diff options
| -rw-r--r-- | flake.nix | 72 |
1 files changed, 72 insertions, 0 deletions
@@ -68,6 +68,78 @@ environment.systemPackages = with pkgs; [ vim + (pkgs.writeShellApplication { + name = "connect-wifi"; + text = '' + vim ${config.networking.wireless.secretsFile} + systemctl restart wpa_supplicant.service + journalctl -xfeu wpa_supplicant.service + ''; + }) + (pkgs.writeShellApplication { + name = "format-disk"; + text = '' + DISK=/dev/"$1" + # create crypt + cryptsetup luksFormat "$DISK"2 + cryptsetup luksOpen "$DISK"2 crypt + until [ -e /dev/nixos ] + do + sleep 1 + done + # split into logical volumes + pvcreate /dev/mapper/crypt + vgcreate nixos /dev/mapper/crypt + echo '===================================================================' + echo '===================================================================' + echo ' lsmem' + echo '===================================================================' + lsmem + echo '===================================================================' + echo 'Input swapsize:' + read -r SWAPSIZE + lvcreate -L "$SWAPSIZE" --name swap nixos + lvcreate -l 100%FREE --name root nixos + # mount + mkswap /dev/nixos/swap + mkfs.ext4 /dev/nixos/root + mount /dev/nixos/root /mnt + # create luks keys + mkdir --parents /mnt/etc/luks/keys && pushd "$_" + dd bs=1k count=4 if=/dev/random of=master + dd bs=1k count=4 if=/dev/random of=tmp + chmod 400 master tmp + cryptsetup luksAddKey "$DISK"2 + popd + ''; + }) + (pkgs.writeShellApplication { + name = "mount-system"; + text = '' + DISK=/dev/"$1" + cryptsetup open "$DISK"2 crypt + until [ -e /dev/nixos ] + do + sleep 1 + done + mount /dev/nixos/root /mnt + swapon /dev/nixos/swap + mount "$DISK"1 /mnt/boot + ''; + }) + (pkgs.writeShellApplication { + name = "write-secrets"; + text = '' + for SERVICE in wpa_supplicant msmtp + do + DIR=/mnt/etc/"$SERVICE" + mkdir --parents "$DIR" + vim "$DIR"/secrets + chmod 500 "$DIR"/secrets || true + rm --dir "$DIR" || true + done + ''; + }) ]; } ) |