1
0
Fork 0

Khanda: Finalize new config

This commit is contained in:
Aires 2024-07-03 15:10:33 -04:00
parent 22e2e4d8d2
commit ad94f7f0fd
2 changed files with 25 additions and 24 deletions

View file

@ -7,18 +7,20 @@ set -e
# Configuration parameters
ask_root_password=true # Prompt for a root user password
flakeDir="." # Where the flake.nix file is stored
boot_drive="/dev/disk/by-uuid/whatever" # The drive to install the bootloader to
root_drive="/dev/disk/by-id/whatever" # The partition to install NixOS to
boot_drive="/dev/disk/by-uuid/B2D7-96C3" # The drive to install the bootloader to
luks_drive="/dev/nvme0n1p2"
root_drive="/dev/mapper/nixos-crypt" # The partition to install NixOS to
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit 1
fi
cryptsetup --allow-discards --label=nixos-crypt --type=luks2 luksFormat $root_drive
# FIXME: Need to get the UUID from the newly-created LUKS partition, then use it going forward.
cryptsetup --label=nixos-crypt --type=luks2 luksFormat $root_drive
cryptsetup luksOpen $root_drive nixos-crypt
mkfs.btrfs -L nixos $root_drive
mount /dev/mapper/nixos-crypt /mnt
mkfs.btrfs -L nixos /mnt
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@log
@ -33,10 +35,6 @@ mount -o subvol=@home $root_drive /mnt/home
mount -o subvol=@log $root_drive /mnt/var/log
mount -o subvol=@nix $root_drive /mnt/nix
mount -o subvol=@swap $root_drive /mnt/swap
# Create swapfile
btrfs filesystem mkswapfile --size $(free -h --si | grep Mem: | awk '{print $2}') --uuid clear /mnt/swap/swapfile
echo "Disks partitioned and mounted to /mnt."
# Generate hardware-configuration.nix
@ -46,7 +44,7 @@ echo "Configuration files generated and saved to /home/nixos."
echo "Setup complete!"
echo "To install, set up your system's configuration files under ./hosts/yourHost and add it to flake.nix."
echo "Then, run the following command:"
echo "nixos-install --verbose --root /mnt --flake $flakeDir.#yourHost $( (( ask_root_password == false )) && echo "--no-root-password" )"
echo "nixos-install --verbose --root /mnt --flake $flakeDir#Khanda --max-jobs 1 --cores 10 $( (( ask_root_password == false )) && echo "--no-root-password" )"
exit 0

View file

@ -6,6 +6,11 @@
modulesPath,
...
}:
let
bootUUID = "B2D7-96C3"; # The UUID of the boot partition.
luksUUID = "f5ff391a-f2ef-4ac3-9ce8-9f5ed950b212"; # The UUID of the locked LUKS partition.
rootUUID = "fed155a3-04ae-47c0-996d-0398faaa6a17"; # The UUID of the unlocked filesystem partition.
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
@ -42,9 +47,9 @@
"pinctrl_tigerlake"
];
luks.devices."luks-bd1fe396-6740-4e7d-af2c-26ca9a3031f1" = {
device = "/dev/disk/by-uuid/bd1fe396-6740-4e7d-af2c-26ca9a3031f1";
crypttabExtraOpts = [ "tpm2-device=auto" ];
luks.devices."luks-${luksUUID}" = {
device = "/dev/disk/by-uuid/${luksUUID}";
crypttabExtraOpts = [ "tpm2-device=auto" ]; # Enable TPM auto-unlocking
};
};
@ -69,21 +74,19 @@
];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/b34afd29-94ff-421b-bb96-8497951abf58";
fsType = "btrfs";
options = [ "subvol=@,compress=zstd,nodiscard" ];
# Configure the main filesystem.
aux.system.filesystem.btrfs = {
enable = true;
devices = {
boot = "/dev/disk/by-uuid/${bootUUID}";
btrfs = "/dev/disk/by-uuid/${rootUUID}";
};
"/boot" = {
device = "/dev/disk/by-uuid/DD2A-9C83";
fsType = "vfat";
swapFile = {
enable = true;
size = 16384;
};
};
swapDevices = [ { device = "/dev/disk/by-uuid/8c2519d9-3e47-4aa1-908d-98b1aa8b909d"; } ];
networking = {
useDHCP = lib.mkDefault true;
hostName = "Khanda";
@ -106,5 +109,5 @@
environment.systemPackages = with pkgs; [ libwacom-surface ];
# NOTE: Use a default kernel to skip full kernel rebuilds
# boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
}