l hilum.r: create with disko, add script
This commit is contained in:
parent
18efc15b2a
commit
2b01c33282
53
lass/1systems/hilum/disk.nix
Normal file
53
lass/1systems/hilum/disk.nix
Normal file
|
@ -0,0 +1,53 @@
|
|||
{ lib, disk, ... }:
|
||||
{
|
||||
disk = {
|
||||
main = {
|
||||
type = "disk";
|
||||
device = disk;
|
||||
content = {
|
||||
type = "table";
|
||||
format = "gpt";
|
||||
partitions = [
|
||||
{
|
||||
name = "boot";
|
||||
type = "partition";
|
||||
start = "0";
|
||||
end = "1M";
|
||||
part-type = "primary";
|
||||
flags = ["bios_grub"];
|
||||
}
|
||||
{
|
||||
type = "partition";
|
||||
name = "ESP";
|
||||
start = "1MiB";
|
||||
end = "50%";
|
||||
fs-type = "fat32";
|
||||
bootable = true;
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "vfat";
|
||||
mountpoint = "/boot";
|
||||
};
|
||||
}
|
||||
{
|
||||
name = "root";
|
||||
type = "partition";
|
||||
start = "50%";
|
||||
end = "100%";
|
||||
content = {
|
||||
type = "luks";
|
||||
name = "hilum_luks";
|
||||
# keyFile = "/tmp/secret.key";
|
||||
content = {
|
||||
type = "filesystem";
|
||||
format = "xfs";
|
||||
mountpoint = "/";
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
27
lass/1systems/hilum/flash-stick.sh
Normal file
27
lass/1systems/hilum/flash-stick.sh
Normal file
|
@ -0,0 +1,27 @@
|
|||
#!/bin/sh
|
||||
set -efux
|
||||
|
||||
disk=$1
|
||||
|
||||
export NIXPKGS_ALLOW_UNFREE=1
|
||||
stockholm_root=$(git rev-parse --show-toplevel)
|
||||
ssh root@localhost -t -- $(nix-build \
|
||||
--no-out-link \
|
||||
-I nixpkgs=/var/src/nixpkgs \
|
||||
-I stockholm="$stockholm_root" \
|
||||
-I secrets="$stockholm_root"/lass/2configs/tests/dummy-secrets \
|
||||
-E "with import <nixpkgs> {}; (pkgs.nixos [ { mainDisk = \"$disk\"; disko.rootMountPoint = \"/mnt/hilum\"; } ./physical.nix ]).mountScript"
|
||||
)
|
||||
$(nix-build \
|
||||
--no-out-link \
|
||||
-I nixpkgs=/var/src/nixpkgs \
|
||||
"$stockholm_root"/lass/krops.nix -A populate \
|
||||
--argstr name hilum \
|
||||
--argstr target "root@localhost/mnt/hilum/var/src" \
|
||||
--arg force true
|
||||
)
|
||||
ssh root@localhost << SSH
|
||||
nixos-install --no-root-password --root /mnt/hilum -I /var/src
|
||||
nixos-enter --root /mnt/hilum -- nixos-rebuild -I /var/src switch --install-bootloader
|
||||
umount -Rv /mnt/hilum
|
||||
SSH
|
|
@ -1,11 +1,24 @@
|
|||
{ lib, pkgs, ... }:
|
||||
{ config, lib, pkgs, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./config.nix
|
||||
<nixpkgs/nixos/modules/installer/scan/not-detected.nix>
|
||||
{
|
||||
# nice hack to carry around state passed impurely at the beginning
|
||||
options.mainDisk = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
default = builtins.readFile "/etc/hilum-disk";
|
||||
};
|
||||
config.environment.etc.hilum-disk.text = config.mainDisk;
|
||||
}
|
||||
];
|
||||
|
||||
disko.devices = import ./disk.nix {
|
||||
inherit lib;
|
||||
disk = config.mainDisk;
|
||||
};
|
||||
|
||||
boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "xhci_pci" "usb_storage" "sd_mod" "sdhci_pci" ];
|
||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||
boot.kernelModules = [ "kvm-intel" ];
|
||||
|
@ -13,21 +26,9 @@
|
|||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.efiSupport = true;
|
||||
boot.loader.grub.device = "/dev/disk/by-id/usb-General_USB_Flash_Disk_0374116060006128-0:0";
|
||||
boot.loader.grub.device = config.mainDisk;
|
||||
boot.loader.grub.efiInstallAsRemovable = true;
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "/dev/disk/by-uuid/6db29cdd-ff64-496d-b541-5f1616665dc2";
|
||||
fsType = "ext4";
|
||||
};
|
||||
|
||||
boot.initrd.luks.devices."usb_nix".device = "/dev/disk/by-uuid/3c8ab3af-57fb-4564-9e27-b2766404f5d4";
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/2B9E-5131";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices = [ ];
|
||||
|
||||
nix.maxJobs = lib.mkDefault 4;
|
||||
|
|
Loading…
Reference in a new issue