ppetru/alo-cluster
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Setup files for zippy.

Browse Source
This commit is contained in:
Petru
2024-07-25 11:36:17 +01:00
parent 473e93b4bb
commit 79b53ebba0
3 changed files with 61 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
nixos-setup/configuration.nix
View File

@@ -10,7 +10,7 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
networking.hostName = "c1"; networking.hostName = "zippy";
nix.settings.experimental-features = [ "nix-command" "flakes" ]; nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.settings.trusted-users = [ "root" "@wheel" ]; nix.settings.trusted-users = [ "root" "@wheel" ];
@@ -20,11 +20,11 @@ in
allowDiscards = true; allowDiscards = true;
bypassWorkqueues = true; bypassWorkqueues = true;
keyFileSize = 4096; keyFileSize = 4096;
keyFile = "/dev/sda"; keyFile = "/dev/sdb";
}; };
swapDevices = pkgs.lib.mkForce [ { swapDevices = pkgs.lib.mkForce [ {
device = "/dev/disk/by-id/nvme-eui.002538b981b03d98-part2"; device = "/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92-part2";
randomEncryption.enable = true; randomEncryption.enable = true;
}]; }];
@@ -134,7 +134,7 @@ in
}; };
networking.firewall = { networking.firewall = {
enable = true; enable = false;
allowedTCPPorts = [ 22 ]; allowedTCPPorts = [ 22 ];
allowedUDPPorts = [ ]; allowedUDPPorts = [ ];
}; };
@@ -150,6 +150,6 @@ in
# this value at the release version of the first install of this system. # this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option # Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment? system.stateVersion = "24.05"; # Did you read the comment?
} }

BIN
nixos-setup/keys/zippy.key Normal file
View File

Binary file not shown.

56
nixos-setup/zippy-setup.sh Executable file
View File

@@ -0,0 +1,56 @@
DISK=/dev/disk/by-id/ata-KINGSTON_SKC600MS1024G_50026B7785AE0A92
KEY_DISK=/dev/disk/by-id/usb-Intenso_Micro_Line_22080777660702-0:0
parted "$DISK" -- mklabel gpt
parted -a optimal "$DISK" -- mkpart primary 512MiB -8GB
udevadm trigger
sleep 1
cryptsetup -v --keyfile-size 4096 luksFormat "$DISK"-part1 $KEY_DISK
cryptsetup open --key-file $KEY_DISK --keyfile-size 4096 "$DISK"-part1 luksroot
mkfs.btrfs -f -L btrfs /dev/mapper/luksroot
parted -a optimal "$DISK" -- mkpart primary linux-swap -8GB 100%
parted -a optimal "$DISK" -- mkpart ESP fat32 1MB 512MiB
parted "$DISK" -- set 3 esp on
udevadm trigger
sleep 1
mkfs.vfat "$DISK"-part3
mount /dev/mapper/luksroot /mnt
btrfs subvolume create /mnt/root
btrfs subvolume create /mnt/nix
btrfs subvolume create /mnt/persist
btrfs subvolume create /mnt/log
btrfs subvolume snapshot -r /mnt/root /mnt/root-blank
umount /mnt
mount -o subvol=root,compress=zstd,noatime /dev/mapper/luksroot /mnt
mkdir /mnt/nix
mount -o subvol=nix,compress=zstd,noatime /dev/mapper/luksroot /mnt/nix
mkdir /mnt/persist
mount -o subvol=persist,compress=zstd,noatime /dev/mapper/luksroot /mnt/persist
mkdir -p /mnt/var/log
mount -o subvol=log,compress=zstd,noatime /dev/mapper/luksroot /mnt/var/log
mkdir /mnt/boot
mount "$DISK"-part3 /mnt/boot
nixos-generate-config --root /mnt
# only enable here so that it doesn't get included in hardware-configuration.nix
mkswap -L swap "$DISK"-part2
swapon "$DISK"-part2
cp configuration.nix /mnt/etc/nixos
nixos-install
cp /mnt/etc/nixos/* /mnt/persist/etc/nixos
echo "done!"