Khanda: Finalize new config
This commit is contained in:
parent
22e2e4d8d2
commit
ad94f7f0fd
|
@ -7,18 +7,20 @@ set -e
|
|||
# Configuration parameters
|
||||
ask_root_password=true # Prompt for a root user password
|
||||
flakeDir="." # Where the flake.nix file is stored
|
||||
boot_drive="/dev/disk/by-uuid/whatever" # The drive to install the bootloader to
|
||||
root_drive="/dev/disk/by-id/whatever" # The partition to install NixOS to
|
||||
boot_drive="/dev/disk/by-uuid/B2D7-96C3" # The drive to install the bootloader to
|
||||
luks_drive="/dev/nvme0n1p2"
|
||||
root_drive="/dev/mapper/nixos-crypt" # The partition to install NixOS to
|
||||
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
echo "This script must be run as root" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cryptsetup --allow-discards --label=nixos-crypt --type=luks2 luksFormat $root_drive
|
||||
# FIXME: Need to get the UUID from the newly-created LUKS partition, then use it going forward.
|
||||
cryptsetup --label=nixos-crypt --type=luks2 luksFormat $root_drive
|
||||
cryptsetup luksOpen $root_drive nixos-crypt
|
||||
mkfs.btrfs -L nixos $root_drive
|
||||
mount /dev/mapper/nixos-crypt /mnt
|
||||
mkfs.btrfs -L nixos /mnt
|
||||
btrfs subvolume create /mnt/@
|
||||
btrfs subvolume create /mnt/@home
|
||||
btrfs subvolume create /mnt/@log
|
||||
|
@ -33,10 +35,6 @@ mount -o subvol=@home $root_drive /mnt/home
|
|||
mount -o subvol=@log $root_drive /mnt/var/log
|
||||
mount -o subvol=@nix $root_drive /mnt/nix
|
||||
mount -o subvol=@swap $root_drive /mnt/swap
|
||||
|
||||
# Create swapfile
|
||||
btrfs filesystem mkswapfile --size $(free -h --si | grep Mem: | awk '{print $2}') --uuid clear /mnt/swap/swapfile
|
||||
|
||||
echo "Disks partitioned and mounted to /mnt."
|
||||
|
||||
# Generate hardware-configuration.nix
|
||||
|
@ -46,7 +44,7 @@ echo "Configuration files generated and saved to /home/nixos."
|
|||
echo "Setup complete!"
|
||||
echo "To install, set up your system's configuration files under ./hosts/yourHost and add it to flake.nix."
|
||||
echo "Then, run the following command:"
|
||||
echo "nixos-install --verbose --root /mnt --flake $flakeDir.#yourHost $( (( ask_root_password == false )) && echo "--no-root-password" )"
|
||||
echo "nixos-install --verbose --root /mnt --flake $flakeDir#Khanda --max-jobs 1 --cores 10 $( (( ask_root_password == false )) && echo "--no-root-password" )"
|
||||
|
||||
exit 0
|
||||
|
||||
|
|
|
@ -6,6 +6,11 @@
|
|||
modulesPath,
|
||||
...
|
||||
}:
|
||||
let
|
||||
bootUUID = "B2D7-96C3"; # The UUID of the boot partition.
|
||||
luksUUID = "f5ff391a-f2ef-4ac3-9ce8-9f5ed950b212"; # The UUID of the locked LUKS partition.
|
||||
rootUUID = "fed155a3-04ae-47c0-996d-0398faaa6a17"; # The UUID of the unlocked filesystem partition.
|
||||
in
|
||||
{
|
||||
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
|
||||
|
||||
|
@ -42,9 +47,9 @@
|
|||
"pinctrl_tigerlake"
|
||||
];
|
||||
|
||||
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
|
||||
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
|
||||
crypttabExtraOpts = [ "tpm2-device=auto" ];
|
||||
luks.devices."luks-${luksUUID}" = {
|
||||
device = "/dev/disk/by-uuid/${luksUUID}";
|
||||
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
|
||||
};
|
||||
};
|
||||
|
||||
|
@ -69,21 +74,19 @@
|
|||
];
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
|
||||
fsType = "btrfs";
|
||||
options = [ "subvol=@,compress=zstd,nodiscard" ];
|
||||
# Configure the main filesystem.
|
||||
aux.system.filesystem.btrfs = {
|
||||
enable = true;
|
||||
devices = {
|
||||
boot = "/dev/disk/by-uuid/${bootUUID}";
|
||||
btrfs = "/dev/disk/by-uuid/${rootUUID}";
|
||||
};
|
||||
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/DD2A-9C83";
|
||||
fsType = "vfat";
|
||||
swapFile = {
|
||||
enable = true;
|
||||
size = 16384;
|
||||
};
|
||||
};
|
||||
|
||||
swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
|
||||
|
||||
networking = {
|
||||
useDHCP = lib.mkDefault true;
|
||||
hostName = "Khanda";
|
||||
|
@ -106,5 +109,5 @@
|
|||
environment.systemPackages = with pkgs; [ libwacom-surface ];
|
||||
|
||||
# NOTE: Use a default kernel to skip full kernel rebuilds
|
||||
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue