albert/nix
albert/nix
1
0
Fork 0
Code Issues Pull requests Activity Actions

Test install script

Browse source
This commit is contained in:
iFargle 2023-09-22 08:06:56 +09:00
parent 1c78b09cde
commit c1074b651c
2 changed files with 90 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
nixos/users/albert/default.nix
View file

@ -3,7 +3,7 @@ let
ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups; ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in { in {
# Define a user account. # Define a user account.
imports = [ ] ++ lib.optional (builtins.isString desktop) ./desktop.nix; imports = [ ./installer.nix ] ++ lib.optional (builtins.isString desktop) ./desktop.nix;
users.mutableUsers = false; users.mutableUsers = false;
users.users.albert = { users.users.albert = {
isNormalUser = true; isNormalUser = true;

89
nixos/users/albert/installer.nix Normal file
View file

@ -0,0 +1,89 @@
{ config, desktop, lib, pkgs, username, ... }:
let
ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
install-system = pkgs.writeScriptBin "install-system" ''
#!${pkgs.stdenv.shell}
#set -euo pipefail
# check if we are running in a live CD environment.
if [ df -h | grep tmpfs | grep /$ ] ; then
echo "ERROR! Not in a live CD environment (/ is not tmpfs)."
exit 1
fi
TARGET_HOST="''${1:-}"
TARGET_USER="''${2:-albert}"
if [ "$(id -u)" -eq 0 ]; then
echo "ERROR! $(basename "$0") should be run as a regular user"
exit 1
fi
if [ ! -d "/tmp/nixos/git/.git" ]; then
git clone https://git.sysctl.io/albert/nix "/tmp/nixos/git"
fi
pushd "/tmp/nixos/git"
if [[ -z "$TARGET_HOST" ]]; then
echo "ERROR! $(basename "$0") requires a hostname as the first argument"
echo " The following hosts are available"
ls -1 nixos/hosts/*/default.nix | cut -d'/' -f2 | grep -v iso
exit 1
fi
if [[ -z "$TARGET_USER" ]]; then
echo "ERROR! $(basename "$0") requires a username as the second argument"
echo " The following users are available"
ls -1 nixos/users/ | grep -v -E "nixos|root"
exit 1
fi
if [ ! -e "nixos/hosts/$TARGET_HOST/disks.nix" ]; then
echo "ERROR! $(basename "$0") could not find the required nixos/$TARGET_HOST/disks.nix"
exit 1
fi
# Check if the machine we're provisioning expects a keyfile to unlock a disk.
# If it does, generate a new key, and write to a known location.
if grep -q "secret.key" "nixos/$TARGET_HOST/disks.nix"; then
echo -n "$(head -c32 /dev/random | base64)" > /tmp/secret.key
fi
echo "WARNING! The disks in $TARGET_HOST are about to get wiped"
echo " NixOS will be re-installed"
echo " This is a destructive operation"
echo
read -p "Are you sure? [y/N]" -n 1 -r
echo
if [[ $REPLY =~ ^[Yy]$ ]]; then
sudo true
sudo nix run github:nix-community/disko \
--extra-experimental-features "nix-command flakes" \
--no-write-lock-file \
-- \
--mode zap_create_mount \
"nixos/hosts/$TARGET_HOST/disks.nix"
sudo nixos-install --no-root-password --flake ".#$TARGET_HOST"
# Rsync nix-config to the target install.
rsync -a --delete "/tmp/nixos/git/" "/mnt/etc/nixos/git/"
pushd "/mnt/etc/nixos/git/"
popd
# If there is a keyfile for a data disk, put copy it to the root partition and
# ensure the permissions are set appropriately.
if [[ -f "/tmp/secret.key" ]]; then
sudo cp /tmp/secret.key /mnt/etc/secret.key
sudo chmod 0400 /mnt/etc/secret.key
fi
fi
'';
in
{
config.environment.systemPackages = [ install-system ];
config.services.kmscon.autologinUser = "${username}";
}