72 lines
1.8 KiB
HCL
72 lines
1.8 KiB
HCL
locals {
|
|
environment = lookup(jsondecode(file("../config.json")), "terraform_packer_environment", "")
|
|
}
|
|
|
|
variable "nixos-version" {
|
|
description = "NixOS version https://nixos.org/manual/nixos/stable/release-notes.html"
|
|
default = "20.09"
|
|
}
|
|
|
|
variable "build-version" {
|
|
description = "Internal build version"
|
|
default = "0.0.1"
|
|
}
|
|
|
|
variable "nixos-infect" {
|
|
description = "Ensure the desired version of nixos-infect is retrieved https://github.com/elitak/nixos-infect/commits/master"
|
|
type = map(string)
|
|
default = {
|
|
"commit_hash" = "30441b1"
|
|
"checksum_hash" = "daa557fa29609e8dbb0f2e9f62c08101"
|
|
}
|
|
}
|
|
|
|
source "hcloud" "nixos-build-spec" {
|
|
token = lookup(jsondecode(file("../secrets.json")), "hcloud_token_${local.environment}", "")
|
|
image = "ubuntu-20.04"
|
|
location = "nbg1"
|
|
server_type = "cx11"
|
|
ssh_username = "root"
|
|
snapshot_name = "nixos-${var.nixos-version}-${var.build-version}"
|
|
#ssh_keys = [""] # A user 'operator' with an authorized public key in is set up via Nix (see ./nix/system.nix)
|
|
}
|
|
|
|
build {
|
|
name = "nixos"
|
|
|
|
sources = ["sources.hcloud.nixos-build-spec"]
|
|
|
|
provisioner "shell" {
|
|
expect_disconnect = true
|
|
environment_vars = [
|
|
"NIXOS_INFECT_COMMIT_HASH=${lookup(var.nixos-infect, "commit_hash", "")}",
|
|
"NIXOS_INFECT_CHECKSUM_HASH=${lookup(var.nixos-infect, "checksum_hash", "")}",
|
|
"NIXOS_VERSION=${var.nixos-version}"
|
|
]
|
|
script = "install.sh"
|
|
}
|
|
|
|
provisioner "shell" {
|
|
inline = [
|
|
"mkdir /tmp/packer_transfer"
|
|
]
|
|
}
|
|
|
|
provisioner "file" {
|
|
source = "nix/"
|
|
destination = "/tmp/packer_transfer"
|
|
}
|
|
|
|
provisioner "shell" {
|
|
inline = [
|
|
"rm /etc/nixos/*.nix",
|
|
"install -m 0644 -o root -g root /tmp/packer_transfer/*.nix /etc/nixos/",
|
|
"nixos-rebuild build && nixos-rebuild switch"
|
|
]
|
|
}
|
|
}
|
|
|
|
packer {
|
|
required_version = ">= 1.6.5, < 2.0.0"
|
|
}
|