albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Test

Browse source
This commit is contained in:
iFargle 2023-09-22 13:23:50 +09:00
parent 49264b91bb
commit 35e0a6cc9e
4 changed files with 82 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
nixos/common/modules/bootloader.nix
View file

@ -1,9 +1,9 @@
{ config, pkgs, ... }: { { config, pkgs, ... }: {
# Bootloader # Bootloader
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.tmp.cleanOnBoot = true; boot.tmp.cleanOnBoot = true;
boot.initrd.systemd.enable = true; boot.initrd.systemd.enable = true;
boot.kernelParams = ["quiet"]; boot.kernelParams = ["quiet"];
# Plymouth splash screen # Plymouth splash screen
boot.plymouth.enable = true; boot.plymouth.enable = true;

6
nixos/common/modules/installer.nix
View file

@ -23,7 +23,7 @@ pushd "/tmp/nixos/git"
if [[ -z "$TARGET_HOST" ]]; then if [[ -z "$TARGET_HOST" ]]; then
echo "ERROR! $(basename "$0") requires a hostname as the first argument" echo "ERROR! $(basename "$0") requires a hostname as the first argument"
echo " The following hosts are available" echo " The following hosts are available"
ls -1 nixos/hosts/*/default.nix | cut -d'/' -f2 | grep -v iso ls -1 nixos/hosts/*/default.nix | cut -d'/' -f3 | grep -v -E "iso|rpi"
exit 1 exit 1
fi fi
@ -42,7 +42,8 @@ fi
# Check if the machine we're provisioning expects a keyfile to unlock a disk. # Check if the machine we're provisioning expects a keyfile to unlock a disk.
# If it does, generate a new key, and write to a known location. # If it does, generate a new key, and write to a known location.
if grep -q "secret.key" "nixos/$TARGET_HOST/disks.nix"; then if grep -q "secret.key" "nixos/$TARGET_HOST/disks.nix"; then
echo -n "$(head -c32 /dev/random | base64)" > /tmp/secret.key echo "Secret key not found. Create one at /tmp/secret.key"
exit 1
fi fi
echo "WARNING! The disks in $TARGET_HOST are about to get wiped" echo "WARNING! The disks in $TARGET_HOST are about to get wiped"
@ -79,5 +80,4 @@ fi
in in
{ {
config.environment.systemPackages = [ install-system ]; config.environment.systemPackages = [ install-system ];
config.services.kmscon.autologinUser = "${username}";
} }

72
nixos/hosts/nixos-framework/disks.nix
View file

@ -0,0 +1,72 @@
{
boot.loader.grub.device = "/dev/nvme0";
disko.devices = {
disk = {
nvme0 = {
device = "/dev/nvme0";
content = {
type = "table";
format = "gpt";
partitions = [
{
name = "BOOT";
start = "0%";
end = "550MiB";
bootable = true;
flags = [ "esp" ];
fs-type = "fat32";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
} # partition 1
{
name = "SWAP";
start = "550 MiB";
end = "120GiB";
content = {
type = "luks";
name = "LUKS-SWAP";
extraOpenArgs = [ "--allow-discards" ];
settings.keyFile = "";
content = {
type = "swap";
};
};
} # partition 2
{
name = "ROOT";
start = "120GiB";
end = "100%";
content = {
type = "luks";
name = "LUKS-ROOT";
extraOpenArgs = [ "--allow-discards" ];
settings.keyFile = "/tmp/secret.key";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/root" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
}; # root
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" "noatime" ];
}; # home
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
}; # nix
}; # subvolumes
}; # content.content
}; # content
} # partition 3
]; # partitions
}; # content
}; # sda
}; # disk
}; # disko.devices
} # root

2
nixos/hosts/nixos-vm-02/disks.nix
View file

@ -1,5 +1,7 @@
{ {
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.initrd.luks.devices = "/dev/sda2";
disko.devices = { disko.devices = {
disk = { disk = {
sda = { sda = {