Skip to content

Commit 9db169c

Browse files
Mic92Mic92
authored
Merge pull request #384 from nix-community/terraform-fixes
Terraform fixes
2 parents fadbb63 + b699b30 commit 9db169c

File tree

8 files changed

+97
-71
lines changed

8 files changed

+97
-71
lines changed

docs/reference.md

Lines changed: 15 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -33,21 +33,23 @@ Options:
3333
set an ssh option
3434
* -L, --print-build-logs
3535
print full build logs
36+
* --env-password
37+
set a password used by ssh-copy-id, the password should be set by
38+
the environment variable SSHPASS
3639
* -s, --store-paths <disko-script> <nixos-system>
3740
set the store paths to the disko-script and nixos-system directly
38-
if this is give, flake is not needed
39-
* --no-reboot
40-
do not reboot after installation, allowing further customization of the target installation.
41+
if this is given, flake is not needed
4142
* --kexec <path>
4243
use another kexec tarball to bootstrap NixOS
44+
* --kexec-extra-flags
45+
extra flags to add into the call to kexec, e.g. "--no-sync"
4346
* --post-kexec-ssh-port <ssh_port>
4447
after kexec is executed, use a custom ssh port to connect. Defaults to 22
4548
* --copy-host-keys
4649
copy over existing /etc/ssh/ssh_host_* host keys to the installation
47-
* --stop-after-disko
48-
exit after disko formatting, you can then proceed to install manually or some other way
49-
* --extra-files <file...>
50-
files to copy into the new nixos installation
50+
* --extra-files <path>
51+
path to a directory to copy into the root of the new nixos installation.
52+
Copied files will be owned by root.
5153
* --disk-encryption-keys <remote_path> <local_path>
5254
copy the contents of the file or pipe in local_path to remote_path in the installer environment,
5355
after kexec but before installation. Can be repeated.
@@ -63,6 +65,12 @@ Options:
6365
build the closure on the remote machine instead of locally and copy-closuring it
6466
* --vm-test
6567
build the system and test the disk configuration inside a VM without installing it to the target.
68+
* --phases
69+
comma separated list of phases to run. Default is: kexec,disko,install,reboot
70+
kexec: kexec into the nixos installer
71+
disko: first unmount and destroy all filesystems on the disks we want to format, then run the create and mount mode
72+
install: install the system
73+
reboot: reboot the machine
6674
```
6775

6876
## Explanation of known error messages

terraform/all-in-one.md

Lines changed: 22 additions & 21 deletions
Large diffs are not rendered by default.

terraform/all-in-one/main.tf

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,11 +27,13 @@ module "install" {
2727
nixos_system = module.system-build.result.out
2828
ssh_private_key = var.install_ssh_key
2929
debug_logging = var.debug_logging
30-
stop_after_disko = var.stop_after_disko
3130
extra_files_script = var.extra_files_script
3231
disk_encryption_key_scripts = var.disk_encryption_key_scripts
3332
extra_environment = var.extra_environment
3433
instance_id = var.instance_id
34+
phases = var.phases
35+
# deprecated attributes
36+
stop_after_disko = var.stop_after_disko
3537
no_reboot = var.no_reboot
3638
}
3739

terraform/all-in-one/variables.tf

Lines changed: 13 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -77,10 +77,22 @@ variable "debug_logging" {
7777

7878
variable "stop_after_disko" {
7979
type = bool
80-
description = "Exit after disko formatting"
80+
description = "DEPRECATED: Use `phases` instead. Exit after disko formatting"
8181
default = false
8282
}
8383

84+
variable "no_reboot" {
85+
type = bool
86+
description = "DEPRECATED: Use `phases` instead. Do not reboot after installation"
87+
default = false
88+
}
89+
90+
variable "phases" {
91+
type = set(string)
92+
description = "Phases to run"
93+
default = ["kexec", "disko", "install", "reboot"]
94+
}
95+
8496
variable "extra_files_script" {
8597
type = string
8698
description = "A script that should place files in the current directory that will be copied to the targets / directory"
@@ -102,12 +114,6 @@ variable "extra_environment" {
102114
default = {}
103115
}
104116

105-
variable "no_reboot" {
106-
type = bool
107-
description = "Do not reboot after installation"
108-
default = false
109-
}
110-
111117
variable "nix_options" {
112118
type = map(string)
113119
description = "the options of nix"

terraform/install.md

Lines changed: 20 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -61,24 +61,26 @@ No modules.
6161

6262
## Inputs
6363

64-
| Name | Description | Type | Default | Required |
65-
| --------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- | -------- | :------: |
66-
| <a name="input_build_on_remote"></a> [build\_on\_remote](#input_build_on_remote) | Build the closure on the remote machine instead of building it locally and copying it over | `bool` | `false` | no |
67-
| <a name="input_debug_logging"></a> [debug\_logging](#input_debug_logging) | Enable debug logging | `bool` | `false` | no |
68-
| <a name="input_disk_encryption_key_scripts"></a> [disk\_encryption\_key\_scripts](#input_disk_encryption_key_scripts) | Each script will be executed locally. Output of each will be created at the given path to disko during installation. The keys will be not copied to the final system | <pre>list(object({<br> path = string<br> script = string<br> }))</pre> | `[]` | no |
69-
| <a name="input_extra_environment"></a> [extra\_environment](#input_extra_environment) | Extra environment variables to be set during installation. This can be useful to set extra variables for the extra\_files\_script or disk\_encryption\_key\_scripts | `map(string)` | `{}` | no |
70-
| <a name="input_extra_files_script"></a> [extra\_files\_script](#input_extra_files_script) | A script that should place files in the current directory that will be copied to the targets / directory | `string` | `null` | no |
71-
| <a name="input_flake"></a> [flake](#input_flake) | The flake to install the system from | `string` | `""` | no |
72-
| <a name="input_instance_id"></a> [instance\_id](#input_instance_id) | The instance id of the target\_host, used to track when to reinstall the machine | `string` | `null` | no |
73-
| <a name="input_kexec_tarball_url"></a> [kexec\_tarball\_url](#input_kexec_tarball_url) | NixOS kexec installer tarball url | `string` | `null` | no |
74-
| <a name="input_nixos_partitioner"></a> [nixos\_partitioner](#input_nixos_partitioner) | nixos partitioner and mount script | `string` | `""` | no |
75-
| <a name="input_nixos_system"></a> [nixos\_system](#input_nixos_system) | The nixos system to deploy | `string` | `""` | no |
76-
| <a name="input_no_reboot"></a> [no\_reboot](#input_no_reboot) | Do not reboot the machine after installation | `bool` | `false` | no |
77-
| <a name="input_ssh_private_key"></a> [ssh\_private\_key](#input_ssh_private_key) | Content of private key used to connect to the target\_host | `string` | `""` | no |
78-
| <a name="input_stop_after_disko"></a> [stop\_after\_disko](#input_stop_after_disko) | Exit after disko formatting | `bool` | `false` | no |
79-
| <a name="input_target_host"></a> [target\_host](#input_target_host) | DNS host to deploy to | `string` | n/a | yes |
80-
| <a name="input_target_port"></a> [target\_port](#input_target_port) | SSH port used to connect to the target\_host | `number` | `22` | no |
81-
| <a name="input_target_user"></a> [target\_user](#input_target_user) | SSH user used to connect to the target\_host | `string` | `"root"` | no |
64+
| Name | Description | Type | Default | Required |
65+
| --------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- | ----------------------------------------------------------------------- | :------: |
66+
| <a name="input_build_on_remote"></a> [build\_on\_remote](#input_build_on_remote) | Build the closure on the remote machine instead of building it locally and copying it over | `bool` | `false` | no |
67+
| <a name="input_debug_logging"></a> [debug\_logging](#input_debug_logging) | Enable debug logging | `bool` | `false` | no |
68+
| <a name="input_disk_encryption_key_scripts"></a> [disk\_encryption\_key\_scripts](#input_disk_encryption_key_scripts) | Each script will be executed locally. Output of each will be created at the given path to disko during installation. The keys will be not copied to the final system | <pre>list(object({<br> path = string<br> script = string<br> }))</pre> | `[]` | no |
69+
| <a name="input_extra_environment"></a> [extra\_environment](#input_extra_environment) | Extra environment variables to be set during installation. This can be useful to set extra variables for the extra\_files\_script or disk\_encryption\_key\_scripts | `map(string)` | `{}` | no |
70+
| <a name="input_extra_files_script"></a> [extra\_files\_script](#input_extra_files_script) | A script that should place files in the current directory that will be copied to the targets / directory | `string` | `null` | no |
71+
| <a name="input_flake"></a> [flake](#input_flake) | The flake to install the system from | `string` | `""` | no |
72+
| <a name="input_instance_id"></a> [instance\_id](#input_instance_id) | The instance id of the target\_host, used to track when to reinstall the machine | `string` | `null` | no |
73+
| <a name="input_kexec_tarball_url"></a> [kexec\_tarball\_url](#input_kexec_tarball_url) | NixOS kexec installer tarball url | `string` | `null` | no |
74+
| <a name="input_nixos_partitioner"></a> [nixos\_partitioner](#input_nixos_partitioner) | nixos partitioner and mount script | `string` | `""` | no |
75+
| <a name="input_nixos_system"></a> [nixos\_system](#input_nixos_system) | The nixos system to deploy | `string` | `""` | no |
76+
| <a name="input_no_reboot"></a> [no\_reboot](#input_no_reboot) | DEPRECATED: Use `phases` instead. Do not reboot after installation | `bool` | `false` | no |
77+
| <a name="input_phases"></a> [phases](#input_phases) | Phases to run | `list(string)` | <pre>[<br> "kexec",<br> "disko",<br> "install",<br> "reboot"<br>]</pre> | no |
78+
| <a name="input_ssh_private_key"></a> [ssh\_private\_key](#input_ssh_private_key) | Content of private key used to connect to the target\_host | `string` | `""` | no |
79+
| <a name="input_stop_after_disko"></a> [stop\_after\_disko](#input_stop_after_disko) | DEPRECATED: Use `phases` instead. Exit after disko formatting | `bool` | `false` | no |
80+
| <a name="input_target_host"></a> [target\_host](#input_target_host) | DNS host to deploy to | `string` | n/a | yes |
81+
| <a name="input_target_pass"></a> [target\_pass](#input_target_pass) | Password used to connect to the target\_host | `string` | `null` | no |
82+
| <a name="input_target_port"></a> [target\_port](#input_target_port) | SSH port used to connect to the target\_host | `number` | `22` | no |
83+
| <a name="input_target_user"></a> [target\_user](#input_target_user) | SSH user used to connect to the target\_host | `string` | `"root"` | no |
8284

8385
## Outputs
8486

0 commit comments

Comments
 (0)