clanCore: init machine_id.nix with clan.core.machine.{id,diskId}

2024-09-06 18:05:40 +02:00
parent 0d83a59d8e
commit b16a53f510
28 changed files with 219 additions and 48 deletions
--- a/checks/installation/flake-module.nix
+++ b/checks/installation/flake-module.nix
@@ -1,7 +1,12 @@
 { self, lib, ... }:
+
 {
  clan.machines.test-install-machine = {
    clan.core.networking.targetHost = "test-install-machine";
+    clan.core.machine = {
+      id = "a73f5245cdba4576ab6cfef3145ac9ec";
+      diskId = "c4c47b";
+    };
    fileSystems."/".device = lib.mkDefault "/dev/vdb";
    boot.loader.grub.device = lib.mkDefault "/dev/vdb";

@@ -17,7 +22,10 @@
          (modulesPath + "/profiles/qemu-guest.nix")
        ];
        clan.single-disk.device = "/dev/vdb";
-
+        clan.core.machine = {
+          id = "a73f5245cdba4576ab6cfef3145ac9ec";
+          diskId = "c4c47b";
+        };
        environment.etc."install-successful".text = "ok";

        boot.consoleLogLevel = lib.mkForce 100;
@@ -34,8 +42,10 @@
    let
      dependencies = [
        self
+        pkgs.age
        self.nixosConfigurations.test-install-machine.config.system.build.toplevel
        self.nixosConfigurations.test-install-machine.config.system.build.diskoScript
+        self.clanInternals.machines.${pkgs.hostPlatform.system}.test-install-machine.config.system.build.diskoScript.drvPath
        self.nixosConfigurations.test-install-machine.config.system.clan.deployment.file
        pkgs.stdenv.drvPath
        pkgs.nixos-anywhere
@@ -50,6 +60,7 @@
            services.openssh.enable = true;
            users.users.root.openssh.authorizedKeys.keyFiles = [ ../lib/ssh/pubkey ];
            system.nixos.variant_id = "installer";
+
            virtualisation.emptyDiskImages = [ 4096 ];
            nix.settings = {
              substituters = lib.mkForce [ ];
@@ -67,6 +78,7 @@
              self.packages.${pkgs.system}.clan-cli
            ] ++ self.packages.${pkgs.system}.clan-cli.runtimeDependencies;
            environment.etc."install-closure".source = "${closureInfo}/store-paths";
+            environment.variables."SOPS_AGE_KEY" = builtins.readFile ../lib/age/privkey;
            virtualisation.memorySize = 2048;
            nix.settings = {
              substituters = lib.mkForce [ ];
@@ -99,9 +111,11 @@
            client.wait_until_succeeds("timeout 2 ssh -o StrictHostKeyChecking=accept-new -v root@target hostname")
            client.succeed("cp -r ${../..} test-flake && chmod -R +w test-flake")
            client.fail("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
-            client.succeed("clan machines hw-generate --flake test-flake test-install-machine root@target>&2")
+            client.succeed("clan secrets key generate")
+            client.succeed("clan secrets users add --debug --flake test-flake testuser '${builtins.readFile ../lib/age/pubkey}'")
+            client.succeed("clan machines hw-generate --debug --flake test-flake test-install-machine root@target>&2")
            client.succeed("test -f test-flake/machines/test-install-machine/hardware-configuration.nix")
-            client.succeed("clan machines install --debug --flake ${../..} --yes test-install-machine root@target >&2")
+            client.succeed("clan machines install --debug --flake test-flake --yes test-install-machine root@target >&2")
            try:
              target.shutdown()
            except BrokenPipeError: