diff --git a/bin/install-nixos.sh b/bin/install-nixos.sh index 49ce670..f4b1d0c 100755 --- a/bin/install-nixos.sh +++ b/bin/install-nixos.sh @@ -7,18 +7,20 @@ set -e # Configuration parameters ask_root_password=true # Prompt for a root user password flakeDir="." # Where the flake.nix file is stored -boot_drive="/dev/disk/by-uuid/whatever" # The drive to install the bootloader to -root_drive="/dev/disk/by-id/whatever" # The partition to install NixOS to +boot_drive="/dev/disk/by-uuid/B2D7-96C3" # The drive to install the bootloader to +luks_drive="/dev/nvme0n1p2" +root_drive="/dev/mapper/nixos-crypt" # The partition to install NixOS to if [ "$(id -u)" != "0" ]; then echo "This script must be run as root" 1>&2 exit 1 fi -cryptsetup --allow-discards --label=nixos-crypt --type=luks2 luksFormat $root_drive +# FIXME: Need to get the UUID from the newly-created LUKS partition, then use it going forward. +cryptsetup --label=nixos-crypt --type=luks2 luksFormat $root_drive cryptsetup luksOpen $root_drive nixos-crypt +mkfs.btrfs -L nixos $root_drive mount /dev/mapper/nixos-crypt /mnt -mkfs.btrfs -L nixos /mnt btrfs subvolume create /mnt/@ btrfs subvolume create /mnt/@home btrfs subvolume create /mnt/@log @@ -33,10 +35,6 @@ mount -o subvol=@home $root_drive /mnt/home mount -o subvol=@log $root_drive /mnt/var/log mount -o subvol=@nix $root_drive /mnt/nix mount -o subvol=@swap $root_drive /mnt/swap - -# Create swapfile -btrfs filesystem mkswapfile --size $(free -h --si | grep Mem: | awk '{print $2}') --uuid clear /mnt/swap/swapfile - echo "Disks partitioned and mounted to /mnt." # Generate hardware-configuration.nix @@ -46,7 +44,7 @@ echo "Configuration files generated and saved to /home/nixos." echo "Setup complete!" echo "To install, set up your system's configuration files under ./hosts/yourHost and add it to flake.nix." echo "Then, run the following command:" -echo "nixos-install --verbose --root /mnt --flake $flakeDir.#yourHost $( (( ask_root_password == false )) && echo "--no-root-password" )" +echo "nixos-install --verbose --root /mnt --flake $flakeDir#Khanda --max-jobs 1 --cores 10 $( (( ask_root_password == false )) && echo "--no-root-password" )" exit 0 diff --git a/hosts/Khanda/hardware-configuration.nix b/hosts/Khanda/hardware-configuration.nix index 18b92f3..35b40e3 100644 --- a/hosts/Khanda/hardware-configuration.nix +++ b/hosts/Khanda/hardware-configuration.nix @@ -6,6 +6,11 @@ modulesPath, ... }: +let + bootUUID = "B2D7-96C3"; # The UUID of the boot partition. + luksUUID = "f5ff391a-f2ef-4ac3-9ce8-9f5ed950b212"; # The UUID of the locked LUKS partition. + rootUUID = "fed155a3-04ae-47c0-996d-0398faaa6a17"; # The UUID of the unlocked filesystem partition. +in { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -42,9 +47,9 @@ "pinctrl_tigerlake" ]; - luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = { - device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1"; - crypttabExtraOpts = [ "tpm2-device=auto" ]; + luks.devices."luks-${luksUUID}" = { + device = "/dev/disk/by-uuid/${luksUUID}"; + crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking }; }; @@ -69,21 +74,19 @@ ]; }; - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58"; - fsType = "btrfs"; - options = [ "subvol=@,compress=zstd,nodiscard" ]; + # Configure the main filesystem. + aux.system.filesystem.btrfs = { + enable = true; + devices = { + boot = "/dev/disk/by-uuid/${bootUUID}"; + btrfs = "/dev/disk/by-uuid/${rootUUID}"; }; - - "/boot" = { - device = "/dev/disk/by-uuid/DD2A-9C83"; - fsType = "vfat"; + swapFile = { + enable = true; + size = 16384; }; }; - swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ]; - networking = { useDHCP = lib.mkDefault true; hostName = "Khanda"; @@ -106,5 +109,5 @@ environment.systemPackages = with pkgs; [ libwacom-surface ]; # NOTE: Use a default kernel to skip full kernel rebuilds - # boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest; }