wip test machine
This commit is contained in:
RingOfStorms (Joshua Bell)
parent
60f94c752d
commit
9e13bd7c09
2 changed files with 239 additions and 146 deletions
147
readme.md
147
readme.md
|
|
@ -1,149 +1,4 @@
|
|||
## TODO working on changes to this now
|
||||
|
||||
#### Old config before granular module + flakes
|
||||
|
||||
<https://git.joshuabell.xyz/ringofstorms/dotfiles/src/commit/741363b361dbb1f7f08dad81c3d7b3bd2cdae093>
|
||||
|
||||
### Old Config prior to per system flake approach
|
||||
|
||||
<https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/6527f67145fe047df57b4778c154dde580ec04c4>
|
||||
|
||||
### Old modules from multi branch flake approach
|
||||
|
||||
- [common](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/a3df616bee120e8427728c6e6a642686d6efb96d)
|
||||
- [de_gnome](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/2434f4858db4b5ddb095d5a7d8bdb05890c48bb4)
|
||||
- [de_cosmic](https://git.joshuabell.x/ringofstormsyz/dotfiles/~files/f2ecd63921dd826b138dab2ba431085c31a151d1)
|
||||
- [de_hyperland](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/ecb652f6e331312b401488140c583cabdcb0deba)
|
||||
- [secrets](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/5f3633d5f7c729b8e8fc2805d2751e7c006a6f7a)
|
||||
- [nebula](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/70cea59e9f1f750fd0aee8cde8cd54aee8601336)
|
||||
- [stormd](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/765c7f4436db03936960373ff77dc2d41f0c4cd5)
|
||||
- [home_manager](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/df0c4e95ac6b056202c4ec6fabfcfa5bd205a0b4)
|
||||
- [boot_grub](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/f00b3d38ec2dd62741a84d706f88c0c3bdd60784)
|
||||
- [boot_systemd](https://git.joshuabell.xyz/ringofstorms/dotfiles/~files/3155d8a57286aefb835476617ba6d4df92b83013)
|
||||
|
||||
# First Install on new Machine
|
||||
|
||||
## NixOS install
|
||||
|
||||
1. Install nix minimal: (new with btrfs backing)
|
||||
|
||||
```bash
|
||||
# Partition main drive with btrfs
|
||||
# tip: lsblk
|
||||
export D=sda # or whatever drive we will be installing on
|
||||
|
||||
# Partitioning
|
||||
echo "Creating partitions on $D..."
|
||||
parted /dev/$D -- mklabel gpt # make GPT partition table
|
||||
parted /dev/$D -- mkpart NIXROOT 2GB 100% # make root partition (2GB offset for boot)
|
||||
parted /dev/$D -- mkpart ESP fat32 1MB 2GB # make boot partition, 1MB alignment offset
|
||||
parted /dev/$D -- set 2 esp on # make boot partition bootable
|
||||
|
||||
# NOTE this is not bulletproof, check actual name and set these appropriately
|
||||
export ROOT=$D"1"
|
||||
export BOOT=$D"2"
|
||||
|
||||
# Anything else to partition before moving on?
|
||||
|
||||
# Encryption Luks (optional)
|
||||
export ENC=true
|
||||
cryptsetup luksFormat /dev/$ROOT
|
||||
cryptsetup luksOpen /dev/$ROOT cryptroot
|
||||
|
||||
if [ $ENC = true ]; then ROOTP="/dev/mapper/cryptroot" ; else ROOTP="/dev/$ROOT"; fi
|
||||
|
||||
# Formatting
|
||||
mkfs.fat -F 32 -n NIXBOOT /dev/$BOOT
|
||||
mkfs.btrfs -fL NIXROOT $ROOTP
|
||||
|
||||
# Subvolumes
|
||||
prompt="Use subvolumes for nix store and snapshots?" var=SUBV && read -r -p "$prompt (y/n) [n]: " resp && resp=$(echo "$resp" | tr '[:upper:]' '[:lower:]'); [[ "$resp" == "y" || "$resp" == "yes" || "$resp" == "1" ]] && export $var=true || export $var=false
|
||||
if [ $SUBV = true ]; then
|
||||
mount $ROOTP /mnt
|
||||
btrfs subvolume create /mnt/root
|
||||
btrfs subvolume create /mnt/nix
|
||||
btrfs subvolume create /mnt/snapshots
|
||||
btrfs subvolume create /mnt/swap
|
||||
umount /mnt
|
||||
fi
|
||||
|
||||
if [ $SUBV = true ]; then
|
||||
mount -o subvol=root,compress=zstd,noatime $ROOTP /mnt
|
||||
mkdir -p /mnt/{nix,boot,.snapshots,.swap}
|
||||
chattr +C /mnt/.swap
|
||||
mount -o subvol=nix,compress=zstd,noatime $ROOTP /mnt/nix
|
||||
mount -o subvol=snapshots,compress=zstd,noatime $ROOTP /mnt/.snapshots
|
||||
mount -o subvol=swap,noatime $ROOTP /mnt/.swap
|
||||
btrfs property set /mnt/.swap compression none
|
||||
mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot
|
||||
else
|
||||
mount -o compress=zstd,noatime $ROOTP /mnt
|
||||
mkdir -p /mnt/boot
|
||||
mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot
|
||||
fi
|
||||
|
||||
echo "Generating nixos-config..."
|
||||
nixos-generate-config --root /mnt
|
||||
|
||||
prompt="Add swap file?" var=SWP && read -r -p "$prompt (y/n) [n]: " resp && resp=$(echo "$resp" | tr '[:upper:]' '[:lower:]'); [[ "$resp" == "y" || "$resp" == "yes" || "$resp" == "1" ]] && export $var=true || export $var=false
|
||||
if [ $SWP = true ]; then
|
||||
SIZE=$(grep MemTotal /proc/meminfo | awk 'function ceil(x, y){y=int(x); return(x>y? y+1:y)} {print ceil($2/1024/1024)}')
|
||||
read -r -p "Custom size in GB? [$SIZE]" SIZE_OVERRIDE
|
||||
SIZE="${SIZE_OVERRIDE:-$SIZE}"
|
||||
|
||||
if [ $SUBV = true ]; then
|
||||
SWAP_DEVICE=' swapDevices = [ { device = "/.swap/file"; size = '$SIZE' * 1024; } ];'
|
||||
else
|
||||
SWAP_DEVICE=' swapDevices = [ { device = "/.swapfile"; size = '$SIZE' * 1024; } ];'
|
||||
fi
|
||||
sed -i "/swapDevices/c\\$SWAP_DEVICE" /mnt/etc/nixos/hardware-configuration.nix
|
||||
echo "Added swap device to hardware configuration"
|
||||
fi
|
||||
|
||||
echo "Getting initial config for Jason"
|
||||
curl -o /mnt/etc/nixos/jason.nix https://gist.joshuabell.xyz/ringofstorms/jason-nix/raw/HEAD/jason.nix
|
||||
sed -i '/\.\/hardware-configuration.nix/a \ ./jason.nix' /mnt/etc/nixos/configuration.nix
|
||||
echo "Added config to imports of configuration.nix"
|
||||
|
||||
echo "Installing nixos"
|
||||
sudo nixos-install
|
||||
```
|
||||
|
||||
- Partitions
|
||||
- `parted /dev/DEVICE -- mklabel gpt` - make GPT partition table
|
||||
- `parted /dev/DEVICE -- mkpart NIXROOT 2GB 100%` - make root partition (2GB offset for boot)
|
||||
- `parted /dev/DEVICE -- mkpart ESP fat32 1MB 2GB` - make boot partition (2GB)
|
||||
- `parted /dev/DEVICE -- set 2 esp on` - make boot bootable
|
||||
- LUKS Encryption (optional)
|
||||
- `cryptsetup luksFormat /dev/DEVICE_1`
|
||||
- Create passphrase and save to bitwarden
|
||||
- `cryptsetup luksOpen /dev/DEVUCE_1 cryptroot`
|
||||
- Create keyfile for auto-unlock (optional)
|
||||
- `dd if=/dev/random of=/tmp/keyfile_DEVICE_1 bs=1024 count=4`
|
||||
- `chmod 400 /tmp/keyfile`
|
||||
- `cryptsetup luksAddKey /dev/DEVICE_1 /tmp/keyfile_DEVICE_1`
|
||||
- Formatting
|
||||
- `mkfs.btrfs -L NIXROOT /dev/mapper/cryptroot`
|
||||
- `/dev/sda1` if not encyrpted instead of dev mapper cryptroot
|
||||
- `mkfs.fat -F 32 -n NIXBOOT /dev/DEVICE_2`
|
||||
- Create btrfs subvolumes (optional: for better snapshot perf)
|
||||
- `mount /dev/mapper/cryptroot /mnt` (`/dev/sda1` for non encrypted)
|
||||
- `btrfs subvolume create /mnt/root`
|
||||
- `btrfs subvolume create /mnt/nix`
|
||||
- `btrfs subvolume create /mnt/snapshots`
|
||||
- `umount /mnt`
|
||||
- Mount (with sub vols above)
|
||||
- `mount -o subvol=root,compress=zstd,noatime /dev/mapper/cryptroot /mnt`
|
||||
- `mkdir -p /mnt/{nix,boot,.snapshots}`
|
||||
- `mount -o subvol=nix,compress=zstd,noatime /dev/mapper/cryptroot /mnt/nix`
|
||||
- `mount -o subvol=snapshots,compress=zstd,noatime /dev/mapper/cryptroot /mnt/.snapshots`
|
||||
- `mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot`
|
||||
- Mount (with no sub vols)
|
||||
- `mount -o compress=zstd,noatime /dev/mapper/cryptroot /mnt`
|
||||
- `mkdir -p /mnt/boot`
|
||||
- `mount -o umask=077 /dev/disk/by-label/NIXBOOT /mnt/boot`
|
||||
- Add SWAP device (optional)
|
||||
- in hardware config
|
||||
# TODO a good readme
|
||||
|
||||
```nix
|
||||
swapDevices = [
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue