From 85c3b4e023e92dca6d5c71a500def981ea116ba8 Mon Sep 17 00:00:00 2001 From: Vincent Mahnke Date: Thu, 25 Dec 2025 20:46:06 +0100 Subject: [PATCH] feat: Adds workflow for NixOS build --- flake.lock | 61 +++++++++++++++++++++++++++++++++++++++++++++++++ flake.nix | 29 ++++++++++++----------- nixos/kiosk.nix | 11 +++++++++ 3 files changed, 86 insertions(+), 15 deletions(-) create mode 100644 flake.lock diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..032fb8b --- /dev/null +++ b/flake.lock @@ -0,0 +1,61 @@ +{ + "nodes": { + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1751274312, + "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-24.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 27086ff..b991131 100644 --- a/flake.nix +++ b/flake.nix @@ -4,26 +4,25 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; flake-utils.url = "github:numtide/flake-utils"; - nixos-generators.url = "github:nix-community/nixos-generators"; }; - outputs = { self, nixpkgs, flake-utils, nixos-generators }: - flake-utils.lib.eachDefaultSystem (system: let - pkgs = import nixpkgs { inherit system; }; - in { - # Build a bootable ISO image using nixos-generators - packages.iso = nixos-generators.nixosGenerate { - inherit pkgs; - format = "iso"; - modules = [ ./nixos/kiosk.nix ]; - }; + outputs = { self, nixpkgs, flake-utils }: + flake-utils.lib.eachDefaultSystem (system: { + # Build a bootable ISO image using the built-in NixOS iso module + packages.iso = ( + (nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ./nixos/kiosk.nix + (import "${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix") + ]; + }).config.system.build.isoImage + ); # Expose the NixOS configuration for direct use if desired - nixosConfigurations.kiosk = let - lib = nixpkgs.lib; - in lib.nixosSystem { + nixosConfigurations.kiosk = (nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ ./nixos/kiosk.nix ]; - }; + }); }); } diff --git a/nixos/kiosk.nix b/nixos/kiosk.nix index dad68b9..e2688f7 100644 --- a/nixos/kiosk.nix +++ b/nixos/kiosk.nix @@ -123,6 +123,16 @@ EOF chown kiosk:kiosk /home/kiosk/.bash_profile ''; + # Unpack preconfigured Firefox profile from the repository into kiosk's home + system.activationScripts.kioskFirefoxProfile = lib.stringAfter ["users"] '' + mkdir -p /home/kiosk/.mozilla/firefox + # Only unzip if directory is empty (first activation) + if [ -z "$(ls -A /home/kiosk/.mozilla/firefox 2>/dev/null)" ]; then + ${pkgs.unzip}/bin/unzip -o ${../Firefox.zip} -d /home/kiosk/.mozilla/firefox + chown -R kiosk:kiosk /home/kiosk/.mozilla/firefox + fi + ''; + ############################################ # Include your userscripts in the image for easy import ############################################ @@ -135,6 +145,7 @@ EOF time.timeZone = "UTC"; services.openssh.enable = true; # optional, mirrors preseed tasksel ssh-server + # Keep system simple, disable unneeded DM services.displayManager.enable = false; }