nix #11

Manually merged
geoffrey merged 113 commits from nix into main 2023-12-09 21:43:01 +01:00
6 changed files with 178 additions and 9 deletions
Showing only changes of commit 29504dab6c - Show all commits

View file

@ -0,0 +1,64 @@
{
disko.devices = {
disk = {
pindakaas_sd = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
content = {
type = "gpt";
partitions = {
ESP = {
# Needs enough to store multiple kernel generations
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [
"defaults"
];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "pindakaas_sd";
#passwordFile = "/tmp/secret.key"; # Commented out so asked interactively
settings = {
# Not having SSDs die fast is more important than crypto
# nerds that could potentially discover which filesystem I
# use from TRIM patterns
allowDiscards = true;
};
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/nixos" = {
mountpoint = "/";
mountOptions = [ "compress=zstd" "noatime" ];
};
"/home" = {
mountpoint = "/home";
mountOptions = [ "compress=zstd" "relatime" ];
};
"/nix" = {
mountpoint = "/nix";
mountOptions = [ "compress=zstd" "noatime" ];
};
# Maybe later
# "/swap" = {
# mountpoint = "/.swapvol";
# swap.swapfile.size = "20M";
# };
};
};
};
};
};
};
};
};
}

View file

@ -0,0 +1,38 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
content = {
type = "gpt";
partitions = {
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
settings.allowDiscards = true;
passwordFile = "/tmp/secret.key";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
};
}

View file

@ -0,0 +1,32 @@
{
disko.devices = {
disk = {
vdb = {
type = "disk";
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
content = {
type = "gpt";
partitions = {
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

1
curacao_usb/disko.nix Symbolic link
View file

@ -0,0 +1 @@
disko-hanging.nix

30
curacao_usb/os.nix Normal file
View file

@ -0,0 +1,30 @@
{ pkgs, config, ... }:
{
# This whole folder is DEBUG
imports = [
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/3cb78c93e6a02f494aaf6aeb37481c27a2e2ee22.tar.gz"}/module.nix"
./disko.nix
];
nixpkgs.config.allowUnfree = true;
networking.hostName = "curacao_usb";
boot = {
# nixos-hardware use latest kernel by default. It has been set a while ago, we maybe don't need it anymore?
kernelPackages = pkgs.linuxPackages;
# Pinebook supports UEFI, at least when tow-boot is installed on the SPI
loader = {
# EFI Variables don't work (no generation appears in systemd-boot)
efi.canTouchEfiVariables = false;
# systemd-boot crashes after booting, so GRUB it is
grub = {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
device = "nodev";
};
};
};
}

View file

@ -61,34 +61,38 @@ then
echo "NixOS configuration not found."
fi
mountpoint="/mnt/nixos"
nix_flakes_cmd="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
set -x
sudo mkdir -p "$mountpoint"
# Add channels to root user, as nixos-install uses those.
# Not great, but fixable with flakes I guess
sudo ./add_channels.sh
# Format or mount disk
sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes run github:nix-community/disko -- --mode "$disko_mode" "$disko_config"
sudo $nix_flakes_cmd run github:nix-community/disko -- --root-mountpoint "$mountpoint" --mode "$disko_mode" "$disko_config"
# Generate hardware-config.nix
sudo nixos-generate-config --no-filesystems --root /mnt
sudo nixos-generate-config --no-filesystems --root "$mountpoint"
# --no-filesystems because they are imported via disko
# Plug system configuration into this git repo
sudo mkdir -p /mnt/etc/nixos
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee /mnt/etc/nixos/configuration.nix > /dev/null
sudo mkdir -p "${mountpoint}/etc/nixos"
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee "${mountpoint}/etc/nixos/configuration.nix" > /dev/null
# Everything there should be covered by (and conflicts with) the repo anyways.
# Install NixOS! Or create a new generation.
sudo nixos-install --no-root-password
sudo nixos-install --no-root-password --root "$mountpoint"
# Install dotfiles. Actually not needed by nixos-install since it doesn't rewrite global paths to /mnt.
# Install dotfiles. Actually not needed by nixos-install since it doesn't rewrite global paths to the mountpoint.
# Without it no nixos-rebuild from the system itself once installed though.
# Should probably be replaced with something like git-sync
# sudo mkdir -p /mnt/home/geoffrey/.config/
# sudo cp -a ../dotfiles /mnt/home/geoffrey/.config/
# sudo chown geoffrey:geoffrey /mnt/home/geoffrey -R
# sudo mkdir -p $mountpoint/home/geoffrey/.config/
# sudo cp -a ../dotfiles $mountpoint/home/geoffrey/.config/
# sudo chown geoffrey:geoffrey $mountpoint/home/geoffrey -R
# Signal the installation is done!
echo