guix-installer-vm/Makefile
Denis 'GNUtoo' Carikli f5dca5c072
Fix automatic updates
According to the operating-system-file fileld of
unattended-upgrade-configuration in the manual, automatic updates
don't work when "/run/current-system/configuration.scm [...] refers to
extra files (SSH public keys, extra configuration files, etc.) via
local-file and similar constructs.".

So we need these files in the store and to point to them to make the
automatic updates work.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
2023-10-03 12:04:06 +02:00

54 lines
1.4 KiB
Makefile

.PHONY: all
all: guix-installer-vm.img
# Generate default key. Can be changed by replacing id_ed25519.pub.
id_ed25519.pub:
printf "ssh-ed25519 %s %s" \
'AAAAC3NzaC1lZDI1NTE5AAAAIH2feuEj4asx0ImCG+cuiPv2WdKF6vMI+cJtZyG9cwUQ' \
'gnutoo@primary_laptop' \
> $@
# Generate default key. Can be changed by replacing signing-key.pub.
signing-key.pub:
printf '(public-key (ecc (curve Ed25519) (q #%s#)))\n' \
'3A7E1F41E2D5784CFCABB39CB73F99E727D4A5C1ECA79D873587D63D093CC4B5' \
>$@
# We want to only update the image when guix commit changes. The trick
# to make that work is to only create or update a file when the revision
# changes.
guix-commit.txt: Makefile
if [ ! -f $@ ] ; then \
guix describe | grep '^ commit:' | awk '{print $$2}' > $@ ; \
elif [ "$(cat $@)" != \
"$(guix describe | \
grep '^ commit:' | awk '{print $$2}')" ] ; then \
guix describe | grep '^ commit:' | awk '{print $$2}' > $@ ; \
fi
TARBALL_SOURCE = \
first-boot.sh \
guix-commit.txt \
guix-installer-vm-system.scm \
id_ed25519.pub \
Makefile \
signing-key.pub
guix-installer-vm.tar: $(TARBALL_SOURCE)
tar --exclude "id_ed25519" -cf $@ $(TARBALL_SOURCE)
guix-installer-vm.tar.xz: guix-installer-vm.tar
xz -f -9e --verbose $<
IMAGE_SOURCE = \
$(TARBALL_SOURCE) \
guix-installer-vm.tar.xz
guix-installer-vm.img: $(IMAGE_SOURCE)
install \
`guix system image \
--image-type=mbr-raw \
--image-size=4G guix-installer-vm-system.scm` \
$@