dotfiles/install_os.sh

126 lines
3.1 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/usr/bin/env nix-shell
#! nix-shell -i bash
#! nix-shell -p bash nixos-install-tools
echo FIXME Not flakes ready
exit 1
set -euo pipefail
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# Parse arguments
function help {
echo "Usage: $0 [-h|-e] profile"
echo "Install NixOS on a device."
echo
echo "Arguments:"
echo " profile: OS/disk profile to use"
echo
echo "Options:"
echo " -h: Display this help message."
echo " -e: Erase the disk. For cases where the partition scheme doesn't match the existing one."
}
disko_mode=mount
while getopts "he" OPTION
do
case "$OPTION" in
h)
help
exit 0
;;
e)
disko_mode=disko
;;
?)
help
exit 2
;;
esac
done
shift "$(($OPTIND -1))"
if [ "$#" -ne 1 ]
then
help
exit 2
fi
profile="$1"
profile_dir="${SCRIPT_DIR}/${profile}"
if [ ! -d "$profile_dir" ]
then
echo "Profile not found."
fi
disko_config="${profile_dir}/dk.nix"
if [ ! -f "$disko_config" ]
then
echo "Disk configuration not found."
fi
nixos_config="${profile_dir}/os.nix"
if [ ! -f "$nixos_config" ]
then
echo "NixOS configuration not found."
fi
mountpoint="/mnt/nixos"
nix_flakes_cmd="nix --extra-experimental-features nix-command --extra-experimental-features flakes"
luks_pass_path="luks/$(basename ${profile})"
set -x
sudo mkdir -p "$mountpoint"
# Add channels to root user, as nixos-install uses those.
# Not great, but fixable with flakes I guess
sudo ./add_channels.sh
# Load encryption password
luks_pass_file="$(mktemp --suffix="luks_password")"
pass $luks_pass_path | head -n1 | tr -d '\n' > $luks_pass_file
# Format or mount disk
sudo $nix_flakes_cmd run github:nix-community/disko -- --root-mountpoint "$mountpoint" --mode "$disko_mode" --argstr passwordFile "$luks_pass_file" "$disko_config"
# Unload encryption password
rm "$luks_pass_file"
# Generate hardware-config.nix
sudo nixos-generate-config --no-filesystems --root "$mountpoint"
# --no-filesystems because they are imported via disko
# Plug system configuration into this git repo
sudo mkdir -p "${mountpoint}/etc/nixos"
echo "{ ... }: { imports = [ ./hardware-configuration.nix ${nixos_config} ]; }" | sudo tee "${mountpoint}/etc/nixos/configuration.nix" > /dev/null
# EXAMPLE
# {
# description = "curacao system config";
#
# inputs.dotfiles.url = "git+file:/home/geoffrey/.config/gdotfiles";
#
# outputs = { self, dotfiles, ... }:
# {
# nixosConfigurations.curacao = dotfiles.nixosConfigurations.curacao.extendModules {
# modules = [ ./hardware-configuration.nix ];
# };
# };
# }
# Everything there should be covered by (and conflicts with) the repo anyways.
# Install NixOS! Or create a new generation.
sudo nixos-install --no-root-password --root "$mountpoint"
set +x
# Signal the installation is done!
echo 
echo "Manual post-installation instructions:"
echo "- Boot into the system"
echo "- Transfer necessary private keys (or use ssh -A for testing)"
echo "- Run git-sync-init"
echo "- Check that the system can build itself"
echo "- Change root and user password"