nix #11
64
curacao_usb/disko-desired.nix
Normal file
64
curacao_usb/disko-desired.nix
Normal file
|
@ -0,0 +1,64 @@
|
||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
pindakaas_sd = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
ESP = {
|
||||||
|
# Needs enough to store multiple kernel generations
|
||||||
|
size = "512M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
mountOptions = [
|
||||||
|
"defaults"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
luks = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "luks";
|
||||||
|
name = "pindakaas_sd";
|
||||||
|
#passwordFile = "/tmp/secret.key"; # Commented out so asked interactively
|
||||||
|
settings = {
|
||||||
|
# Not having SSDs die fast is more important than crypto
|
||||||
|
# nerds that could potentially discover which filesystem I
|
||||||
|
# use from TRIM patterns
|
||||||
|
allowDiscards = true;
|
||||||
|
};
|
||||||
|
content = {
|
||||||
|
type = "btrfs";
|
||||||
|
extraArgs = [ "-f" ];
|
||||||
|
subvolumes = {
|
||||||
|
"/nixos" = {
|
||||||
|
mountpoint = "/";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
"/home" = {
|
||||||
|
mountpoint = "/home";
|
||||||
|
mountOptions = [ "compress=zstd" "relatime" ];
|
||||||
|
};
|
||||||
|
"/nix" = {
|
||||||
|
mountpoint = "/nix";
|
||||||
|
mountOptions = [ "compress=zstd" "noatime" ];
|
||||||
|
};
|
||||||
|
# Maybe later
|
||||||
|
# "/swap" = {
|
||||||
|
# mountpoint = "/.swapvol";
|
||||||
|
# swap.swapfile.size = "20M";
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
38
curacao_usb/disko-hanging.nix
Normal file
38
curacao_usb/disko-hanging.nix
Normal file
|
@ -0,0 +1,38 @@
|
||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
vdb = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
ESP = {
|
||||||
|
size = "500M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
luks = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "luks";
|
||||||
|
name = "crypted";
|
||||||
|
settings.allowDiscards = true;
|
||||||
|
passwordFile = "/tmp/secret.key";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
32
curacao_usb/disko-working.nix
Normal file
32
curacao_usb/disko-working.nix
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
{
|
||||||
|
disko.devices = {
|
||||||
|
disk = {
|
||||||
|
vdb = {
|
||||||
|
type = "disk";
|
||||||
|
device = "/dev/disk/by-id/usb-Kingston_DataTraveler_3.0_E0D55EA57414F510489F0F1A-0:0";
|
||||||
|
content = {
|
||||||
|
type = "gpt";
|
||||||
|
partitions = {
|
||||||
|
ESP = {
|
||||||
|
size = "500M";
|
||||||
|
type = "EF00";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "vfat";
|
||||||
|
mountpoint = "/boot";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
root = {
|
||||||
|
size = "100%";
|
||||||
|
content = {
|
||||||
|
type = "filesystem";
|
||||||
|
format = "ext4";
|
||||||
|
mountpoint = "/";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
1
curacao_usb/disko.nix
Symbolic link
1
curacao_usb/disko.nix
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
disko-hanging.nix
|
30
curacao_usb/os.nix
Normal file
30
curacao_usb/os.nix
Normal file
|
@ -0,0 +1,30 @@
|
||||||
|
{ pkgs, config, ... }:
|
||||||
|
{
|
||||||
|
# This whole folder is DEBUG
|
||||||
|
imports = [
|
||||||
|
"${builtins.fetchTarball "https://github.com/nix-community/disko/archive/3cb78c93e6a02f494aaf6aeb37481c27a2e2ee22.tar.gz"}/module.nix"
|
||||||
|
./disko.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
networking.hostName = "curacao_usb";
|
||||||
|
|
||||||
|
boot = {
|
||||||
|
# nixos-hardware use latest kernel by default. It has been set a while ago, we maybe don't need it anymore?
|
||||||
|
kernelPackages = pkgs.linuxPackages;
|
||||||
|
|
||||||
|
# Pinebook supports UEFI, at least when tow-boot is installed on the SPI
|
||||||
|
loader = {
|
||||||
|
# EFI Variables don't work (no generation appears in systemd-boot)
|
||||||
|
efi.canTouchEfiVariables = false;
|
||||||
|
|
||||||
|
# systemd-boot crashes after booting, so GRUB it is
|
||||||
|
grub = {
|
||||||
|
enable = true;
|
||||||
|
efiSupport = true;
|
||||||
|
efiInstallAsRemovable = true;
|
||||||
|
device = "nodev";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
|
@ -61,34 +61,38 @@ then
|
||||||
echo "NixOS configuration not found."
|
echo "NixOS configuration not found."
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
mountpoint="/mnt/nixos"
|
||||||
|
nix_flakes_cmd="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
|
||||||
|
|
||||||
set -x
|
set -x
|
||||||
|
|
||||||
|
sudo mkdir -p "$mountpoint"
|
||||||
|
|
||||||
# Add channels to root user, as nixos-install uses those.
|
# Add channels to root user, as nixos-install uses those.
|
||||||
# Not great, but fixable with flakes I guess
|
# Not great, but fixable with flakes I guess
|
||||||
sudo ./add_channels.sh
|
sudo ./add_channels.sh
|
||||||
|
|
||||||
# Format or mount disk
|
# Format or mount disk
|
||||||
sudo nix --extra-experimental-features nix-command --extra-experimental-features flakes run github:nix-community/disko -- --mode "$disko_mode" "$disko_config"
|
sudo $nix_flakes_cmd run github:nix-community/disko -- --root-mountpoint "$mountpoint" --mode "$disko_mode" "$disko_config"
|
||||||
|
|
||||||
# Generate hardware-config.nix
|
# Generate hardware-config.nix
|
||||||
sudo nixos-generate-config --no-filesystems --root /mnt
|
sudo nixos-generate-config --no-filesystems --root "$mountpoint"
|
||||||
# --no-filesystems because they are imported via disko
|
# --no-filesystems because they are imported via disko
|
||||||
|
|
||||||
# Plug system configuration into this git repo
|
# Plug system configuration into this git repo
|
||||||
sudo mkdir -p /mnt/etc/nixos
|
sudo mkdir -p "${mountpoint}/etc/nixos"
|
||||||
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee /mnt/etc/nixos/configuration.nix > /dev/null
|
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee "${mountpoint}/etc/nixos/configuration.nix" > /dev/null
|
||||||
# Everything there should be covered by (and conflicts with) the repo anyways.
|
# Everything there should be covered by (and conflicts with) the repo anyways.
|
||||||
|
|
||||||
# Install NixOS! Or create a new generation.
|
# Install NixOS! Or create a new generation.
|
||||||
sudo nixos-install --no-root-password
|
sudo nixos-install --no-root-password --root "$mountpoint"
|
||||||
|
|
||||||
# Install dotfiles. Actually not needed by nixos-install since it doesn't rewrite global paths to /mnt.
|
# Install dotfiles. Actually not needed by nixos-install since it doesn't rewrite global paths to the mountpoint.
|
||||||
# Without it no nixos-rebuild from the system itself once installed though.
|
# Without it no nixos-rebuild from the system itself once installed though.
|
||||||
# Should probably be replaced with something like git-sync
|
# Should probably be replaced with something like git-sync
|
||||||
# sudo mkdir -p /mnt/home/geoffrey/.config/
|
# sudo mkdir -p $mountpoint/home/geoffrey/.config/
|
||||||
# sudo cp -a ../dotfiles /mnt/home/geoffrey/.config/
|
# sudo cp -a ../dotfiles $mountpoint/home/geoffrey/.config/
|
||||||
# sudo chown geoffrey:geoffrey /mnt/home/geoffrey -R
|
# sudo chown geoffrey:geoffrey $mountpoint/home/geoffrey -R
|
||||||
|
|
||||||
# Signal the installation is done!
|
# Signal the installation is done!
|
||||||
echo
|
echo
|
||||||
|
|
Loading…
Reference in a new issue