From 7c6cd621311aa6b4fd6bdd4100861591a646eb4d Mon Sep 17 00:00:00 2001 From: "quentin@aristote.fr" Date: Sat, 28 Feb 2026 23:07:50 +0100 Subject: add useful bootstrapping scripts --- flake.nix | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) diff --git a/flake.nix b/flake.nix index d4a3100..4f7943e 100644 --- a/flake.nix +++ b/flake.nix @@ -68,6 +68,78 @@ environment.systemPackages = with pkgs; [ vim + (pkgs.writeShellApplication { + name = "connect-wifi"; + text = '' + vim ${config.networking.wireless.secretsFile} + systemctl restart wpa_supplicant.service + journalctl -xfeu wpa_supplicant.service + ''; + }) + (pkgs.writeShellApplication { + name = "format-disk"; + text = '' + DISK=/dev/"$1" + # create crypt + cryptsetup luksFormat "$DISK"2 + cryptsetup luksOpen "$DISK"2 crypt + until [ -e /dev/nixos ] + do + sleep 1 + done + # split into logical volumes + pvcreate /dev/mapper/crypt + vgcreate nixos /dev/mapper/crypt + echo '===================================================================' + echo '===================================================================' + echo ' lsmem' + echo '===================================================================' + lsmem + echo '===================================================================' + echo 'Input swapsize:' + read -r SWAPSIZE + lvcreate -L "$SWAPSIZE" --name swap nixos + lvcreate -l 100%FREE --name root nixos + # mount + mkswap /dev/nixos/swap + mkfs.ext4 /dev/nixos/root + mount /dev/nixos/root /mnt + # create luks keys + mkdir --parents /mnt/etc/luks/keys && pushd "$_" + dd bs=1k count=4 if=/dev/random of=master + dd bs=1k count=4 if=/dev/random of=tmp + chmod 400 master tmp + cryptsetup luksAddKey "$DISK"2 + popd + ''; + }) + (pkgs.writeShellApplication { + name = "mount-system"; + text = '' + DISK=/dev/"$1" + cryptsetup open "$DISK"2 crypt + until [ -e /dev/nixos ] + do + sleep 1 + done + mount /dev/nixos/root /mnt + swapon /dev/nixos/swap + mount "$DISK"1 /mnt/boot + ''; + }) + (pkgs.writeShellApplication { + name = "write-secrets"; + text = '' + for SERVICE in wpa_supplicant msmtp + do + DIR=/mnt/etc/"$SERVICE" + mkdir --parents "$DIR" + vim "$DIR"/secrets + chmod 500 "$DIR"/secrets || true + rm --dir "$DIR" || true + done + ''; + }) ]; } ) -- cgit v1.2.3