diff --git a/nixos-setup/configuration.nix b/nixos-setup/configuration.nix index ee93662..a6602cc 100644 --- a/nixos-setup/configuration.nix +++ b/nixos-setup/configuration.nix @@ -10,7 +10,7 @@ in ./hardware-configuration.nix ]; - networking.hostName = "c1"; + networking.hostName = "zippy"; nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.trusted-users = [ "root" "@wheel" ]; @@ -20,11 +20,11 @@ in allowDiscards = true; bypassWorkqueues = true; keyFileSize = 4096; - keyFile = "/dev/sda"; + keyFile = "/dev/sdb"; }; swapDevices = pkgs.lib.mkForce [ { - device = "/dev/disk/by-id/nvme-eui.002538b981b03d98-part2"; + device = "/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92-part2"; randomEncryption.enable = true; }]; @@ -134,7 +134,7 @@ in }; networking.firewall = { - enable = true; + enable = false; allowedTCPPorts = [ 22 ]; allowedUDPPorts = [ ]; }; @@ -150,6 +150,6 @@ in # this value at the release version of the first install of this system. # Before changing this value read the documentation for this option # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + system.stateVersion = "24.05"; # Did you read the comment? } diff --git a/nixos-setup/keys/zippy.key b/nixos-setup/keys/zippy.key new file mode 100644 index 0000000..ec0095c Binary files /dev/null and b/nixos-setup/keys/zippy.key differ diff --git a/nixos-setup/zippy-setup.sh b/nixos-setup/zippy-setup.sh new file mode 100755 index 0000000..01d17da --- /dev/null +++ b/nixos-setup/zippy-setup.sh @@ -0,0 +1,56 @@ +DISK=/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92 +KEY_DISK=/dev/disk/by-id/usb-Intenso_Micro_Line_22080777660702-0:0 + +parted "$DISK" -- mklabel gpt + +parted -a optimal "$DISK" -- mkpart primary 512MiB -8GB +udevadm trigger +sleep 1 +cryptsetup -v --keyfile-size 4096 luksFormat "$DISK"-part1 $KEY_DISK +cryptsetup open --key-file $KEY_DISK --keyfile-size 4096 "$DISK"-part1 luksroot +mkfs.btrfs -f -L btrfs /dev/mapper/luksroot + +parted -a optimal "$DISK" -- mkpart primary linux-swap -8GB 100% + +parted -a optimal "$DISK" -- mkpart ESP fat32 1MB 512MiB +parted "$DISK" -- set 3 esp on +udevadm trigger +sleep 1 +mkfs.vfat "$DISK"-part3 + +mount /dev/mapper/luksroot /mnt +btrfs subvolume create /mnt/root +btrfs subvolume create /mnt/nix +btrfs subvolume create /mnt/persist +btrfs subvolume create /mnt/log +btrfs subvolume snapshot -r /mnt/root /mnt/root-blank +umount /mnt + +mount -o subvol=root,compress=zstd,noatime /dev/mapper/luksroot /mnt + +mkdir /mnt/nix +mount -o subvol=nix,compress=zstd,noatime /dev/mapper/luksroot /mnt/nix + +mkdir /mnt/persist +mount -o subvol=persist,compress=zstd,noatime /dev/mapper/luksroot /mnt/persist + +mkdir -p /mnt/var/log +mount -o subvol=log,compress=zstd,noatime /dev/mapper/luksroot /mnt/var/log + +mkdir /mnt/boot +mount "$DISK"-part3 /mnt/boot + +nixos-generate-config --root /mnt + +# only enable here so that it doesn't get included in hardware-configuration.nix +mkswap -L swap "$DISK"-part2 +swapon "$DISK"-part2 + +cp configuration.nix /mnt/etc/nixos + +nixos-install + +cp /mnt/etc/nixos/* /mnt/persist/etc/nixos + +echo "done!" +