From adae5e49f888ab12b7f83dc77a818bd4c2de6e6c Mon Sep 17 00:00:00 2001 From: DannyDannyDanny Date: Sun, 8 Mar 2026 16:49:32 +0100 Subject: [PATCH] Add write-installer-iso-to-usb-on-server.sh; build script SSH key fix; doc Made-with: Cursor --- docs/server-installer-usb.md | 14 ++++- scripts/build-installer-iso-on-server.sh | 41 ++++++++++++++ .../write-installer-iso-to-usb-on-server.sh | 54 +++++++++++++++++++ 3 files changed, 108 insertions(+), 1 deletion(-) create mode 100755 scripts/build-installer-iso-on-server.sh create mode 100755 scripts/write-installer-iso-to-usb-on-server.sh diff --git a/docs/server-installer-usb.md b/docs/server-installer-usb.md index c30673b..b668d71 100644 --- a/docs/server-installer-usb.md +++ b/docs/server-installer-usb.md @@ -15,7 +15,19 @@ You **cannot** build the custom installer ISO on macOS (it is x86_64-linux only The custom ISO adds Wi‑Fi kernel modules and optional live Wi‑Fi; it must be built on **x86_64-linux** (or with a Nix remote builder configured for that system). Building on macOS will fail. -From a Linux machine (or a builder that can target x86_64-linux): +### Build from sunken-ship (one command from your Mac) + +When the server is on the same network, run from the dotfiles repo: + +```bash +./scripts/build-installer-iso-on-server.sh +``` + +This pushes the branch, SSHs to sunken-ship, clones the repo there, runs `nix build .#installer-iso`, and copies the ISO back to the current directory. Optional: `./scripts/build-installer-iso-on-server.sh sunken-ship /path/to/output`. + +### Build directly on a Linux machine + +From a Linux box (or on sunken-ship after SSH in): ```bash cd ~/dotfiles/nixos diff --git a/scripts/build-installer-iso-on-server.sh b/scripts/build-installer-iso-on-server.sh new file mode 100755 index 0000000..d969b68 --- /dev/null +++ b/scripts/build-installer-iso-on-server.sh @@ -0,0 +1,41 @@ +#!/usr/bin/env bash +# Build the NixOS installer ISO on sunken-ship (x86_64-linux) and copy it back. +# Run from your Mac when sunken-ship is reachable (same network). +# Usage: ./scripts/build-installer-iso-on-server.sh [host] [output_dir] +# host: SSH host (default: sunken-ship) +# output_dir: where to save the ISO on your Mac (default: .) +# Override SSH key: SSH_KEY=~/.ssh/my_key ./scripts/build-installer-iso-on-server.sh +set -euo pipefail + +HOST="${1:-sunken-ship}" +OUT="${2:-.}" + +# Use sunken-ship key if not set (AGENTS.md) +if [[ -n "${SSH_KEY:-}" ]]; then + SSH_OPTS=(-i "$SSH_KEY") +elif [[ "$HOST" == "sunken-ship" ]] && [[ -f ~/.ssh/id_ed25519_sunken_ship ]]; then + SSH_OPTS=(-i ~/.ssh/id_ed25519_sunken_ship) +else + SSH_OPTS=() +fi + +echo "Pushing branch so server can pull..." +git push origin server-installer-usb 2>/dev/null || true + +echo "On $HOST: clone branch, build ISO..." +ssh "${SSH_OPTS[@]}" "$HOST" 'set -e + BUILD_DIR=~/dotfiles-iso-build + rm -rf "$BUILD_DIR" + git clone --branch server-installer-usb https://github.com/DannyDannyDanny/dotfiles.git "$BUILD_DIR" + cd "$BUILD_DIR/nixos" + nix build .#installer-iso + ls -la result/iso/ +' + +ISO_NAME=$(ssh "${SSH_OPTS[@]}" "$HOST" 'ls ~/dotfiles-iso-build/nixos/result/iso/*.iso 2>/dev/null | head -1') +ISO_NAME=$(basename "$ISO_NAME") + +echo "Copying $ISO_NAME to $OUT ..." +scp "${SSH_OPTS[@]}" "$HOST:~/dotfiles-iso-build/nixos/result/iso/$ISO_NAME" "$OUT/" +echo "Done. ISO at $OUT/$ISO_NAME" +echo "Write to USB: diskutil unmountDisk diskN && sudo dd if=$OUT/$ISO_NAME of=/dev/rdiskN bs=4m" diff --git a/scripts/write-installer-iso-to-usb-on-server.sh b/scripts/write-installer-iso-to-usb-on-server.sh new file mode 100755 index 0000000..f25cca3 --- /dev/null +++ b/scripts/write-installer-iso-to-usb-on-server.sh @@ -0,0 +1,54 @@ +#!/usr/bin/env bash +# Run this script ON the server (sunken-ship) with the USB stick plugged in. +# It finds the USB device, unmounts it, and writes the installer ISO to it. +# Usage: sudo ./scripts/write-installer-iso-to-usb-on-server.sh [path_to_iso] +# path_to_iso: default is ~/dotfiles-iso-build/nixos/result/iso/*.iso from the build +set -euo pipefail + +if [[ "$EUID" -ne 0 ]]; then + echo "Run as root: sudo $0 [$*]" + exit 1 +fi + +ISO="${1:-}" +if [[ -z "$ISO" ]]; then + for base in /home/danny ~; do + ISO=$(ls "$base/dotfiles-iso-build/nixos/result/iso/"*.iso 2>/dev/null | head -1) + [[ -n "$ISO" ]] && break + done +fi +if [[ -z "$ISO" || ! -f "$ISO" ]]; then + echo "ISO not found. Pass path: sudo $0 /path/to/nixos-minimal-*.iso" + exit 1 +fi + +echo "Block devices:" +lsblk -d -o NAME,SIZE,MODEL,TRAN +echo "" +echo "Identify the USB (usually the smaller removable disk, e.g. sdb or nvme1n1)." +read -r -p "Device to overwrite (e.g. sdb, no /dev/): " dev +dev="/dev/${dev#/dev/}" +if [[ ! -b "$dev" ]]; then + echo "Not a block device: $dev" + exit 1 +fi + +# Unmount any partitions on the device +for part in "${dev}"*; do + [[ "$part" == "$dev" ]] && continue + if mountpoint -q "$part" 2>/dev/null || mount | grep -q "$part"; then + umount "$part" 2>/dev/null || true + fi +done + +echo "About to write $ISO to $dev (all data on $dev will be destroyed)." +read -r -p "Type YES to continue: " confirm +if [[ "$confirm" != "YES" ]]; then + echo "Aborted." + exit 0 +fi + +echo "Writing..." +dd if="$ISO" of="$dev" bs=4M status=progress +sync +echo "Done. Safe to remove the USB."