reduce system and installer size

Plopmenz · Plopmenz · commit fd7fdc78b5d1 · 2026-02-19T17:24:37.000+01:00
diff --git a/flake.lock b/flake.lock
diff --git a/flake.nix b/flake.nix
@@ -15,7 +15,7 @@
       inputs.nixpkgs.follows = "nixpkgs";
     };
     xnode-auth = {
-      url = "github:Openmesh-Network/xnode-auth";
+      url = "github:Openmesh-Network/xnode-auth/cache";
       inputs.nixpkgs.follows = "nixpkgs";
     };
   };
diff --git a/installer/config.nix b/installer/config.nix
@@ -145,20 +145,41 @@
     system.stateVersion = config.system.nixos.release;
 
     # Reduce closure size (https://github.com/nix-community/nixos-images/blob/main/nix/noninteractive.nix)
-    environment.defaultPackages = lib.mkForce [ ];
     system.extraDependencies = lib.mkForce [ ];
-
-    # Disable unused nixos tools
     system.disableInstallerTools = true;
-
-    # Disable documentation
-    documentation.enable = false;
-    documentation.man.enable = false;
-    documentation.nixos.enable = false;
-    documentation.doc.enable = false;
-
-    # Disable unused programs
     programs.nano.enable = false;
     security.sudo.enable = false;
+
+    # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/minimal.nix
+    documentation = {
+      enable = lib.mkDefault false;
+      doc.enable = lib.mkDefault false;
+      info.enable = lib.mkDefault false;
+      man.enable = lib.mkDefault false;
+      nixos.enable = lib.mkDefault false;
+    };
+
+    environment = {
+      # Perl is a default package.
+      defaultPackages = lib.mkDefault [ ];
+      stub-ld.enable = lib.mkDefault false;
+    };
+
+    programs = {
+      command-not-found.enable = lib.mkDefault false;
+      fish.generateCompletions = lib.mkDefault false;
+    };
+
+    services = {
+      logrotate.enable = lib.mkDefault false;
+      udisks2.enable = lib.mkDefault false;
+    };
+
+    xdg = {
+      autostart.enable = lib.mkDefault false;
+      icons.enable = lib.mkDefault false;
+      mime.enable = lib.mkDefault false;
+      sounds.enable = lib.mkDefault false;
+    };
   };
 }
diff --git a/nix/nixos-module.nix b/nix/nixos-module.nix
@@ -12,6 +12,7 @@
     ./os/network.nix
     ./os/state-version.nix
     (import ./os/manager.nix { inherit inputs; })
+    ./os/minimal.nix
     ./os/debug.nix
   ];
 
diff --git a/nix/os/disks.nix b/nix/os/disks.nix
@@ -20,7 +20,6 @@ in
 
   config = lib.mkMerge [
     {
-      boot.supportedFilesystems = [ "btrfs" ];
       fileSystems = {
         "/" = {
           label = "ROOT";
diff --git a/nix/os/minimal.nix b/nix/os/minimal.nix
@@ -0,0 +1,75 @@
+{ config, lib, ... }:
+let
+  debug =
+    if (builtins.pathExists "${config.services.xnodeos.xnode-config}/debug") then
+      builtins.readFile "${config.services.xnodeos.xnode-config}/debug"
+    else
+      "";
+in
+{
+  config = lib.mkIf (debug == "") {
+    # Reduce closure size (https://github.com/nix-community/nixos-images/blob/main/nix/noninteractive.nix)
+    environment.systemPackages = lib.mkForce [ ];
+    system.extraDependencies = lib.mkForce [ ];
+    boot.supportedFilesystems = lib.mkForce [
+      "vfat"
+      "btrfs"
+    ];
+    system.disableInstallerTools = lib.mkDefault true;
+    programs.nano.enable = lib.mkDefault false;
+    security.sudo.enable = lib.mkDefault false;
+
+    # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/minimal.nix
+    documentation = {
+      enable = lib.mkDefault false;
+      doc.enable = lib.mkDefault false;
+      info.enable = lib.mkDefault false;
+      man.enable = lib.mkDefault false;
+      nixos.enable = lib.mkDefault false;
+    };
+
+    environment = {
+      # Perl is a default package.
+      defaultPackages = lib.mkDefault [ ];
+      stub-ld.enable = lib.mkDefault false;
+    };
+
+    programs = {
+      command-not-found.enable = lib.mkDefault false;
+      fish.generateCompletions = lib.mkDefault false;
+    };
+
+    services = {
+      logrotate.enable = lib.mkDefault false;
+      udisks2.enable = lib.mkDefault false;
+    };
+
+    xdg = {
+      autostart.enable = lib.mkDefault false;
+      icons.enable = lib.mkDefault false;
+      mime.enable = lib.mkDefault false;
+      sounds.enable = lib.mkDefault false;
+    };
+
+    # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/headless.nix
+    # Don't start a tty on the serial consoles.
+    systemd.services."serial-getty@ttyS0".enable = lib.mkDefault false;
+    systemd.services."serial-getty@hvc0".enable = false;
+    systemd.services."getty@tty1".enable = false;
+    systemd.services."autovt@".enable = false;
+
+    # Since we can't manually respond to a panic, just reboot.
+    boot.kernelParams = [
+      "panic=1"
+      "boot.panic_on_fail"
+      "vga=0x317"
+      "nomodeset"
+    ];
+
+    # Don't allow emergency mode, because we don't have a console.
+    systemd.enableEmergencyMode = false;
+
+    # Being headless, we don't need a GRUB splash image.
+    boot.loader.grub.splashImage = null;
+  };
+}

Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,6 @@ in`
`20`	`20`
`21`	`21`	`config = lib.mkMerge [`
`22`	`22`	`{`
`23`		`- boot.supportedFilesystems = [ "btrfs" ];`
`24`	`23`	`fileSystems = {`
`25`	`24`	`"/" = {`
`26`	`25`	`label = "ROOT";`