Test
This commit is contained in:
parent
49264b91bb
commit
35e0a6cc9e
4 changed files with 82 additions and 8 deletions
|
@ -23,7 +23,7 @@ pushd "/tmp/nixos/git"
|
|||
if [[ -z "$TARGET_HOST" ]]; then
|
||||
echo "ERROR! $(basename "$0") requires a hostname as the first argument"
|
||||
echo " The following hosts are available"
|
||||
ls -1 nixos/hosts/*/default.nix | cut -d'/' -f2 | grep -v iso
|
||||
ls -1 nixos/hosts/*/default.nix | cut -d'/' -f3 | grep -v -E "iso|rpi"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -42,7 +42,8 @@ fi
|
|||
# Check if the machine we're provisioning expects a keyfile to unlock a disk.
|
||||
# If it does, generate a new key, and write to a known location.
|
||||
if grep -q "secret.key" "nixos/$TARGET_HOST/disks.nix"; then
|
||||
echo -n "$(head -c32 /dev/random | base64)" > /tmp/secret.key
|
||||
echo "Secret key not found. Create one at /tmp/secret.key"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "WARNING! The disks in $TARGET_HOST are about to get wiped"
|
||||
|
@ -79,5 +80,4 @@ fi
|
|||
in
|
||||
{
|
||||
config.environment.systemPackages = [ install-system ];
|
||||
config.services.kmscon.autologinUser = "${username}";
|
||||
}
|
|
@ -0,0 +1,72 @@
|
|||
{
|
||||
boot.loader.grub.device = "/dev/nvme0";
|
||||
disko.devices = {
|
||||
disk = {
|
||||
nvme0 = {
|
||||
device = "/dev/nvme0";
|
||||
content = {
|
||||
type = "table";
|
||||
format = "gpt";
|
||||
partitions = [
|
||||
{
|
||||
name = "BOOT";
|
||||
start = "0%";
|
||||
end = "550MiB";
|
||||
bootable = true;
|
||||
flags = [ "esp" ];
|
||||
fs-type = "fat32";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
} # partition 1
|
||||
{
|
||||
name = "SWAP";
|
||||
start = "550 MiB";
|
||||
end = "120GiB";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "LUKS-SWAP";
|
||||
extraOpenArgs = [ "--allow-discards" ];
|
||||
settings.keyFile = "";
|
||||
content = {
|
||||
type = "swap";
|
||||
};
|
||||
};
|
||||
} # partition 2
|
||||
{
|
||||
name = "ROOT";
|
||||
start = "120GiB";
|
||||
end = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "LUKS-ROOT";
|
||||
extraOpenArgs = [ "--allow-discards" ];
|
||||
settings.keyFile = "/tmp/secret.key";
|
||||
content = {
|
||||
type = "btrfs";
|
||||
extraArgs = [ "-f" ];
|
||||
subvolumes = {
|
||||
"/root" = {
|
||||
mountpoint = "/";
|
||||
mountOptions = [ "compress=zstd" "noatime" ];
|
||||
}; # root
|
||||
"/home" = {
|
||||
mountpoint = "/home";
|
||||
mountOptions = [ "compress=zstd" "noatime" ];
|
||||
}; # home
|
||||
"/nix" = {
|
||||
mountpoint = "/nix";
|
||||
mountOptions = [ "compress=zstd" "noatime" ];
|
||||
}; # nix
|
||||
}; # subvolumes
|
||||
}; # content.content
|
||||
}; # content
|
||||
} # partition 3
|
||||
]; # partitions
|
||||
}; # content
|
||||
}; # sda
|
||||
}; # disk
|
||||
}; # disko.devices
|
||||
} # root
|
|
@ -1,5 +1,7 @@
|
|||
{
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.initrd.luks.devices = "/dev/sda2";
|
||||
|
||||
disko.devices = {
|
||||
disk = {
|
||||
sda = {
|
||||
|
|
Loading…
Reference in a new issue