I was able to reduce the hackery to the following. It only needs a modified ./switch-to-configuration with these sections commented out:
@@ -35,8 +35,8 @@
@@ -51,17 +51,17 @@
@@ -309,47 +309,47 @@
@@ -371,7 +371,7 @@
@@ -401,10 +401,10 @@
@@ -413,17 +413,17 @@
Remaining modifications are to forcibly clear out some elements of system.activationScripts.
The following can be used by NixOps after some minimal prep on the Ubuntu machine
- Install Nix
- .bashrc add to PATH /nix/var/nix/profiles/default/bin
- .bashrc add to PATH /nix/var/nix/profiles/system/sw/bin
- groupadd keys
ubuntu = {config,pkgs,...}:{
deployment.targetHost = "192.168.99.111";
deployment.hasFastConnection = true;
imports = [ <nixpkgs/nixos/modules/profiles/minimal.nix> ];
boot.isContainer = true;
fileSystems."/".device = "/dev/sda1";
environment.systemPackages = [ pkgs.vim pkgs.coreutils pkgs.nettools];
services.nginx = {
enable = true;
virtualHosts = {
testing = {
listen = [
{addr = "127.0.0.1"; port = 80; ssl = false;}
];
default = true;
locations."/" = {
root = "/srv";
};
};
};
};
system.extraSystemBuilderCmds = ''
substituteAll ${./switch-to-configuration} $out/bin/switch-to-configuration
chmod +x $out/bin/switch-to-configuration
'';
system.activationScripts = {
resolvconf = lib.mkForce "";
users = lib.mkForce "";
nginx = {
text = ''
/usr/sbin/useradd nginx || true
/usr/sbin/groupadd nginx || true
/usr/bin/rsync -av /nix/var/nix/profiles/system/etc/systemd/system/nginx.service /etc/systemd/system/nginx.service
/bin/systemctl start nginx.service
'';
deps = [ ];
};
};
};