagrant.nix └── shell.nix /.github/workflows/release.yml: -------------------------------------------------------------------------------- 1 | name: Release CI 2 | 3 | on: 4 | push: 5 | branches: [ "nixos-**" ] 6 | 7 | jobs: 8 | build: 9 | name: Run build ${{ matrix.BUILDER }} ${{ matrix.ARCH }} 10 | runs-on: ubuntu-latest 11 | strategy: 12 | matrix: 13 | BUILDER: ['virtualbox-iso.virtualbox', 'qemu.qemu'] 14 | ARCH: ['x86_64'] 15 | steps: 16 | - uses: actions/checkout@v3 17 | 18 | - name: Install dependencies 19 | if: ${{matrix.BUILDER == 'virtualbox-iso.virtualbox'}} 20 | run: | 21 | echo "deb [arch=amd64 signed-by=/usr/share/keyrings/oracle-virtualbox-2016.gpg] https://download.virtualbox.org/virtualbox/debian $(lsb_release -cs) contrib" | sudo tee /etc/apt/sources.list.d/virtualbox.list 22 | wget -O- https://www.virtualbox.org/download/oracle_vbox_2016.asc | sudo gpg --yes --output /usr/share/keyrings/oracle-virtualbox-2016.gpg --dearmor 23 | sudo apt-get update 24 | sudo apt-get install -y virtualbox-6.1 25 | 26 | - name: Install dependencies 27 | if: ${{matrix.BUILDER == 'qemu.qemu'}} 28 | run: | 29 | sudo apt-get update 30 | sudo apt-get install -y \ 31 | qemu-system-x86 \ 32 | qemu libvirt-daemon-system 33 | 34 | - name: Create Vagrant Cloud Box 35 | env: 36 | ATLAS_TOKEN: ${{ secrets.ATLAS_TOKEN }} 37 | run: make vagrantcloud-create 38 | 39 | - name: Set Vagrant Cloud Box is Public 40 | env: 41 | ATLAS_TOKEN: ${{ secrets.ATLAS_TOKEN }} 42 | run: make vagrantcloud-update 43 | 44 | - name: Delete Old Vagrant Cloud Box Version 45 | env: 46 | ATLAS_TOKEN: ${{ secrets.ATLAS_TOKEN }} 47 | run: VERSION=${GITHUB_REF#refs/heads/nixos-} make vagrantcloud-delete 48 | 49 | - name: Setup `packer` 50 | uses: hashicorp/setup-packer@main 51 | id: setup 52 | with: 53 | version: "latest" 54 | 55 | - name: Run build ${{ matrix.BUILDER }} ${{ matrix.ARCH }} and push box to vagrant cloud 56 | env: 57 | ATLAS_TOKEN: ${{ secrets.ATLAS_TOKEN }} 58 | run: make VERSION=${GITHUB_REF#refs/heads/nixos-} BUILDER=${{ matrix.BUILDER }} packer-build 59 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | .DS_Store 2 | /*.box 3 | /.vagrant 4 | /iso 5 | /output-virtualbox-iso 6 | /packer_cache 7 | /vendor 8 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | (The MIT License) 2 | 3 | Copyright (c) 2013 zimbatm and contributors 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the 'Software'), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | BUILDER ?= virtualbox-iso.virtualbox 2 | VERSION ?= 23.05 3 | ARCH ?= x86_64 4 | REPO ?= nixbox/nixos 5 | USE_EFI ?= false 6 | REPO_NAME = $(word 1, $(subst /, ,${REPO})) 7 | BOX_NAME = $(word 2, $(subst /, ,${REPO})) 8 | BUILD_PROVIDER = $(word 1, $(subst -, ,$(word 2, $(subst ., ,${BUILDER})))) 9 | 10 | ifeq ($(USE_EFI),true) 11 | BUILDER=${BUILDER}-efi 12 | endif 13 | 14 | all: help 15 | 16 | help: ## This help 17 | @find . -name Makefile -o -name "*.mk" | xargs -n1 grep -hE '^[a-z0-9\-]+:.* ##' | sed 's/\: .*##/:/g' | sort | column -ts':' 18 | 19 | version: 20 | @echo "Build for ${ARCH} architecture and using the ${VERSION} NixOS iso version" 21 | 22 | build: nixos.pkr.hcl version ## [BUILDER] [ARCH] [VERSION] Build packer image 23 | packer init $< 24 | packer build \ 25 | -var arch=${ARCH} \ 26 | -var builder="${BUILDER}" \ 27 | -var version=${VERSION} \ 28 | -var iso_checksum="$(shell curl -sL https://channels.nixos.org/nixos-${VERSION}/latest-nixos-minimal-${ARCH}-linux.iso.sha256 | grep -Eo '^[0-9a-z]{64}')" \ 29 | --only=${BUILDER} \ 30 | --except=vagrant-cloud \ 31 | $< 32 | 33 | build-all: ## [BUILDER] [VERSION] Build packer image 34 | @${MAKE} BUILDER=${BUILDER} VERSION=${VERSION} ARCH=x86_64 build 35 | @${MAKE} BUILDER=${BUILDER} VERSION=${VERSION} ARCH=i686 build 36 | 37 | vagrant-plugin: 38 | @vagrant plugin list | grep vagrant-nixos-plugin || vagrant plugin install vagrant-nixos-plugin 39 | @vagrant plugin list | grep vagrant-disksize || vagrant plugin install vagrant-disksize 40 | 41 | vagrant-add: vagrant-plugin ## Add vagrant box 42 | @test -f nixos-${VERSION}-${BUILDER}-${ARCH}.box && ARCH=${ARCH} vagrant box add --force nixbox-${ARCH} nixos-${VERSION}-${BUILDER}-${ARCH}.box 43 | 44 | vagrant-remove: vagrant-plugin ## Remove vagrant box 45 | @vagrant box remove nixbox-${ARCH} 46 | 47 | vagrant-up: ## Try builded vagrant box 48 | @ARCH="${ARCH}" vagrant up --provider ${BUILD_PROVIDER} 49 | 50 | vagrant-ssh: ## Connect to vagrant box 51 | @ARCH="${ARCH}" vagrant ssh 52 | 53 | vagrant-destroy: ## Destroy vagrant box 54 | @ARCH="${ARCH}" vagrant destroy 55 | 56 | vagrant-push: vagrant-plugin ## Push builded vagrant box 57 | @test -f nixos-${VERSION}-${BUILDER}-${ARCH}.box && ARCH="${ARCH}" vagrant cloud publish \ 58 | --force \ 59 | --release \ 60 | --no-private \ 61 | --short-description "NixOS ${VERSION}" \ 62 | ${REPO}-${VERSION} ${VERSION} ${BUILD_PROVIDER} nixos-${VERSION}-${BUILDER}-${ARCH}.box 63 | 64 | vagrantcloud-create: ## Create Vagrant Cloud box 65 | @curl \ 66 | --request POST \ 67 | --header "Content-Type: application/json" \ 68 | --header "Authorization: Bearer ${ATLAS_TOKEN}" \ 69 | https://app.vagrantup.com/api/v2/boxes \ 70 | --data '{ "box": { "username": "'"${REPO_NAME}"'", "name": "'"${BOX_NAME}"'", "is_private": false } }' 71 | 72 | vagrantcloud-delete: ## Delete old Vagrant Cloud box 73 | @curl \ 74 | --request DELETE \ 75 | --header "Authorization: Bearer ${ATLAS_TOKEN}" \ 76 | "https://app.vagrantup.com/api/v2/box/${REPO}/version/${VERSION}" 77 | 78 | vagrantcloud-update: ## Create Vagrant Cloud box 79 | @curl \ 80 | --request PUT \ 81 | --header "Content-Type: application/json" \ 82 | --header "Authorization: Bearer ${ATLAS_TOKEN}" \ 83 | "https://app.vagrantup.com/api/v2/box/${REPO}" \ 84 | --data '{ "box": { "username": "'"${REPO_NAME}"'", "name": "'"${BOX_NAME}"'", "is_private": false } }' 85 | 86 | packer-build: nixos.pkr.hcl version ##Use packer push to vagrant-cloud 87 | packer init $< 88 | packer build \ 89 | -var arch=${ARCH} \ 90 | -var builder="${BUILDER}" \ 91 | -var cloud_repo=${REPO} \ 92 | -var version=${VERSION} \ 93 | -var iso_checksum="$(shell curl -sL https://channels.nixos.org/nixos-${VERSION}/latest-nixos-minimal-${ARCH}-linux.iso.sha256 | grep -Eo '^[0-9a-z]{64}')" \ 94 | --only=${BUILDER} \ 95 | $< 96 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | NixOS boxes for Vagrant 2 | ======================= 3 | 4 | [NixOS](http://nixos.org) is a linux distribution based on a purely functional 5 | package manager. This project builds [vagrant](http://vagrantup.com) .box 6 | images. 7 | 8 | Status 9 | ------ 10 | 11 | stable 12 | 13 | Usage 14 | ----- 15 | 16 | ```shell 17 | vagrant init nixbox/nixos --box-version 23.11 18 | ``` 19 | 20 | Also have a look at the accompanying nixos vagrant plugin: 21 | 22 | 23 | Auto Vars File 24 | -------------- 25 | 26 | ### iso_checksums 27 | 28 | The `nixos.auto.pkvars.hcl` file contains two defined variables that are 29 | required to build a box. The packer template will dereference the iso checksum 30 | from the `iso_checksums` variable. If a checksum does not exist for the version 31 | and architecture you are trying to build, the packer build will fail. Be sure 32 | to add the proper checksum for the ISO you would like to use to the 33 | `iso_checksums` map, if it does not already exist, before building. 34 | 35 | ### version 36 | 37 | Use the `version` variable to set the version of NixOS you want to build. By 38 | convention, this is usually set to the latest stable version of NixOS. 39 | 40 | Building the images 41 | ------------------- 42 | 43 | First install [packer](http://packer.io) and 44 | [virtualbox](https://www.virtualbox.org/). 45 | 46 | Four packer builders are currently supported: 47 | 48 | - BIOS 49 | - Virtualbox (`BUILDER=virtualbox-iso.virtualbox`) 50 | - qemu / libvirt (`BUILDER=qemu.qemu`) 51 | - VMware (`BUILDER=vmware-iso.vmware`) 52 | - Hyper-V (`BUILDER=hyperv-iso.hyperv`) 53 | - UEFI 54 | - Virtualbox (`BUILDER=virtualbox-iso.virtualbox-efi`) 55 | - qemu / libvirt (`BUILDER=qemu.qemu-efi`) 56 | 57 | Have a look at the different `make build` target to build your image. 58 | 59 | ```shell 60 | make build-all # Build latest version for all architectures 61 | make VERSION=23.11 build # Build specific version for x86_64 architecture 62 | make VERSION=23.11 ARCH=i686 build # Build specific version for specific architecture 63 | 64 | make vagrant-add 65 | make vagrant-push 66 | ``` 67 | 68 | If you build on a host that does not support Makefile, here are some examples: 69 | 70 | ```shell 71 | packer build --only=virtualbox-iso.virtualbox -var version=23.11 --except=vagrant-cloud nixos.pkr.hcl 72 | packer build --only=qemu.qemu -var version=23.11 --except=vagrant-cloud nixos.pkr.hcl 73 | packer build --only=vmware-iso.vmware -var version=23.11 --except=vagrant-cloud nixos.pkr.hcl 74 | packer build --only=hyperv-iso.hyperv -var version=23.11 --except=vagrant-cloud nixos.pkr.hcl 75 | ``` 76 | 77 | The vagrant .box image is now ready to go and you can use it in vagrant: 78 | 79 | ```shell 80 | vagrant box add nixbox32 nixos-23.11-libvirt-i686.box 81 | # or 82 | vagrant box add nixbox64 nixos-23.11-virtualbox-x86_64.box 83 | ``` 84 | 85 | Troubleshooting 86 | --------------- 87 | 88 | - If you build on a Windows OS, please make sure you keep the unix file 89 | encoding of the generated configuration files (see [issue\#30](https://github.com/nix-community/nixbox/issues/30) 90 | 91 | - Timeouts are a common issue for build failures. These can be a bit tough to 92 | figure out. increase the `boot_wait` value in `nixos.auto.pkvars.hcl` if you 93 | think timeouts may be the cause of your build failures. 94 | 95 | Sample Vagrantfile 96 | ------------------ 97 | 98 | ```ruby 99 | Vagrant.configure("2") do |config| 100 | 101 | # Disable shared virtualbox mount path (not vboxsf installed on guest) 102 | config.vm.synced_folder '.', '/vagrant', disabled: true 103 | 104 | # Use a suitable NixOS base. VM built with nixbox are tested to work with 105 | # this plugin. 106 | config.vm.box = "nixos-23.11" 107 | 108 | # Add the htop package 109 | config.vm.provision :nixos, 110 | run: 'always', 111 | expression: { 112 | environment: { 113 | systemPackages: [ :htop ] 114 | } 115 | } 116 | 117 | end 118 | ``` 119 | 120 | License 121 | ------- 122 | 123 | Copyright 2022 under the MIT 124 | Copyright 2015 under the MIT 125 | -------------------------------------------------------------------------------- /Vagrantfile: -------------------------------------------------------------------------------- 1 | # -*- mode: ruby -*- 2 | # vi: set ft=ruby : 3 | 4 | # All Vagrant configuration is done below. The "2" in Vagrant.configure 5 | # configures the configuration version (we support older styles for 6 | # backwards compatibility). Please don't change it unless you know what 7 | # you're doing. 8 | 9 | arch = ENV["ARCH"] 10 | 11 | Vagrant.configure("2") do |config| 12 | config.vm.box = "nixbox-" + arch.to_s 13 | config.vm.disk :disk, size: "50GB", primary: true 14 | config.vm.provider "virtualbox" do |vb| 15 | vb.gui = false 16 | vb.memory = "4096" 17 | end 18 | 19 | config.vm.provider "qemu" do |qe| 20 | qe.arch = "x86_64" 21 | qe.machine = "q35" 22 | qe.cpu = "max" 23 | qe.net_device = "virtio-net-pci" 24 | qe.memory = "1024" 25 | qe.qemu_dir = "/usr/lib/qemu" 26 | end 27 | 28 | config.ssh.insert_key = false 29 | end 30 | -------------------------------------------------------------------------------- /efi_data/OVMF_CODE_4M.ms.fd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nix-community/nixbox/b39fc572d1bd2f5042584177c7f340b166a9e4f7/efi_data/OVMF_CODE_4M.ms.fd -------------------------------------------------------------------------------- /efi_data/OVMF_VARS_4M.ms.fd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nix-community/nixbox/b39fc572d1bd2f5042584177c7f340b166a9e4f7/efi_data/OVMF_VARS_4M.ms.fd -------------------------------------------------------------------------------- /nixos.pkr.hcl: -------------------------------------------------------------------------------- 1 | packer { 2 | required_plugins { 3 | qemu = { 4 | source = "github.com/hashicorp/qemu" 5 | version = ">= 1.1.0" 6 | } 7 | vmware = { 8 | source = "github.com/hashicorp/vmware" 9 | version = "~> 1" 10 | } 11 | hyperv = { 12 | source = "github.com/hashicorp/hyperv" 13 | version = "~> 1" 14 | } 15 | virtualbox = { 16 | source = "github.com/hashicorp/virtualbox" 17 | version = "~> 1.1.1" 18 | } 19 | vagrant = { 20 | source = "github.com/hashicorp/vagrant" 21 | version = "~> 1" 22 | } 23 | } 24 | } 25 | 26 | locals { 27 | iso_url = "https://channels.nixos.org/nixos-${var.version}/latest-nixos-minimal-${var.arch}-linux.iso" 28 | } 29 | 30 | variable "builder" { 31 | description = "builder" 32 | type = string 33 | } 34 | 35 | variable "version" { 36 | description = "The version of NixOS to build" 37 | type = string 38 | } 39 | 40 | variable "arch" { 41 | description = "The system architecture of NixOS to build (Default: x86_64)" 42 | type = string 43 | default = "x86_64" 44 | } 45 | 46 | variable "iso_checksum" { 47 | description = "A ISO SHA256 value" 48 | type = string 49 | } 50 | 51 | variable "disk_size" { 52 | type = string 53 | default = "10240" 54 | } 55 | 56 | variable "memory" { 57 | type = string 58 | default = "2048" 59 | } 60 | 61 | variable "boot_wait" { 62 | description = "The amount of time to wait for VM boot" 63 | type = string 64 | default = "120s" 65 | } 66 | 67 | variable "qemu_accelerator" { 68 | type = string 69 | default = "kvm" 70 | } 71 | 72 | variable "cloud_repo" { 73 | type = string 74 | default = "nixbox/nixos" 75 | } 76 | 77 | variable "cloud_token" { 78 | type = string 79 | default = "${env("ATLAS_TOKEN")}" 80 | } 81 | 82 | variable "vagrant_cloud_arch" { 83 | type = map(string) 84 | default = { 85 | "i386" = "i386" 86 | "x86-64" = "amd64" 87 | "aarch64" = "arm64" 88 | } 89 | } 90 | 91 | source "hyperv-iso" "hyperv" { 92 | boot_command = [ 93 | "mkdir -m 0700 .ssh", 94 | "curl http://{{ .HTTPIP }}:{{ .HTTPPort }}/install_ed25519.pub > .ssh/authorized_keys", 95 | "sudo su --", "nix-env -iA nixos.linuxPackages.hyperv-daemons", 96 | "$(find /nix/store -executable -iname 'hv_kvp_daemon' | head -n 1)", 97 | "systemctl start sshd" 98 | ] 99 | boot_wait = var.boot_wait 100 | communicator = "ssh" 101 | differencing_disk = true 102 | disk_size = var.disk_size 103 | enable_secure_boot = false 104 | generation = 1 105 | headless = true 106 | http_directory = "scripts" 107 | iso_checksum = var.iso_checksum 108 | iso_url = local.iso_url 109 | memory = var.memory 110 | shutdown_command = "sudo shutdown -h now" 111 | ssh_port = 22 112 | ssh_private_key_file = "./scripts/install_ed25519" 113 | ssh_timeout = "1h" 114 | ssh_username = "nixos" 115 | switch_name = "Default Switch" 116 | } 117 | 118 | source "qemu" "qemu" { 119 | boot_command = [ 120 | "mkdir -m 0700 .ssh", 121 | "curl http://{{ .HTTPIP }}:{{ .HTTPPort }}/install_ed25519.pub > .ssh/authorized_keys", 122 | "sudo systemctl start sshd" 123 | ] 124 | boot_wait = var.boot_wait 125 | disk_interface = "virtio-scsi" 126 | disk_size = var.disk_size 127 | format = "qcow2" 128 | headless = true 129 | http_directory = "scripts" 130 | iso_checksum = var.iso_checksum 131 | iso_url = local.iso_url 132 | qemuargs = [ 133 | ["-m", var.memory], 134 | [ "-netdev", "user,hostfwd=tcp::{{ .SSHHostPort }}-:22,id=forward"], 135 | [ "-device", "virtio-net,netdev=forward,id=net0"] 136 | ] 137 | shutdown_command = "sudo shutdown -h now" 138 | ssh_port = 22 139 | ssh_private_key_file = "./scripts/install_ed25519" 140 | ssh_username = "nixos" 141 | } 142 | 143 | source "qemu" "qemu-efi" { 144 | boot_command = [ 145 | "mkdir -m 0700 .ssh", 146 | "curl http://{{ .HTTPIP }}:{{ .HTTPPort }}/install_ed25519.pub > .ssh/authorized_keys", 147 | "sudo systemctl start sshd" 148 | ] 149 | boot_wait = var.boot_wait 150 | disk_interface = "virtio-scsi" 151 | disk_size = var.disk_size 152 | format = "qcow2" 153 | headless = true 154 | http_directory = "scripts" 155 | iso_checksum = var.iso_checksum 156 | iso_url = local.iso_url 157 | qemuargs = [ 158 | ["-m", var.memory], 159 | [ "-netdev", "user,hostfwd=tcp::{{ .SSHHostPort }}-:22,id=forward"], 160 | [ "-device", "virtio-net,netdev=forward,id=net0"] 161 | ] 162 | shutdown_command = "sudo shutdown -h now" 163 | machine_type = "q35" 164 | ssh_port = 22 165 | ssh_private_key_file = "./scripts/install_ed25519" 166 | ssh_username = "nixos" 167 | efi_firmware_code = "./efi_data/OVMF_CODE_4M.ms.fd" 168 | #efi_firmware_vars = "./efi_data/OVMF_VARS_4M.ms.fd" 169 | } 170 | 171 | source "virtualbox-iso" "virtualbox" { 172 | boot_command = [ 173 | "mkdir -m 0700 .ssh", 174 | "echo '{{ .SSHPublicKey }}' > .ssh/authorized_keys", 175 | "sudo systemctl start sshd" 176 | ] 177 | boot_wait = "45s" 178 | disk_size = var.disk_size 179 | format = "ova" 180 | guest_additions_mode = "disable" 181 | guest_os_type = "Linux_64" 182 | headless = true 183 | http_directory = "scripts" 184 | iso_checksum = var.iso_checksum 185 | iso_url = local.iso_url 186 | shutdown_command = "sudo shutdown -h now" 187 | ssh_port = 22 188 | ssh_username = "nixos" 189 | vboxmanage = [["modifyvm", "{{ .Name }}", "--memory", var.memory, "--vram", "128", "--clipboard", "bidirectional"]] 190 | } 191 | 192 | source "virtualbox-iso" "virtualbox-efi" { 193 | boot_command = [ 194 | "mkdir -m 0700 .ssh", 195 | "echo '{{ .SSHPublicKey }}' > .ssh/authorized_keys", 196 | "sudo systemctl start sshd" 197 | ] 198 | boot_wait = "55s" 199 | disk_size = var.disk_size 200 | format = "ova" 201 | guest_additions_mode = "disable" 202 | guest_os_type = "Linux_64" 203 | headless = true 204 | http_directory = "scripts" 205 | iso_checksum = var.iso_checksum 206 | iso_url = local.iso_url 207 | iso_interface = "sata" 208 | shutdown_command = "sudo shutdown -h now" 209 | ssh_port = 22 210 | ssh_username = "nixos" 211 | vboxmanage = [["modifyvm", "{{ .Name }}", "--memory", var.memory, "--vram", "128", "--clipboard", "bidirectional", "--firmware", "EFI"]] 212 | } 213 | 214 | source "vmware-iso" "vmware" { 215 | boot_command = [ 216 | "mkdir -m 0700 .ssh", 217 | "curl http://{{ .HTTPIP }}:{{ .HTTPPort }}/install_ed25519.pub > .ssh/authorized_keys", 218 | "sudo systemctl start sshd" 219 | ] 220 | boot_wait = "45s" 221 | disk_size = var.disk_size 222 | guest_os_type = "Linux" 223 | headless = true 224 | http_directory = "scripts" 225 | iso_checksum = var.iso_checksum 226 | iso_url = local.iso_url 227 | memory = var.memory 228 | shutdown_command = "sudo shutdown -h now" 229 | ssh_port = 22 230 | ssh_private_key_file = "./scripts/install_ed25519" 231 | ssh_username = "nixos" 232 | } 233 | 234 | build { 235 | sources = [ 236 | "source.hyperv-iso.hyperv", 237 | "source.qemu.qemu", 238 | "source.qemu.qemu-efi", 239 | "source.virtualbox-iso.virtualbox", 240 | "source.virtualbox-iso.virtualbox-efi", 241 | "source.vmware-iso.vmware" 242 | ] 243 | 244 | provisioner "shell" { 245 | execute_command = "sudo su -c '{{ .Vars }} {{ .Path }}'" 246 | script = "./scripts/install.sh" 247 | } 248 | 249 | post-processors { 250 | post-processor "vagrant" { 251 | keep_input_artifact = false 252 | only = ["virtualbox-iso.virtualbox", "qemu.qemu", "hyperv-iso.hyperv", "virtualbox-iso.virtualbox-efi", "qemu.qemu-efi"] 253 | output = "nixos-${var.version}-${var.builder}-${var.arch}.box" 254 | } 255 | post-processor "vagrant-cloud" { 256 | only = ["virtualbox-iso.virtualbox", "qemu.qemu", "hyperv-iso.hyperv"] 257 | access_token = "${var.cloud_token}" 258 | box_tag = "${var.cloud_repo}" 259 | version = "${var.version}" 260 | architecture = "${lookup(var.vagrant_cloud_arch, var.arch, "amd64")}" 261 | } 262 | post-processor "vagrant-cloud" { 263 | only = ["virtualbox-iso.virtualbox-efi", "qemu.qemu-efi"] 264 | access_token = "${var.cloud_token}" 265 | box_tag = "${var.cloud_repo}" 266 | version = "${var.version}-efi" 267 | architecture = "${lookup(var.vagrant_cloud_arch, var.arch, "amd64")}" 268 | } 269 | } 270 | } 271 | -------------------------------------------------------------------------------- /scripts/builders/hyperv-iso.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | # Enable guest additions. 5 | virtualisation.hypervGuest.enable = true; 6 | 7 | # Enable systemd efi bootloader 8 | # boot.loader.systemd-boot.enable = true; 9 | 10 | environment.systemPackages = with pkgs; [ 11 | cifs-utils 12 | ]; 13 | } -------------------------------------------------------------------------------- /scripts/builders/qemu.nix: -------------------------------------------------------------------------------- 1 | { modulesPath, ... }: 2 | { 3 | imports = [ 4 | "${toString modulesPath}/profiles/qemu-guest.nix" 5 | ]; 6 | } 7 | -------------------------------------------------------------------------------- /scripts/builders/virtualbox-iso.nix: -------------------------------------------------------------------------------- 1 | { ... }: 2 | { 3 | # Enable guest additions. 4 | virtualisation.virtualbox.guest.enable = true; 5 | 6 | # Add vboxsf group to the vagrant user 7 | users.users.vagrant.extraGroups = [ "vboxsf" ]; 8 | } -------------------------------------------------------------------------------- /scripts/builders/vmware-iso.nix: -------------------------------------------------------------------------------- 1 | { ... }: 2 | { 3 | # Enable guest additions. 4 | virtualisation.vmware.guest.enable = true; 5 | } 6 | -------------------------------------------------------------------------------- /scripts/configuration.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | imports = 5 | [ # Include the results of the hardware scan. 6 | ./hardware-configuration.nix 7 | ./hardware-builder.nix 8 | ./bootloader.nix 9 | ./vagrant.nix 10 | ./custom-configuration.nix 11 | ]; 12 | 13 | 14 | 15 | # remove the fsck that runs at startup. It will always fail to run, stopping 16 | # your boot until you press *. 17 | boot.initrd.checkJournalingFS = false; 18 | 19 | # Services to enable: 20 | 21 | # Enable the OpenSSH daemon. 22 | services.openssh.enable = true; 23 | services.openssh.extraConfig = 24 | '' 25 | PubkeyAcceptedKeyTypes +ssh-rsa 26 | ''; 27 | 28 | # Enable DBus 29 | services.dbus.enable = true; 30 | 31 | # Replace ntpd by timesyncd 32 | services.timesyncd.enable = true; 33 | 34 | # Packages for Vagrant 35 | environment.systemPackages = with pkgs; [ 36 | findutils 37 | gnumake 38 | iputils 39 | jq 40 | nettools 41 | netcat 42 | nfs-utils 43 | rsync 44 | ]; 45 | 46 | users.users.root = { password = "vagrant"; }; 47 | # Creates a "vagrant" group & user with password-less sudo access 48 | users.groups.vagrant = { 49 | name = "vagrant"; 50 | members = [ "vagrant" ]; 51 | }; 52 | users.users.vagrant = { 53 | description = "Vagrant User"; 54 | name = "vagrant"; 55 | group = "vagrant"; 56 | extraGroups = [ "users" "wheel" ]; 57 | password = "vagrant"; 58 | home = "/home/vagrant"; 59 | createHome = true; 60 | useDefaultShell = true; 61 | openssh.authorizedKeys.keys = [ 62 | "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" 63 | ]; 64 | isNormalUser = true; 65 | }; 66 | 67 | security.sudo.extraConfig = 68 | '' 69 | Defaults:root,%wheel env_keep+=LOCALE_ARCHIVE 70 | Defaults:root,%wheel env_keep+=NIX_PATH 71 | Defaults:root,%wheel env_keep+=TERMINFO_DIRS 72 | Defaults env_keep+=SSH_AUTH_SOCK 73 | Defaults lecture = never 74 | root ALL=(ALL) SETENV: ALL 75 | %wheel ALL=(ALL) NOPASSWD: ALL, SETENV: ALL 76 | ''; 77 | 78 | } 79 | -------------------------------------------------------------------------------- /scripts/custom-configuration.nix: -------------------------------------------------------------------------------- 1 | { config, pkgs, ... }: 2 | 3 | { 4 | # Place here any custom configuration specific to your organisation (locale, ...) 5 | # if you want it to be part of the packer base image to be used with vagrant. 6 | } 7 | -------------------------------------------------------------------------------- /scripts/grub-bios.nix: -------------------------------------------------------------------------------- 1 | # This file is overwritten by the vagrant-nixos plugin 2 | { config, pkgs, ... }: 3 | { 4 | # Use the GRUB 2 boot loader. 5 | boot.loader.grub.enable = true; 6 | boot.loader.grub.version = 2; 7 | boot.loader.grub.device = "/dev/sda"; 8 | } 9 | -------------------------------------------------------------------------------- /scripts/grub-efi.nix: -------------------------------------------------------------------------------- 1 | # This file is overwritten by the vagrant-nixos plugin 2 | { config, pkgs, ... }: 3 | { 4 | boot.loader = { 5 | efi = { 6 | canTouchEfiVariables = false; 7 | efiSysMountPoint = "/boot/efi"; 8 | }; 9 | # Use the GRUB 2 boot loader. 10 | grub = { 11 | enable = true; 12 | efiSupport = true; 13 | device = "nodev"; 14 | efiInstallAsRemovable = true; 15 | }; 16 | }; 17 | } 18 | -------------------------------------------------------------------------------- /scripts/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh -e 2 | 3 | export MACHINE_TYPE=$([ -d /sys/firmware/efi/efivars ] && echo "UEFI" || echo "Legacy") 4 | 5 | # Partition disk 6 | if [ $MACHINE_TYPE == "Legacy" ];then 7 | cat < /mnt/etc/nixos/vagrant.nix 53 | if [ $MACHINE_TYPE == "Legacy" ];then 54 | curl -sf "$PACKER_HTTP_ADDR/grub-bios.nix" > /mnt/etc/nixos/bootloader.nix 55 | elif [ $MACHINE_TYPE == "UEFI" ];then 56 | curl -sf "$PACKER_HTTP_ADDR/grub-efi.nix" > /mnt/etc/nixos/bootloader.nix 57 | fi 58 | curl -sf "$PACKER_HTTP_ADDR/vagrant-hostname.nix" > /mnt/etc/nixos/vagrant-hostname.nix 59 | curl -sf "$PACKER_HTTP_ADDR/vagrant-network.nix" > /mnt/etc/nixos/vagrant-network.nix 60 | curl -sf "$PACKER_HTTP_ADDR/builders/$PACKER_BUILDER_TYPE.nix" > /mnt/etc/nixos/hardware-builder.nix 61 | curl -sf "$PACKER_HTTP_ADDR/configuration.nix" > /mnt/etc/nixos/configuration.nix 62 | curl -sf "$PACKER_HTTP_ADDR/custom-configuration.nix" > /mnt/etc/nixos/custom-configuration.nix 63 | 64 | ### Install ### 65 | nixos-install 66 | 67 | ### Cleanup ### 68 | curl "$PACKER_HTTP_ADDR/postinstall.sh" | nixos-enter 69 | -------------------------------------------------------------------------------- /scripts/install_ed25519: -------------------------------------------------------------------------------- 1 | -----BEGIN OPENSSH PRIVATE KEY----- 2 | b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW 3 | QyNTUxOQAAACAd1lePsW/sGio5ByA55DUxD8/7prXYc0Wwx05K/KhpPQAAAJCerk2Onq5N 4 | jgAAAAtzc2gtZWQyNTUxOQAAACAd1lePsW/sGio5ByA55DUxD8/7prXYc0Wwx05K/KhpPQ 5 | AAAEBLAsvfmFLDwMSOaDg73JxG/JS073g2HjBY7Gy2/4tYHh3WV4+xb+waKjkHIDnkNTEP 6 | z/umtdhzRbDHTkr8qGk9AAAADHZhZ3JhbnQtb25seQE= 7 | -----END OPENSSH PRIVATE KEY----- 8 | -------------------------------------------------------------------------------- /scripts/install_ed25519.pub: -------------------------------------------------------------------------------- 1 | ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB3WV4+xb+waKjkHIDnkNTEPz/umtdhzRbDHTkr8qGk9 vagrant-only 2 | -------------------------------------------------------------------------------- /scripts/postinstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | echo "Start postinstall ..." 4 | 5 | # Cleanup any previous generations and delete old packages that can be 6 | # pruned. 7 | 8 | for x in $(seq 0 2) ; do 9 | nix-env --delete-generations old 10 | nix-collect-garbage -d 11 | done 12 | 13 | 14 | if [[ "${PACKER_BUILDER_TYPE}" == "qemu" ]] ; then 15 | echo "skipping disk zero out!" 16 | else 17 | echo "zeroing out the disk..." 18 | 19 | # Zero out the disk (for better compression) 20 | dd if=/dev/zero of=/EMPTY bs=1M 21 | rm -rf /EMPTY 22 | fi 23 | -------------------------------------------------------------------------------- /scripts/vagrant-hostname.nix: -------------------------------------------------------------------------------- 1 | # This script is overwritten by vagrant. See 2 | # https://github.com/mitchellh/vagrant/blob/master/templates/guests/nixos/hostname.erb 3 | { config, pkgs, ... }: 4 | { 5 | networking.hostName = "nixbox"; 6 | } 7 | -------------------------------------------------------------------------------- /scripts/vagrant-network.nix: -------------------------------------------------------------------------------- 1 | # This file is overwritten by vagrant. See 2 | # https://github.com/mitchellh/vagrant/blob/master/templates/guests/nixos/network.erb 3 | {} 4 | -------------------------------------------------------------------------------- /scripts/vagrant.nix: -------------------------------------------------------------------------------- 1 | # This file is overwritten by the vagrant-nixos plugin 2 | { config, pkgs, ... }: 3 | { 4 | imports = [ 5 | ./vagrant-hostname.nix 6 | ./vagrant-network.nix 7 | ]; 8 | } 9 | -------------------------------------------------------------------------------- /shell.nix: -------------------------------------------------------------------------------- 1 | with import {}; 2 | 3 | stdenv.mkDerivation { 4 | name = "nixbox-shell"; 5 | buildInputs = [ 6 | gnumake 7 | packer 8 | ruby 9 | vagrant 10 | ]; 11 | } 12 | --------------------------------------------------------------------------------