ma shack-autoinstall: add WIP
This commit is contained in:
parent
443b88738a
commit
ff97cafacf
49
makefu/1systems/shack-autoinstall/config.nix
Normal file
49
makefu/1systems/shack-autoinstall/config.nix
Normal file
|
@ -0,0 +1,49 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
with import <stockholm/lib>;
|
||||
let
|
||||
disk = "/dev/sda";
|
||||
in {
|
||||
imports = [
|
||||
<stockholm/makefu>
|
||||
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix>
|
||||
<nixpkgs/nixos/modules/installer/cd-dvd/channel.nix>
|
||||
<stockholm/makefu/2configs/tools/core.nix>
|
||||
];
|
||||
# TODO: NIX_PATH and nix.nixPath are being set by default.nix right now
|
||||
# cd ~/stockholm ; nix-build -A config.system.build.isoImage -I nixos-config=makefu/1systems/iso.nix -I secrets=/home/makefu/secrets/iso /var/src/nixpkgs/nixos
|
||||
krebs.build.host = config.krebs.hosts.iso;
|
||||
krebs.hidden-ssh.enable = true;
|
||||
|
||||
environment.extraInit = ''
|
||||
EDITOR=vim
|
||||
'';
|
||||
# iso-specific
|
||||
boot.kernelParams = [ "copytoram" ];
|
||||
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.parted
|
||||
( pkgs.writeScriptBin "shack-install" ''
|
||||
#! /bin/sh
|
||||
echo "go ahead and try NIX_PATH=/root/.nix-defexpr/channels/ nixos-install"
|
||||
'')
|
||||
];
|
||||
|
||||
systemd.services.wpa_supplicant.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||
|
||||
networking.wireless = {
|
||||
enable = true;
|
||||
networks.shack.psk = "welcome2shack";
|
||||
};
|
||||
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
hostKeys = [
|
||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||
];
|
||||
};
|
||||
# enable ssh in the iso boot process
|
||||
systemd.services.sshd.wantedBy = lib.mkForce [ "multi-user.target" ];
|
||||
}
|
5
makefu/1systems/shack-autoinstall/grub-partition.sh
Normal file
5
makefu/1systems/shack-autoinstall/grub-partition.sh
Normal file
|
@ -0,0 +1,5 @@
|
|||
#!/bin/sh
|
||||
set -euf
|
||||
parted -s ${disk} mklabel msdos
|
||||
parted -s ${disk} -- mkpart primary linux-swap 1M 4096M
|
||||
parted -s ${disk} -- mkpart primary ext2 4096M 100%
|
231
makefu/1systems/shack-autoinstall/shack-config.nix
Normal file
231
makefu/1systems/shack-autoinstall/shack-config.nix
Normal file
|
@ -0,0 +1,231 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
# TODO:
|
||||
];
|
||||
|
||||
# shacks-specific
|
||||
networking.wireless = {
|
||||
enable = true;
|
||||
networks.shack.psk = "181471eb97eb23f12c6871227bc4a7b13c8f6af56dcc0d0e8b71f4d7a510cb4e";
|
||||
};
|
||||
networking.hostName = "shackbook";
|
||||
|
||||
boot.tmpOnTmpfs = true;
|
||||
|
||||
users.users.shack = {
|
||||
createHome = true;
|
||||
useDefaultShell = true;
|
||||
home = "/home/shack";
|
||||
uid = 9001;
|
||||
packages = with pkgs;[
|
||||
chromium
|
||||
firefox
|
||||
];
|
||||
extraGroups = [ "audio" "wheel" ];
|
||||
hashedPassword = "$6$KIxlQTLEnKl7cwC$LrmbwZ64Mlm7zqUUZ0EObPJMES3C0mQ6Sw7ynTuXzUo7d9EWg/k5XCGkDHMFvL/Pz19Awcv0knHB1j3dHT6fh/" ;
|
||||
};
|
||||
|
||||
environment.variables = let
|
||||
ca-bundle = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
in {
|
||||
EDITOR = lib.mkForce "vim";
|
||||
CURL_CA_BUNDLE = ca-bundle;
|
||||
GIT_SSL_CAINFO = ca-bundle;
|
||||
SSL_CERT_FILE = ca-bundle;
|
||||
};
|
||||
|
||||
services.printing = {
|
||||
enable = true;
|
||||
# TODO: shack-printer
|
||||
};
|
||||
|
||||
|
||||
environment.systemPackages = with pkgs;[
|
||||
parted
|
||||
ddrescue
|
||||
tmux
|
||||
jq git gnumake htop rxvt_unicode.terminfo
|
||||
(pkgs.vim_configurable.customize {
|
||||
name = "vim";
|
||||
vimrcConfig.customRC = ''
|
||||
set nocompatible
|
||||
syntax on
|
||||
set list
|
||||
set listchars=tab:▸\
|
||||
"set list listchars=tab:>-,trail:.,extends:>
|
||||
|
||||
filetype off
|
||||
filetype plugin indent on
|
||||
|
||||
colorscheme darkblue
|
||||
set background=dark
|
||||
|
||||
set number
|
||||
set relativenumber
|
||||
set mouse=a
|
||||
set ignorecase
|
||||
set incsearch
|
||||
set wildignore=*.o,*.obj,*.bak,*.exe,*.os
|
||||
set textwidth=79
|
||||
set shiftwidth=2
|
||||
set expandtab
|
||||
set softtabstop=2
|
||||
set shiftround
|
||||
set smarttab
|
||||
set tabstop=2
|
||||
set et
|
||||
set autoindent
|
||||
set backspace=indent,eol,start
|
||||
|
||||
|
||||
inoremap <F1> <ESC>
|
||||
nnoremap <F1> <ESC>
|
||||
vnoremap <F1> <ESC>
|
||||
|
||||
nnoremap <F5> :UndotreeToggle<CR>
|
||||
set undodir =~/.vim/undo
|
||||
set undofile
|
||||
"maximum number of changes that can be undone
|
||||
set undolevels=1000000
|
||||
"maximum number lines to save for undo on a buffer reload
|
||||
set undoreload=10000000
|
||||
|
||||
nnoremap <F2> :set invpaste paste?<CR>
|
||||
set pastetoggle=<F2>
|
||||
set showmode
|
||||
|
||||
set showmatch
|
||||
set matchtime=3
|
||||
set hlsearch
|
||||
|
||||
autocmd ColorScheme * highlight ExtraWhitespace ctermbg=red guibg=red
|
||||
|
||||
|
||||
" save on focus lost
|
||||
au FocusLost * :wa
|
||||
|
||||
autocmd BufRead *.json set filetype=json
|
||||
au BufNewFile,BufRead *.mustache set syntax=mustache
|
||||
|
||||
cnoremap SudoWrite w !sudo tee > /dev/null %
|
||||
|
||||
" create Backup/tmp/undo dirs
|
||||
set backupdir=~/.vim/backup
|
||||
set directory=~/.vim/tmp
|
||||
|
||||
function! InitBackupDir()
|
||||
let l:parent = $HOME . '/.vim/'
|
||||
let l:backup = l:parent . 'backup/'
|
||||
let l:tmpdir = l:parent . 'tmp/'
|
||||
let l:undodir= l:parent . 'undo/'
|
||||
|
||||
|
||||
if !isdirectory(l:parent)
|
||||
call mkdir(l:parent)
|
||||
endif
|
||||
if !isdirectory(l:backup)
|
||||
call mkdir(l:backup)
|
||||
endif
|
||||
if !isdirectory(l:tmpdir)
|
||||
call mkdir(l:tmpdir)
|
||||
endif
|
||||
if !isdirectory(l:undodir)
|
||||
call mkdir(l:undodir)
|
||||
endif
|
||||
endfunction
|
||||
call InitBackupDir()
|
||||
|
||||
augroup Binary
|
||||
" edit binaries in xxd-output, xxd is part of vim
|
||||
au!
|
||||
au BufReadPre *.bin let &bin=1
|
||||
au BufReadPost *.bin if &bin | %!xxd
|
||||
au BufReadPost *.bin set ft=xxd | endif
|
||||
au BufWritePre *.bin if &bin | %!xxd -r
|
||||
au BufWritePre *.bin endif
|
||||
au BufWritePost *.bin if &bin | %!xxd
|
||||
au BufWritePost *.bin set nomod | endif
|
||||
augroup END
|
||||
'';
|
||||
vimrcConfig.vam.knownPlugins = pkgs.vimPlugins;
|
||||
vimrcConfig.vam.pluginDictionaries = [
|
||||
{ names = [ "undotree" ]; }
|
||||
# vim-nix handles indentation better but does not perform sanity
|
||||
{ names = [ "vim-addon-nix" ]; ft_regex = "^nix\$"; }
|
||||
];
|
||||
})
|
||||
|
||||
];
|
||||
programs.bash = {
|
||||
enableCompletion = true;
|
||||
interactiveShellInit = ''
|
||||
HISTCONTROL='erasedups:ignorespace'
|
||||
HISTSIZE=900001
|
||||
HISTFILESIZE=$HISTSIZE
|
||||
shopt -s checkhash
|
||||
shopt -s histappend histreedit histverify
|
||||
shopt -s no_empty_cmd_completion
|
||||
PS1='\[\e[1;32m\]\w\[\e[0m\] '
|
||||
'';
|
||||
};
|
||||
|
||||
services.journald.extraConfig = ''
|
||||
SystemMaxUse=1G
|
||||
RuntimeMaxUse=128M
|
||||
'';
|
||||
nix = {
|
||||
package = pkgs.nixUnstable;
|
||||
optimise.automatic = true;
|
||||
useSandbox = true;
|
||||
gc.automatic = true;
|
||||
};
|
||||
|
||||
system.autoUpgrade.enable = true;
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.version = 2;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
fileSystems."/".options = [ "noatime" "nodiratime" "discard" ];
|
||||
|
||||
|
||||
# gui and stuff
|
||||
i18n = {
|
||||
consoleFont = "Lat2-Terminus16";
|
||||
consoleKeyMap = "us";
|
||||
defaultLocale = "en_US.UTF-8";
|
||||
};
|
||||
|
||||
fonts = {
|
||||
enableFontDir = true;
|
||||
enableGhostscriptFonts = true;
|
||||
fonts = [ pkgs.terminus_font ];
|
||||
};
|
||||
|
||||
time.timeZone = "Europe/Berlin";
|
||||
services.timesyncd.enable = true;
|
||||
|
||||
|
||||
# GUI
|
||||
hardware.pulseaudio.enable = true;
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
displayManager.auto.enable = true;
|
||||
displayManager.auto.user = "shack";
|
||||
|
||||
desktopManager.xfce.enable = true;
|
||||
|
||||
layout = "us";
|
||||
xkbVariant = "altgr-intl";
|
||||
xkbOptions = "ctrl:nocaps, eurosign:e";
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
hostKeys = [
|
||||
{ bits = 8192; type = "ed25519"; path = "/etc/ssh/ssh_host_ed25519_key"; }
|
||||
];
|
||||
};
|
||||
}
|
24
makefu/1systems/shack-autoinstall/uefi-partition.sh
Normal file
24
makefu/1systems/shack-autoinstall/uefi-partition.sh
Normal file
|
@ -0,0 +1,24 @@
|
|||
#!/bin/sh
|
||||
set -euf
|
||||
p(){
|
||||
parted -s ${disk} -- $@
|
||||
}
|
||||
p mklabel gpt
|
||||
p mkpart primary fat32 1M 551M
|
||||
p set 1 boot on
|
||||
p mkpart primary linux-swap 51M 4647M
|
||||
p mkpart primary ext2 4647M 100%
|
||||
udevadm settle
|
||||
mkfs.fat -nboot -F32 /dev/sda1
|
||||
|
||||
udevadm settle
|
||||
mkswap ${disk}2 -L swap
|
||||
swapon -L swap
|
||||
mkfs.ext4 -L nixos ${disk}3
|
||||
mount LABEL=nixos /mnt
|
||||
mkdir /mnt/boot
|
||||
mount LABEL=boot /mnt/boot
|
||||
|
||||
mkdir -p /mnt/etc/nixos
|
||||
cp ${./shack-config.nix} /mnt/etc/nixos/configuration.nix
|
||||
nixos-generate-config --root /mnt
|
Loading…
Reference in a new issue