126 lines
3.1 KiB
Bash
Executable file
126 lines
3.1 KiB
Bash
Executable file
#!/usr/bin/env nix-shell
|
||
#! nix-shell -i bash
|
||
#! nix-shell -p bash nixos-install-tools
|
||
|
||
echo FIXME Not flakes ready
|
||
exit 1
|
||
|
||
set -euo pipefail
|
||
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
|
||
|
||
# Parse arguments
|
||
function help {
|
||
echo "Usage: $0 [-h|-e] profile"
|
||
echo "Install NixOS on a device."
|
||
echo
|
||
echo "Arguments:"
|
||
echo " profile: OS/disk profile to use"
|
||
echo
|
||
echo "Options:"
|
||
echo " -h: Display this help message."
|
||
echo " -e: Erase the disk. For cases where the partition scheme doesn't match the existing one."
|
||
}
|
||
|
||
disko_mode=mount
|
||
while getopts "he" OPTION
|
||
do
|
||
case "$OPTION" in
|
||
h)
|
||
help
|
||
exit 0
|
||
;;
|
||
e)
|
||
disko_mode=disko
|
||
;;
|
||
?)
|
||
help
|
||
exit 2
|
||
;;
|
||
esac
|
||
done
|
||
shift "$(($OPTIND -1))"
|
||
|
||
if [ "$#" -ne 1 ]
|
||
then
|
||
help
|
||
exit 2
|
||
fi
|
||
profile="$1"
|
||
|
||
profile_dir="${SCRIPT_DIR}/${profile}"
|
||
if [ ! -d "$profile_dir" ]
|
||
then
|
||
echo "Profile not found."
|
||
fi
|
||
|
||
disko_config="${profile_dir}/dk.nix"
|
||
if [ ! -f "$disko_config" ]
|
||
then
|
||
echo "Disk configuration not found."
|
||
fi
|
||
|
||
nixos_config="${profile_dir}/os.nix"
|
||
if [ ! -f "$nixos_config" ]
|
||
then
|
||
echo "NixOS configuration not found."
|
||
fi
|
||
|
||
mountpoint="/mnt/nixos"
|
||
nix_flakes_cmd="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
|
||
luks_pass_path="luks/$(basename ${profile})"
|
||
|
||
set -x
|
||
|
||
sudo mkdir -p "$mountpoint"
|
||
|
||
# Add channels to root user, as nixos-install uses those.
|
||
# Not great, but fixable with flakes I guess
|
||
sudo ./add_channels.sh
|
||
|
||
# Load encryption password
|
||
luks_pass_file="$(mktemp --suffix="luks_password")"
|
||
pass $luks_pass_path | head -n1 | tr -d '\n' > $luks_pass_file
|
||
|
||
# Format or mount disk
|
||
sudo $nix_flakes_cmd run github:nix-community/disko -- --root-mountpoint "$mountpoint" --mode "$disko_mode" --argstr passwordFile "$luks_pass_file" "$disko_config"
|
||
|
||
# Unload encryption password
|
||
rm "$luks_pass_file"
|
||
|
||
# Generate hardware-config.nix
|
||
sudo nixos-generate-config --no-filesystems --root "$mountpoint"
|
||
# --no-filesystems because they are imported via disko
|
||
|
||
# Plug system configuration into this git repo
|
||
sudo mkdir -p "${mountpoint}/etc/nixos"
|
||
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee "${mountpoint}/etc/nixos/configuration.nix" > /dev/null
|
||
# EXAMPLE
|
||
# {
|
||
# description = "curacao system config";
|
||
#
|
||
# inputs.dotfiles.url = "git+file:/home/geoffrey/.config/gdotfiles";
|
||
#
|
||
# outputs = { self, dotfiles, ... }:
|
||
# {
|
||
# nixosConfigurations.curacao = dotfiles.nixosConfigurations.curacao.extendModules {
|
||
# modules = [ ./hardware-configuration.nix ];
|
||
# };
|
||
# };
|
||
# }
|
||
# Everything there should be covered by (and conflicts with) the repo anyways.
|
||
|
||
# Install NixOS! Or create a new generation.
|
||
sudo nixos-install --no-root-password --root "$mountpoint"
|
||
|
||
set +x
|
||
|
||
# Signal the installation is done!
|
||
echo
|
||
|
||
echo "Manual post-installation instructions:"
|
||
echo "- Boot into the system"
|
||
echo "- Transfer necessary private keys (or use ssh -A for testing)"
|
||
echo "- Run git-sync-init"
|
||
echo "- Check that the system can build itself"
|
||
echo "- Change root and user password"
|