-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Remove disk installation from install script
- Loading branch information
1 parent
24cbd5e
commit e6edc3f
Showing
1 changed file
with
18 additions
and
61 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,74 +1,31 @@ | ||
| #!/usr/bin/env nix-shell | ||
| #!nix-shell -i bash -p bash parted util-linux cryptsetup systemd kmod lvm2 coreutils | ||
| #!nix-shell -i bash -p bash util-linux coreutils nixos-install mkpasswd | ||
|
|
||
| # Set this to either the by-path/ or by-id/ path for the disk | ||
| disk=/dev/disk/by-path/pci-0000:00:0e.0-pci-10000:e1:00.0-nvme-1 | ||
|
|
||
| # Partition disk | ||
|
|
||
| parted $disk mklabel gpt | ||
| parted $disk mkpart efi 0% 500M | ||
| parted $disk set 1 esp on | ||
| parted $disk mkpart lvm 500M 100% | ||
|
|
||
| # Setup EFI partition | ||
|
|
||
| mkfs.vfat ${disk}-part1 -n efi | ||
|
|
||
| # Setup Encrypted LVM Partition | ||
|
|
||
| cryptsetup luksFormat ${disk}-part2 | ||
| cryptsetup luksOpen ${disk}-part2 main | ||
| cryptsetup config ${disk}p2 --label crypt-main | ||
| systemd-cryptenroll --tmp2-device=auto --tpm2-pcrs=0+7 /dev/disk/by-label/crypt-main | ||
|
|
||
| # Setup LVM | ||
|
|
||
| modprobe dm_thin_pool | ||
|
|
||
| pvcreate ${disk}-part2 | ||
| vgcreate main ${disk}-part2 | ||
|
|
||
| lvcreate -T -l 95%FREE main -n thin-main | ||
|
|
||
| lvcreate -V 1T --thinpool thin-main main -n nix | ||
| lvcreate -V 32G --thinpool thin-main main -n swap | ||
| lvcreate -V 1T --thinpool thin-main main -n persist | ||
| lvcreate -V 1T --thinpool thin-main main -n crypt-home-matthew | ||
|
|
||
| # Setup Encrypted Home Volume | ||
|
|
||
| cryptsetup luksFormat /dev/main/crypt-home-matthew | ||
| cryptsetup luksOpen /dev/main/crypt-home-matthew home-matthew | ||
| cryptsetup config /dev/main/crypt-home-matthew --label crypt-home-matthew | ||
|
|
||
| mkfs.btrfs /dev/mapper/home-matthew -L home-matthew | ||
|
|
||
| # Setup Persist file system | ||
| # Mount filesystems | ||
|
|
||
| mkfs.btrfs /dev/main/persist -L persist | ||
| mkdir -p /installroot | ||
| mount -t tmpfs none /installroot | ||
| mkdir -p /installroot/{boot,nix,mnt/{persist,home}} | ||
|
|
||
| # Setup Nix file system | ||
| mount /dev/disk/by-partlabel/disk-main-efi /installroot/boot | ||
| mount /dev/main/nix /installroot/nix | ||
| mount /dev/main/persist /installroot/mnt/persist | ||
|
|
||
| mkfs.btrfs /dev/main/nix -L nix | ||
| mkdir -p /installroot/mnt/home/matthew | ||
| mount /dev/mapper/home-matthew /installroot/mnt/home/matthew | ||
|
|
||
| # Mount filesystems | ||
| # Create password file directory | ||
|
|
||
| mkdir -p /mnt | ||
| mount -t tmpfs none /mnt | ||
| mkdir -p /mnt/{boot,nix,mnt/{persist,home}} | ||
| mkdir -p /installroot/mnt/persist/pwd | ||
|
|
||
| mount /dev/disk/by-label/efi /mnt/boot | ||
| mount /dev/disk/by-label/nix /mnt/nix | ||
| mount /dev/disk/by-label/persist /mnt/mnt/persist | ||
| mkpasswd -m sha-512 > /installroot/mnt/persist/pwd/matthew | ||
|
|
||
| mkdir -p /mnt/mnt/home/matthew | ||
| mount /dev/disk/by-label/home-matthew /mnt/mnt/home/matthew | ||
| # Copy this repo to the new installation | ||
|
|
||
| # Create password file directory | ||
| cp -r . /installroot/mnt/persist/$(basename $(pwd)) | ||
|
|
||
| mkdir -p /mnt/mnt/persist/pwd | ||
| # Install NixOS | ||
|
|
||
| # Copy this repo to the new installation | ||
| nixos-install --no-root-passwd --root /installroot --flake path:. | ||
|
|
||
| cp -r . /mnt/mnt/persist/ | ||
| nixos-enter --root /installroot -c 'chown matthew:users /mnt/home/matthew' |