Khanda: Finalize new config
This commit is contained in:
parent
22e2e4d8d2
commit
ad94f7f0fd
|
@ -7,18 +7,20 @@ set -e
|
||||||
# Configuration parameters
|
# Configuration parameters
|
||||||
ask_root_password=true # Prompt for a root user password
|
ask_root_password=true # Prompt for a root user password
|
||||||
flakeDir="." # Where the flake.nix file is stored
|
flakeDir="." # Where the flake.nix file is stored
|
||||||
boot_drive="/dev/disk/by-uuid/whatever" # The drive to install the bootloader to
|
boot_drive="/dev/disk/by-uuid/B2D7-96C3" # The drive to install the bootloader to
|
||||||
root_drive="/dev/disk/by-id/whatever" # The partition to install NixOS to
|
luks_drive="/dev/nvme0n1p2"
|
||||||
|
root_drive="/dev/mapper/nixos-crypt" # The partition to install NixOS to
|
||||||
|
|
||||||
if [ "$(id -u)" != "0" ]; then
|
if [ "$(id -u)" != "0" ]; then
|
||||||
echo "This script must be run as root" 1>&2
|
echo "This script must be run as root" 1>&2
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
cryptsetup --allow-discards --label=nixos-crypt --type=luks2 luksFormat $root_drive
|
# FIXME: Need to get the UUID from the newly-created LUKS partition, then use it going forward.
|
||||||
|
cryptsetup --label=nixos-crypt --type=luks2 luksFormat $root_drive
|
||||||
cryptsetup luksOpen $root_drive nixos-crypt
|
cryptsetup luksOpen $root_drive nixos-crypt
|
||||||
|
mkfs.btrfs -L nixos $root_drive
|
||||||
mount /dev/mapper/nixos-crypt /mnt
|
mount /dev/mapper/nixos-crypt /mnt
|
||||||
mkfs.btrfs -L nixos /mnt
|
|
||||||
btrfs subvolume create /mnt/@
|
btrfs subvolume create /mnt/@
|
||||||
btrfs subvolume create /mnt/@home
|
btrfs subvolume create /mnt/@home
|
||||||
btrfs subvolume create /mnt/@log
|
btrfs subvolume create /mnt/@log
|
||||||
|
@ -33,10 +35,6 @@ mount -o subvol=@home $root_drive /mnt/home
|
||||||
mount -o subvol=@log $root_drive /mnt/var/log
|
mount -o subvol=@log $root_drive /mnt/var/log
|
||||||
mount -o subvol=@nix $root_drive /mnt/nix
|
mount -o subvol=@nix $root_drive /mnt/nix
|
||||||
mount -o subvol=@swap $root_drive /mnt/swap
|
mount -o subvol=@swap $root_drive /mnt/swap
|
||||||
|
|
||||||
# Create swapfile
|
|
||||||
btrfs filesystem mkswapfile --size $(free -h --si | grep Mem: | awk '{print $2}') --uuid clear /mnt/swap/swapfile
|
|
||||||
|
|
||||||
echo "Disks partitioned and mounted to /mnt."
|
echo "Disks partitioned and mounted to /mnt."
|
||||||
|
|
||||||
# Generate hardware-configuration.nix
|
# Generate hardware-configuration.nix
|
||||||
|
@ -46,7 +44,7 @@ echo "Configuration files generated and saved to /home/nixos."
|
||||||
echo "Setup complete!"
|
echo "Setup complete!"
|
||||||
echo "To install, set up your system's configuration files under ./hosts/yourHost and add it to flake.nix."
|
echo "To install, set up your system's configuration files under ./hosts/yourHost and add it to flake.nix."
|
||||||
echo "Then, run the following command:"
|
echo "Then, run the following command:"
|
||||||
echo "nixos-install --verbose --root /mnt --flake $flakeDir.#yourHost $( (( ask_root_password == false )) && echo "--no-root-password" )"
|
echo "nixos-install --verbose --root /mnt --flake $flakeDir#Khanda --max-jobs 1 --cores 10 $( (( ask_root_password == false )) && echo "--no-root-password" )"
|
||||||
|
|
||||||
exit 0
|
exit 0
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,11 @@
|
||||||
modulesPath,
|
modulesPath,
|
||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
|
let
|
||||||
|
bootUUID = "B2D7-96C3"; # The UUID of the boot partition.
|
||||||
|
luksUUID = "f5ff391a-f2ef-4ac3-9ce8-9f5ed950b212"; # The UUID of the locked LUKS partition.
|
||||||
|
rootUUID = "fed155a3-04ae-47c0-996d-0398faaa6a17"; # The UUID of the unlocked filesystem partition.
|
||||||
|
in
|
||||||
{
|
{
|
||||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||||
|
|
||||||
|
@ -42,9 +47,9 @@
|
||||||
"pinctrl_tigerlake"
|
"pinctrl_tigerlake"
|
||||||
];
|
];
|
||||||
|
|
||||||
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
|
luks.devices."luks-${luksUUID}" = {
|
||||||
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
|
device = "/dev/disk/by-uuid/${luksUUID}";
|
||||||
crypttabExtraOpts = [ "tpm2-device=auto" ];
|
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -69,21 +74,19 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
# Configure the main filesystem.
|
||||||
"/" = {
|
aux.system.filesystem.btrfs = {
|
||||||
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
|
enable = true;
|
||||||
fsType = "btrfs";
|
devices = {
|
||||||
options = [ "subvol=@,compress=zstd,nodiscard" ];
|
boot = "/dev/disk/by-uuid/${bootUUID}";
|
||||||
|
btrfs = "/dev/disk/by-uuid/${rootUUID}";
|
||||||
};
|
};
|
||||||
|
swapFile = {
|
||||||
"/boot" = {
|
enable = true;
|
||||||
device = "/dev/disk/by-uuid/DD2A-9C83";
|
size = 16384;
|
||||||
fsType = "vfat";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
|
|
||||||
|
|
||||||
networking = {
|
networking = {
|
||||||
useDHCP = lib.mkDefault true;
|
useDHCP = lib.mkDefault true;
|
||||||
hostName = "Khanda";
|
hostName = "Khanda";
|
||||||
|
@ -106,5 +109,5 @@
|
||||||
environment.systemPackages = with pkgs; [ libwacom-surface ];
|
environment.systemPackages = with pkgs; [ libwacom-surface ];
|
||||||
|
|
||||||
# NOTE: Use a default kernel to skip full kernel rebuilds
|
# NOTE: Use a default kernel to skip full kernel rebuilds
|
||||||
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue