2021-12-02 18:39:48 +00:00
|
|
|
# Provisioning
|
|
|
|
|
2021-12-03 20:52:53 +00:00
|
|
|
NixOS installation:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
# Physical partitions
|
|
|
|
sudo parted /dev/disk/by-id/example -- mklabel gpt
|
|
|
|
sudo parted /dev/disk/by-id/example -- mkpart pv-enc 512MiB 100%
|
|
|
|
sudo parted /dev/disk/by-id/example -- mkpart ESP fat32 1MiB 512MiB
|
|
|
|
sudo parted /dev/disk/by-id/example -- set 2 esp on
|
|
|
|
|
|
|
|
# Encryption
|
|
|
|
sudo cryptsetup luksFormat /dev/disk/by-partlabel/pv-enc
|
|
|
|
sudo cryptsetup luksOpen /dev/disk/by-partlabel/pv-enc pv
|
|
|
|
|
|
|
|
# Logical volumes
|
|
|
|
sudo pvcreate /dev/mapper/pv
|
|
|
|
sudo vgcreate vg /dev/mapper/pv
|
|
|
|
sudo lvcreate --name swap --size 4G vg
|
|
|
|
sudo lvcreate --name root --extents '100%FREE' vg
|
|
|
|
|
|
|
|
# Filesystems
|
|
|
|
sudo mkfs.fat -F 32 -n boot /dev/disk/by-partlabel/ESP
|
|
|
|
sudo mkswap --label swap /dev/vg/swap
|
|
|
|
sudo mkfs.ext4 -L root /dev/vg/root
|
|
|
|
|
|
|
|
# Manual mounts
|
|
|
|
sudo swapon /dev/disk/by-label/swap
|
|
|
|
sudo mount /dev/disk/by-label/root /mnt
|
|
|
|
sudo mkdir /mnt/boot
|
|
|
|
sudo mount /dev/disk/by-label/boot /mnt/boot
|
|
|
|
|
|
|
|
# NixOS configuration
|
|
|
|
sudo nixos-generate-config --root /mnt
|
|
|
|
|
|
|
|
# NixOS installation
|
|
|
|
sudo nixos-install --no-root-passwd
|
|
|
|
```
|
|
|
|
|
|
|
|
Configuration structure:
|
|
|
|
|
2021-12-02 18:39:48 +00:00
|
|
|
```bash
|
|
|
|
git clone 'git@gitlab.com:Andrew/configuration.git' "$HOME/src/configuration"
|
|
|
|
ln -s "$HOME/src/configuration/hosts/$HOST/nixos.nix" '/etc/nixos/configuration.nix'
|
|
|
|
ln -s "$HOME/src/configuration/hosts/$HOST/home.nix" "$HOME/.config/nixpkgs/home.nix"
|
|
|
|
```
|
2021-12-03 20:52:53 +00:00
|
|
|
|
|
|
|
Host-specific secrets:
|
|
|
|
|
|
|
|
```bash
|
|
|
|
pamu2fcfg > "$HOME/src/configuration/hosts/$HOST/local/andrew.u2f" # Keychain
|
|
|
|
pamu2fcfg -n >> "$HOME/src/configuration/hosts/$HOST/local/andrew.u2f" # Backup
|
|
|
|
```
|