Setup files for zippy.
This commit is contained in:
@@ -10,7 +10,7 @@ in
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
networking.hostName = "c1";
|
||||
networking.hostName = "zippy";
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
nix.settings.trusted-users = [ "root" "@wheel" ];
|
||||
@@ -20,11 +20,11 @@ in
|
||||
allowDiscards = true;
|
||||
bypassWorkqueues = true;
|
||||
keyFileSize = 4096;
|
||||
keyFile = "/dev/sda";
|
||||
keyFile = "/dev/sdb";
|
||||
};
|
||||
|
||||
swapDevices = pkgs.lib.mkForce [ {
|
||||
device = "/dev/disk/by-id/nvme-eui.002538b981b03d98-part2";
|
||||
device = "/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92-part2";
|
||||
randomEncryption.enable = true;
|
||||
}];
|
||||
|
||||
@@ -134,7 +134,7 @@ in
|
||||
};
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
enable = false;
|
||||
allowedTCPPorts = [ 22 ];
|
||||
allowedUDPPorts = [ ];
|
||||
};
|
||||
@@ -150,6 +150,6 @@ in
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "23.05"; # Did you read the comment?
|
||||
system.stateVersion = "24.05"; # Did you read the comment?
|
||||
}
|
||||
|
||||
|
||||
BIN
nixos-setup/keys/zippy.key
Normal file
BIN
nixos-setup/keys/zippy.key
Normal file
Binary file not shown.
56
nixos-setup/zippy-setup.sh
Executable file
56
nixos-setup/zippy-setup.sh
Executable file
@@ -0,0 +1,56 @@
|
||||
DISK=/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92
|
||||
KEY_DISK=/dev/disk/by-id/usb-Intenso_Micro_Line_22080777660702-0:0
|
||||
|
||||
parted "$DISK" -- mklabel gpt
|
||||
|
||||
parted -a optimal "$DISK" -- mkpart primary 512MiB -8GB
|
||||
udevadm trigger
|
||||
sleep 1
|
||||
cryptsetup -v --keyfile-size 4096 luksFormat "$DISK"-part1 $KEY_DISK
|
||||
cryptsetup open --key-file $KEY_DISK --keyfile-size 4096 "$DISK"-part1 luksroot
|
||||
mkfs.btrfs -f -L btrfs /dev/mapper/luksroot
|
||||
|
||||
parted -a optimal "$DISK" -- mkpart primary linux-swap -8GB 100%
|
||||
|
||||
parted -a optimal "$DISK" -- mkpart ESP fat32 1MB 512MiB
|
||||
parted "$DISK" -- set 3 esp on
|
||||
udevadm trigger
|
||||
sleep 1
|
||||
mkfs.vfat "$DISK"-part3
|
||||
|
||||
mount /dev/mapper/luksroot /mnt
|
||||
btrfs subvolume create /mnt/root
|
||||
btrfs subvolume create /mnt/nix
|
||||
btrfs subvolume create /mnt/persist
|
||||
btrfs subvolume create /mnt/log
|
||||
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank
|
||||
umount /mnt
|
||||
|
||||
mount -o subvol=root,compress=zstd,noatime /dev/mapper/luksroot /mnt
|
||||
|
||||
mkdir /mnt/nix
|
||||
mount -o subvol=nix,compress=zstd,noatime /dev/mapper/luksroot /mnt/nix
|
||||
|
||||
mkdir /mnt/persist
|
||||
mount -o subvol=persist,compress=zstd,noatime /dev/mapper/luksroot /mnt/persist
|
||||
|
||||
mkdir -p /mnt/var/log
|
||||
mount -o subvol=log,compress=zstd,noatime /dev/mapper/luksroot /mnt/var/log
|
||||
|
||||
mkdir /mnt/boot
|
||||
mount "$DISK"-part3 /mnt/boot
|
||||
|
||||
nixos-generate-config --root /mnt
|
||||
|
||||
# only enable here so that it doesn't get included in hardware-configuration.nix
|
||||
mkswap -L swap "$DISK"-part2
|
||||
swapon "$DISK"-part2
|
||||
|
||||
cp configuration.nix /mnt/etc/nixos
|
||||
|
||||
nixos-install
|
||||
|
||||
cp /mnt/etc/nixos/* /mnt/persist/etc/nixos
|
||||
|
||||
echo "done!"
|
||||
|
||||
Reference in New Issue
Block a user